urlquery - report: jlhtie.com/

Overview

URL	jlhtie.com/
IP	154.86.232.137
ASN	DXTL Tseung Kwan O Service
Location	Hong Kong
Report completed	2022-07-07 01:16:02 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-07	2	jlhtie.com/	Phishing
2022-07-07	2	www.jlhtie.com/index.php	Phishing
2022-07-07	2	www.jlhtie.com/common.js	Phishing
2022-07-07	2	www.jlhtie.com/tj.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Added / Verified	Severity	Host	Comment
2022-07-06	2	nrxduw5.com	Sinkholed
2022-07-06	2	nrxduw5.com	Sinkholed

Files

No files detected

Passive DNS (28)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	jlhtie.com (1)	0	No data	No data	154.86.232.137	Unknown ranking
[Mnemonic Passive DNS]	tgqd.tsmgsoce.com (1)	0	No data	No data	172.67.217.11	Unknown ranking
[Mnemonic Passive DNS]	ocsp.sectigo.com (11)	487	2018-12-17 11:31:55 UTC	2022-07-06 16:56:01 UTC	172.64.155.188
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-06 04:55:23 UTC	54.230.111.14
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-06 19:05:02 UTC	93.184.220.29
[Mnemonic Passive DNS]	ocsp.globalsign.com (1)	2075	2012-05-25 06:20:55 UTC	2022-07-06 04:55:58 UTC	151.101.86.133
[Mnemonic Passive DNS]	www.hlgav.xyz (7)	0	No data	No data	154.13.7.23	Unknown ranking
[Mnemonic Passive DNS]	tmrhoe2.com (1)	0	2022-05-23 04:51:36 UTC	2022-07-06 16:52:39 UTC	103.170.15.79	Unknown ranking
[Mnemonic Passive DNS]	pic.rmb.bdstatic.com (1)	25157	2017-02-01 17:01:36 UTC	2022-07-06 08:54:50 UTC	185.10.104.115
[Mnemonic Passive DNS]	rgjeow3.com (1)	0	2022-03-23 06:48:07 UTC	2022-07-06 14:04:51 UTC	45.61.212.46	Unknown ranking
[Mnemonic Passive DNS]	www.jlhtie.com (4)	0	No data	No data	154.86.232.137	Unknown ranking
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-06 04:47:23 UTC	34.215.40.77
[Mnemonic Passive DNS]	aooacctp.com (2)	0	No data	No data	104.21.234.187	Unknown ranking
[Mnemonic Passive DNS]	ocsp2.globalsign.com (1)	1544	2012-05-21 07:12:19 UTC	2022-07-06 04:56:10 UTC	151.101.86.133
[Mnemonic Passive DNS]	xox9325.com (1)	0	2022-06-08 06:47:24 UTC	2022-07-06 22:11:28 UTC	45.61.212.46	Unknown ranking
[Mnemonic Passive DNS]	6745jj.com (1)	0	No data	No data	104.233.158.17	Unknown ranking
[Mnemonic Passive DNS]	gezkdx7.com (1)	0	2022-03-21 06:27:17 UTC	2022-07-06 13:13:51 UTC	45.61.212.46	Unknown ranking
[Mnemonic Passive DNS]	dfwskw7.com (1)	0	2022-04-25 14:56:55 UTC	2022-07-06 18:20:55 UTC	45.61.212.225	Unknown ranking
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	statuse.digitalcertvalidation.com (1)	16484	2019-06-21 15:00:06 UTC	2022-07-06 12:49:14 UTC	93.184.220.29
[Mnemonic Passive DNS]	hm.baidu.com (6)	8254	2017-01-30 05:28:59 UTC	2022-07-06 06:26:28 UTC	103.235.46.191
[Mnemonic Passive DNS]	701.oss-cn-hongkong.aliyuncs.com (1)	0	No data	No data	47.75.19.85	Domain (aliyuncs.com) ranked at: 1959
[Mnemonic Passive DNS]	nrxduw5.com (2)	0	2022-03-21 06:37:30 UTC	2022-07-06 22:58:42 UTC	45.61.212.46	Unknown ranking
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-07-06 04:41:34 UTC	23.36.76.226
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (7)	1631	2017-09-01 03:40:57 UTC	2022-07-06 17:02:11 UTC	34.120.237.76
[Mnemonic Passive DNS]	img.sewozyimg.com (26)	0	No data	No data	107.148.224.18	Unknown ranking
[Mnemonic Passive DNS]	tt-gif.com (1)	0	No data	No data	100.42.229.47	Unknown ranking

Recent reports on same IP/ASN/Domain

No other reports on IP: 154.86.232.137

Last 10 reports on ASN: DXTL Tseung Kwan O Service

Date	UQ / IDS / BL	URL	IP
2022-08-19 23:52:52 +0000	0 - 0 - 4	www.zgzxgrw.com/	154.218.122.2
2022-08-19 15:48:34 +0000	0 - 0 - 4	www.upskirts-tube.com/bk19/	156.240.143.2
2022-08-19 06:42:22 +0000	0 - 0 - 1	dota2bets.net/	154.214.119.97
2022-08-18 19:55:44 +0000	0 - 0 - 1	456nb.com/	154.219.181.84
2022-08-18 19:12:59 +0000	0 - 0 - 1	maiqige.com/	154.95.199.197
2022-08-18 18:42:38 +0000	0 - 0 - 5	ysxue8.com/	156.235.169.187
2022-08-18 18:10:15 +0000	0 - 0 - 5	www.dcltianyuan777.com/	154.218.65.187
2022-08-18 14:08:00 +0000	0 - 0 - 2	www.amigonerd.net/	154.86.223.57
2022-08-16 14:55:51 +0000	0 - 0 - 7	hxsdtv7com.com/	45.192.64.33
2022-08-16 14:18:24 +0000	0 - 0 - 7	www.ydshine.com/n8it/	154.95.152.85

No other reports on domain: jlhtie.com

JavaScript

Executed Scripts (9)

Executed Evals (1)

#1 JavaScript::Eval (size: 455, repeated: 1) - SHA256: 0fd9a57e931aa82989db46aac5a3fd72c2a5dd2471649332b45456fa7e81cb0b

                                        document.write('<title>]e5P/ؾ	Pl�</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="https://www.hlgav.xyz/"></iframe></div><style type="texts">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');

Executed Writes (1)

#1 JavaScript::Write (size: 436, repeated: 1) - SHA256: 7d933257924733677de5ec6638a1f76bba3080de8ee1f222c1e58dfbd35b8b13

                                        < title > ] e5P / ؾ Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="https:/ / www.hlgav.xyz / "></iframe></div><style type="
texts ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>

HTTP Transactions (92)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 07 Jul 2022 00:56:25 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: dP4y4PtV6IPc10pYR2GB3L_pjImzetn68w9v6siQeJTSkg7MnA19BQ== Age: 1164 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666" Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6591 Expires: Thu, 07 Jul 2022 03:05:40 GMT Date: Thu, 07 Jul 2022 01:15:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1bd93fff937cfdc8744b841243b93fd5 Sha1: 240c31be9cdaeb5d1e4f9e3558c812ba007e6d22 Sha256: 78a5dcfaf2d93d9c87cfb6dbc56100e9f22965d4500554ba65f71cb7d84dd666
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 06 Jul 2022 03:26:46 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: BHbWE73B3O5eEAZRWthSaWilm6FfHL2pyqWJRx3b3Wy4_yEx2nhuIQ== age: 78544 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:49 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: jlhtie.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	154.86.232.137 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Thu, 07 Jul 2022 01:15:49 GMT Content-Length: 0 Connection: keep-alive Location: http://www.jlhtie.com/index.php --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Thu, 07 Jul 2022 00:34:56 GMT Cache-Control: max-age=3600 Expires: Thu, 07 Jul 2022 01:11:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: O3tsiG_SBxJG6hAv8XjF-2QNZ0vxTebeaC44xgQCM6DGh_ycdhgZ4A== Age: 2454 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /index.php HTTP/1.1 Host: www.jlhtie.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (654), with CRLF line terminators Size: 581 Md5: 0beba8d7623775eca6e63f9752880e36$ 154.86.232.137 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Thu, 07 Jul 2022 01:15:49 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (654), with CRLF line terminators Size: 581 Md5: 0beba8d7623775eca6e63f9752880e36 Sha1: 9b993b36dfea592223cd1b460993919f1294b4a3 Sha256: 1058a1ddbac39de6f9ea9a162a770c8e9b5b557c36d0334ea8c65401f46076ef Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4357 Cache-Control: 'max-age=158059' Date: Thu, 07 Jul 2022 01:15:50 GMT Last-Modified: Thu, 07 Jul 2022 00:03:13 GMT Server: ECS (ska/F71D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 54a5ebdb4e3b060878632555583e462f Sha1: df627b311d6276eabf36fe1390a8219714839aed Sha256: 5c77d20265a9a328455b745ec5191e036ec35814586c1e6bcd1c8b2de01b3ff2
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: msASaQSxPna5u+0ZFnX2mQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	34.215.40.77 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: jN5UH1qsrpvV3mBeyi2rMY8nMBY= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /common.js HTTP/1.1 Host: www.jlhtie.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.jlhtie.com/index.php	$Magic: HTML document text\012- HTML document, ASCII text, with very long lines (440), with CRLF line terminators Size: 682 Md5: 985c63b7ab7df56a59e2f5cc0c4ba40b$ 154.86.232.137 HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Thu, 07 Jul 2022 01:15:50 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (440), with CRLF line terminators Size: 682 Md5: 985c63b7ab7df56a59e2f5cc0c4ba40b Sha1: c480bbf95c6c5f655351d940404acdf30b3ca092 Sha256: 0d892a9f2243e5f29c961befba0a21c0c69ce52bccfea9bba1fa3f9ed9c77707 Alerts: Blocklists: - fortinet: Phishing
GET /tj.js HTTP/1.1 Host: www.jlhtie.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.jlhtie.com/index.php	154.86.232.137 HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Thu, 07 Jul 2022 01:15:50 GMT Content-Length: 258 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 258 Md5: 410631c41aa1437ccd6094bc1254d5bf Sha1: ad3380d08cab0ea1f7207742bd069c6b926731d7 Sha256: af0d16e033c96d80c54c72dbb2f1ba52a492e6b103ada47c47cfdc92b918070e Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18985 Expires: Thu, 07 Jul 2022 06:32:15 GMT Date: Thu, 07 Jul 2022 01:15:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18985 Expires: Thu, 07 Jul 2022 06:32:15 GMT Date: Thu, 07 Jul 2022 01:15:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18985 Expires: Thu, 07 Jul 2022 06:32:15 GMT Date: Thu, 07 Jul 2022 01:15:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4243 Md5: 4dadb5bd9157f2899ea250117bf6655e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4243 x-amzn-requestid: 013a931d-b718-49de-a8e0-83dab66aa8b1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ugb38Ge7oAMFaRw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bcd9cc-375eb507376be9e156ed766e;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 23:01:32 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Z70oJQvoLMemVFsEoYEtvA5wA3jBZqBpFKMiAOABmXkQ8avGPVRESQ== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 16:49:27 GMT age: 30383 etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4243 Md5: 4dadb5bd9157f2899ea250117bf6655e Sha1: 5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3 Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7271 x-amzn-requestid: cec81cbd-de3f-4d78-85e6-5b1a51bc148f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U3Dp7GmtIAMFzgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c5e63f-7b0aeb393b5a87d65e40c8e3;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 19:45:03 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ePVvRFQ2fP52OzAesEQDL3uhCOjYKl7Nmr1NQ4gkwvuXCwu_TdKc3g== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:53:24 GMT age: 12146 etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac Sha1: 949707b56fd4aa6464f5f4a5d52b18ab72d307ff Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12294 Md5: 8b57e1aba0bce88ae13af9ccf60089bd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12294 x-amzn-requestid: 5bec92dd-8e32-40ad-95a7-9974235736f1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Utf-wHQzIAMFQzQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c21391-17f0206a62ac8b6732f8d934;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 22:09:21 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: LkFZDZvOu1_bHtVqMvJZkGgQjeiwikM8POQGvK8AlRzizFvNA1ISQw== via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 22:03:35 GMT age: 11535 etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12294 Md5: 8b57e1aba0bce88ae13af9ccf60089bd Sha1: 7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7 Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6737 x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeP9ZG93oAMFX6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw== via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 06:45:43 GMT age: 66607 etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de Sha1: 5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0584e039-a479-41c4-ad51-d842dbd32f7c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5198 Md5: cd4e7dda9491e473d4b36a87915a82df$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5198 x-amzn-requestid: f56b5dea-3209-4e32-985e-fbcb45c70e71 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U0xnWFKCIAMFe2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c4fc95-159a1632285a681d7478353a;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 03:08:05 GMT x-amz-cf-pop: SFO20-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jh8Cn-5251TNBafhSRsz0jUA8md-ZKQpjj_N1YYcUaVnJAYIdFAQ2A== via: 1.1 21e2c668bb54ebb4456425e394c3356a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:34:54 GMT age: 78056 etag: "76b2ac44ab4590c5345063d314975f483a61cb1f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5198 Md5: cd4e7dda9491e473d4b36a87915a82df Sha1: 76b2ac44ab4590c5345063d314975f483a61cb1f Sha256: f1e7681478f46029c90d707def4755f3d91a9f0b1d3509008bfca84d84a9634a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7249 Md5: 5c958b0c904620aff5f5f8a74f80d9f9$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7249 x-amzn-requestid: 865b5a9b-a852-4a12-8722-a9924f7390f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UhikQFDeoAMFRMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bd4ae7-373db7491a65d6700061bc8b;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 07:04:07 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: cG4rrc0FSLhmmqX7gfFNGDK4l_mL9KjUlyTg1MHHYHepJLjDyjg2Tw== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 06:39:20 GMT age: 66990 etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7249 Md5: 5c958b0c904620aff5f5f8a74f80d9f9 Sha1: 2f79d1e28bb827f7fa60b6675dba8022c28a1a3d Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
GET /favicon.ico HTTP/1.1 Host: www.jlhtie.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.jlhtie.com/index.php	$Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 7ef1f0a0093460fe46bb691578c07c95$ 154.86.232.137 HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx Date: Thu, 07 Jul 2022 01:15:50 GMT Content-Length: 1150 Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT Connection: keep-alive ETag: "4e0d81df-47e" Expires: Tue, 12 Jul 2022 01:15:50 GMT Cache-Control: max-age=432000 Accept-Ranges: bytes --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 7ef1f0a0093460fe46bb691578c07c95 Sha1: 2da3ffbbf4737ce4dae9488359de34034d1ebfbd Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "23762B1C5FE813769B4F853EFC335F6BCB5167C98521D291A05BD2E2771789B9" Last-Modified: Tue, 05 Jul 2022 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21575 Expires: Thu, 07 Jul 2022 07:15:26 GMT Date: Thu, 07 Jul 2022 01:15:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 46617336dada2d52b70436fb228d68a1 Sha1: 70eb5f147a38dde526fb461eca9ad050e3005bd3 Sha256: 23762b1c5fe813769b4f853efc335f6bcb5167c98521d291a05bd2e2771789b9
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	151.101.86.133 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Expires: Sun, 10 Jul 2022 23:41:28 GMT ETag: "f2797eff71810856ed0ea47e5a9d2764b8282435" Last-Modified: Wed, 06 Jul 2022 23:41:28 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 Via: 1.1 varnish, 1.1 varnish Content-Length: 1432 Accept-Ranges: bytes Date: Thu, 07 Jul 2022 01:15:51 GMT Age: 2446 Connection: keep-alive X-Served-By: cache-qpg1279-QPG, cache-bma1671-BMA X-Cache: HIT, HIT X-Cache-Hits: 1, 10 X-Timer: S1657156551.296718,VS0,VE0 --- Additional Info --- Magic: data Size: 1432 Md5: 884fe45024d6bf9f9c6df2c695c7b76b Sha1: f2797eff71810856ed0ea47e5a9d2764b8282435 Sha256: 1f31435b7fda1b3aef7f1e8eed29c024b4b1d9628bec8ab431a23901a80b0795
GET /pf2022.jpg HTTP/1.1 Host: tgqd.tsmgsoce.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 576x576, components 3\012- data Size: 23342 Md5: 7660372b7e830716e25deef41b32d08c$ 172.67.217.11 HTTP/2 200 OK date: Thu, 07 Jul 2022 01:15:51 GMT content-type: image/jpeg content-length: 23342 last-modified: Sat, 28 May 2022 08:46:59 GMT etag: "6291e183-5b2e" cache-control: max-age=14400 cf-cache-status: HIT age: 349 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggkh3PehpB0hK3MjLbqbzWagLQTxe5rSC4E0SHXq93%2BSpmYAPE4tfzWTK5nvx3bZLG2%2BQZ5fhk32uv1GWGUpzIrOkQ9WG2SSc%2BFseCk8uyOrCycFhRh%2BZx5McI%2FFnlbAOfP2JQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 726cbb3f8dd3b50f-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 576x576, components 3\012- data Size: 23342 Md5: 7660372b7e830716e25deef41b32d08c Sha1: 3346df51d6890cd8391c77a9ed597911c8a47323 Sha256: 642b78336be967e5264b8324d678d4ed106fb65c2a86d7764a3b35694787c01a
GET /template/m1938pc/static/css/footer.css HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/css content-length: 786 last-modified: Mon, 13 Sep 2021 12:37:30 GMT etag: "613f460a-312" expires: Thu, 07 Jul 2022 13:15:51 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 786 Md5: 035c39627f489e6f8371e06f956c23c2 Sha1: 14ac806f3909e4b3d2120ba39936867d292376f1 Sha256: 551bb1c2ffb8a2e628101cedb256030b199a6e1276b6d53cc62f7baf02ead8c7
GET /template/m1938pc/static/css/default.css HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/css content-length: 22 last-modified: Mon, 13 Sep 2021 12:37:30 GMT etag: "613f460a-16" expires: Thu, 07 Jul 2022 13:15:51 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 22 Md5: 99bd951428de1a6dea7746c9db4face5 Sha1: 45a7071d97b407a28143bafb878477fbfbd5dd05 Sha256: 4d4e1af3c62dde233082e14491f7627f63e370721e38f8f411a26270e18f4c1b
POST / HTTP/1.1 Host: statuse.digitalcertvalidation.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4242 Cache-Control: 'max-age=158059' Date: Thu, 07 Jul 2022 01:15:52 GMT Last-Modified: Thu, 07 Jul 2022 00:05:10 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f9bee999a76c88cd7eece15c3cb79498 Sha1: a25de7bf07f59496ae5afd93d9281f46308a8b1c Sha256: 3f312b60def1d20059137819d8c25bc22c259e7002d67dbeb515e57d3919564f
GET /logotp/xf17.gif HTTP/1.1 Host: aooacctp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 200 x 200\012- data Size: 1639812 Md5: 89f17a6c0e5ecfebd7d054e27f9829a9$ 104.21.234.187 HTTP/2 200 OK date: Thu, 07 Jul 2022 01:15:51 GMT content-type: image/gif content-length: 1639812 last-modified: Fri, 15 Apr 2022 17:52:25 GMT etag: "6259b0d9-190584" expires: Fri, 05 Aug 2022 17:23:38 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 28332 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpD0Iw0%2BwRi33YbY25vQzeGO%2FmD%2F1%2BjZWyqrN2GksaR5kexjzjMS2EaZAtHaTkXaKgGE5Kp7BkIJxX4nG0hHp2g%2B3vgm4Eqg%2B6ovyRk%2FROuNVvW7FyH5%2FCFl6TeCvdY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 726cbb40fca774f1-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 200 x 200\012- data Size: 1639812 Md5: 89f17a6c0e5ecfebd7d054e27f9829a9 Sha1: f8b87ba147f755491aa9753f750867d8349ced11 Sha256: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
GET /logotp/xfb09.gif HTTP/1.1 Host: aooacctp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 200 x 200\012- data Size: 443705 Md5: 8bc908398e73478d0b28d85191689891$ 104.21.234.187 HTTP/2 200 OK date: Thu, 07 Jul 2022 01:15:51 GMT content-type: image/gif content-length: 443705 last-modified: Fri, 15 Apr 2022 17:52:24 GMT etag: "6259b0d8-6c539" expires: Fri, 05 Aug 2022 17:23:38 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 28332 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YOd%2BhpfSfO7d1EsRyLJP7FWeVROV%2BL4kPpRl5%2BvOzla6PYcYTyv68y70GVjPUC18XRweTnIJ6eK5yCS9tqwPBnqiltBmb58%2BrupULIJKANcpx2jhQTqm2Y6fEjZdEs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 726cbb40fcad74f1-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 200 x 200\012- data Size: 443705 Md5: 8bc908398e73478d0b28d85191689891 Sha1: 5e9022d7583285c988d0acb55b6db7c920f3c3d0 Sha256: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 05 Jul 2022 18:07:39 GMT Expires: Tue, 12 Jul 2022 18:07:39 GMT ETag: CF89CC9EBD973306E73F7BFC7418BE52CE118C0B Cache-Control: max-age=492106,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp11 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb42ebd6b509-OSL --- Additional Info --- Magic: data Size: 472 Md5: 3ba22e7aa734e889862793f6656dba0f Sha1: cf89cc9ebd973306e73f7bfc7418be52ce118c0b Sha256: e44bea4fc37c7d7979a4cbd0894c84a21b7194e41a28567ca7accf2b91b8f2e6
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 05 Jul 2022 18:07:39 GMT Expires: Tue, 12 Jul 2022 18:07:39 GMT ETag: CF89CC9EBD973306E73F7BFC7418BE52CE118C0B Cache-Control: max-age=492106,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp7 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb42ebbeb4f4-OSL --- Additional Info --- Magic: data Size: 472 Md5: 3ba22e7aa734e889862793f6656dba0f Sha1: cf89cc9ebd973306e73f7bfc7418be52ce118c0b Sha256: e44bea4fc37c7d7979a4cbd0894c84a21b7194e41a28567ca7accf2b91b8f2e6
GET /template/m1938pc/static/css/main.css HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/css last-modified: Mon, 13 Sep 2021 12:37:28 GMT vary: Accept-Encoding etag: W/"613f4608-85b" expires: Thu, 07 Jul 2022 13:15:51 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1054 Md5: a3709f3afda6ec6c4fc5a22dc024b339 Sha1: 469c28e0ab28b1efe6fef4d73169bd7a2b78b9a5 Sha256: 59c43199769fcf0b4b375799acad4f7261031b33927579e3b16cce2d28936263
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 05 Jul 2022 18:07:39 GMT Expires: Tue, 12 Jul 2022 18:07:39 GMT ETag: CF89CC9EBD973306E73F7BFC7418BE52CE118C0B Cache-Control: max-age=492106,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp1 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb42ebcf0af6-OSL --- Additional Info --- Magic: data Size: 472 Md5: 3ba22e7aa734e889862793f6656dba0f Sha1: cf89cc9ebd973306e73f7bfc7418be52ce118c0b Sha256: e44bea4fc37c7d7979a4cbd0894c84a21b7194e41a28567ca7accf2b91b8f2e6
GET /template/m1938pc/static/css/index.css HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/css last-modified: Fri, 17 Sep 2021 00:57:20 GMT vary: Accept-Encoding etag: W/"6143e7f0-1839" expires: Thu, 07 Jul 2022 13:15:51 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1908 Md5: 74156e36c90ab7dcaa9c11c2b6e16efe Sha1: 2d96fb81a37cba50337a6420f362541b62e2af99 Sha256: a954b501cb215b26f8c23d2dc7a97b865893d129ac06aaec0fac1a01181bf7b1
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 04 Jul 2022 23:03:16 GMT Expires: Mon, 11 Jul 2022 23:03:16 GMT ETag: 2A5C7C710EF6B59DCFB60478898E216F67E691C0 Cache-Control: max-age=423443,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp2 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb439c1fb4f4-OSL --- Additional Info --- Magic: data Size: 472 Md5: 832399d18dc63cb028bfe67646cdbd2b Sha1: 2a5c7c710ef6b59dcfb60478898e216f67e691c0 Sha256: 6230b1fc1267229956d60a684dea06f5a81ce27cb347175d26c8a2a14bdfcc2c
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 04 Jul 2022 17:27:29 GMT Expires: Mon, 11 Jul 2022 17:27:29 GMT ETag: E5ACEA95C1B8B66AA4B541DAAB31AC841BCBDF95 Cache-Control: max-age=403296,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp12 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb439a900b51-OSL --- Additional Info --- Magic: data Size: 472 Md5: 2952709f61453f7257614e186c1eca5f Sha1: e5acea95c1b8b66aa4b541daab31ac841bcbdf95 Sha256: 68275d98da7d6c67a9ab8ebed126a4d237e2adb0185f3fe9e2279730b1d20a63
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 05 Jul 2022 10:00:55 GMT Expires: Tue, 12 Jul 2022 10:00:55 GMT ETag: 58AB2E8BFA2C65B8F7B8F8977A91256510467352 Cache-Control: max-age=462902,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp7 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb439c0d0af6-OSL --- Additional Info --- Magic: data Size: 472 Md5: b03746f7daae0a5295ceb648485d0d21 Sha1: 58ab2e8bfa2c65b8f7b8f8977a91256510467352 Sha256: 64bcbfeac3beb1c09ef1e453151de825d32872c8e40910f4010950d66004e100
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3F8A05399FC8816A9D2DF93AF8C580858EF4DC351A91600BBB2A1E2F6E8A8947" Last-Modified: Mon, 04 Jul 2022 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Thu, 07 Jul 2022 07:15:52 GMT Date: Thu, 07 Jul 2022 01:15:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b01234a67a2dd85ab37311bfae261fec Sha1: f8c8ecf7406b9eea7dcb2ee32b7c5042312412be Sha256: 3f8a05399fc8816a9d2df93af8c580858ef4dc351a91600bbb2a1e2f6e8a8947
GET /upload/vod/20220707-1/84d5373cd8a1abf40d99cb518dbac455.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 9062 Md5: 970c598bbc806411a19f49d9d88e3364$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 9062 Last-Modified: Wed, 06 Jul 2022 16:06:30 GMT Connection: keep-alive ETag: "62c5b306-2366" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 9062 Md5: 970c598bbc806411a19f49d9d88e3364 Sha1: 8bb0b75b69e85341c34f5f805926faef56cf55ea Sha256: 23f59f04eebcc20b553e830d55a29cc4411475eed391e240ae17fdc1eb62c220
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sun, 03 Jul 2022 16:54:49 GMT Expires: Sun, 10 Jul 2022 16:54:49 GMT ETag: AC7E40D9C584079715590668B720393405FE7436 Cache-Control: max-age=314936,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp8 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb441ab20b51-OSL --- Additional Info --- Magic: data Size: 471 Md5: 1789814f90249fafe62185b60d7f9552 Sha1: ac7e40d9c584079715590668b720393405fe7436 Sha256: 1d2b51526503d45bf24f7f05089080bcf95a10a83f9e3b6d1776aecde4649007
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 06 Jul 2022 12:12:40 GMT Expires: Wed, 13 Jul 2022 12:12:40 GMT ETag: D04C424E589A7AA5DB77FF647CA283A4CFFD6EFC Cache-Control: max-age=557207,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp1 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb4418beb527-OSL --- Additional Info --- Magic: data Size: 472 Md5: b925449725b74f1f15cf661fd331c6b5 Sha1: d04c424e589a7aa5db77ff647ca283a4cffd6efc Sha256: 642932db382cdfba1cf1280127f96c44c99a808c4ebc936c48355623a9907a11
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sun, 03 Jul 2022 16:54:49 GMT Expires: Sun, 10 Jul 2022 16:54:49 GMT ETag: AC7E40D9C584079715590668B720393405FE7436 Cache-Control: max-age=314936,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp13 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb441c69b4f4-OSL --- Additional Info --- Magic: data Size: 471 Md5: 1789814f90249fafe62185b60d7f9552 Sha1: ac7e40d9c584079715590668b720393405fe7436 Sha256: 1d2b51526503d45bf24f7f05089080bcf95a10a83f9e3b6d1776aecde4649007
GET /template/m1938pc/static/css/blue.css HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/template/m1938pc/static/css/default.css Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/css last-modified: Mon, 13 Sep 2021 12:37:30 GMT vary: Accept-Encoding etag: W/"613f460a-bf0" expires: Thu, 07 Jul 2022 13:15:51 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 121257 Md5: 6b1f4b03c31c4c7dd638e4a9efd7e084 Sha1: c090ad164e6755909acd4868ebf54b441a743f4a Sha256: d711d598544151bbf5bb9c1ac0067409163b56f2b970bd73691034760d0cf531
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	151.101.86.133 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Expires: Sun, 10 Jul 2022 23:24:14 GMT ETag: "aee59623dcc280f3d2f858b0f279a769ec560508" Last-Modified: Wed, 06 Jul 2022 23:24:14 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 Via: 1.1 varnish, 1.1 varnish Content-Length: 1459 Accept-Ranges: bytes Date: Thu, 07 Jul 2022 01:15:52 GMT Age: 3071 Connection: keep-alive X-Served-By: cache-qpg1271-QPG, cache-bma1640-BMA X-Cache: HIT, HIT X-Cache-Hits: 1, 1 X-Timer: S1657156552.473830,VS0,VE1 --- Additional Info --- Magic: data Size: 1459 Md5: 696b18490aadd2d7c0e35f44c03909e0 Sha1: aee59623dcc280f3d2f858b0f279a769ec560508 Sha256: 45bbb765d8f02aec49d97e956b792faa84647fb1adb6db38868e40ba81eae4aa
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 05 Jul 2022 18:11:17 GMT Expires: Tue, 12 Jul 2022 18:11:17 GMT ETag: 894E6228D9B89EA56FE0072E2D8E91E3EADDFF6C Cache-Control: max-age=492324,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp16 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb449c9b0af6-OSL --- Additional Info --- Magic: data Size: 472 Md5: ec69872dee41a4e095d8e28f9c1efae6 Sha1: 894e6228d9b89ea56fe0072e2d8e91e3eaddff6c Sha256: 3286fd1d8b8e1a921a72f94b919ad55cba7413e76f6361a95e1007a7a40af869
GET /upload/vod/20220707-1/4b769ee508d4f05011acc34e87e94a5a.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.47.100", baseline, precision 8, 680x453, components 3\012- data Size: 46025 Md5: aa42b7127158ca3271d1dfdf1b6ee9c3$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 46025 Last-Modified: Wed, 06 Jul 2022 16:10:32 GMT Connection: keep-alive ETag: "62c5b3f8-b3c9" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.47.100", baseline, precision 8, 680x453, components 3\012- data Size: 46025 Md5: aa42b7127158ca3271d1dfdf1b6ee9c3 Sha1: 2cc18d5d1fc76a2d9edd8a45114ca79344283356 Sha256: fff130f51b909731d341477b213da5c391554cd5977af3628a3a0bc005218bcf
GET /upload/vod/20220326-1/0c8344e8cf90096559f6dbef32cd3cf8.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 9364 Md5: 0bc658aa4bd5f4698ce10bd783b05b75$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 9364 Last-Modified: Sun, 05 Jun 2022 13:57:41 GMT Connection: keep-alive ETag: "629cb655-2494" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 9364 Md5: 0bc658aa4bd5f4698ce10bd783b05b75 Sha1: d0c726f8ac9106259946bc1e2b7f0345f24d1774 Sha256: 22cc0b6294e8d3e362eeb9a1a7a6f883999ad0739b5584b7b952c96450882e07
GET /upload/vod/20220707-1/ec95a404d845676f46a186ff5a30355e.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 46120 Md5: e4ead13b0397222618f120cad406fc8d$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 46120 Last-Modified: Wed, 06 Jul 2022 16:10:36 GMT Connection: keep-alive ETag: "62c5b3fc-b428" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 46120 Md5: e4ead13b0397222618f120cad406fc8d Sha1: 5f89c462558089cced0953310b1f4b8c02d1cdea Sha256: 1b9fb98b4ba52416d024f3a9092185bf6fd711efb19f6ceaed53af644e17eeea
GET /upload/vod/20220707-1/be3986e74cbc99c31b3164ec462c6bee.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 44967 Md5: 89a6793d9e537b491ed32cba8b4fc147$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 44967 Last-Modified: Wed, 06 Jul 2022 16:06:31 GMT Connection: keep-alive ETag: "62c5b307-afa7" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 44967 Md5: 89a6793d9e537b491ed32cba8b4fc147 Sha1: f146c9574ff898e586ee41cbd51fe58d301639a4 Sha256: 0e58611f45f0ee6539419e03ecc87a0befed1f6abf32000554a059e4dae37bd3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "19D8E255F027B6144F9DAB7035F5E5FAAAADEA6DB54C55B1F5DD8E576C348137" Last-Modified: Wed, 06 Jul 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21552 Expires: Thu, 07 Jul 2022 07:15:04 GMT Date: Thu, 07 Jul 2022 01:15:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3c9f9289f0bb46163c97083043b42114 Sha1: 0161e9fcfd31c343d93bdac9c4557e9821f18840 Sha256: 19d8e255f027b6144f9dab7035f5e5faaaadea6db54c55b1f5dd8e576c348137
GET /upload/vod/20220707-1/c54e55b7a59179def32fd50428227e83.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 54779 Md5: 1de2888da43412410830c9b3f49309ad$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 54779 Last-Modified: Wed, 06 Jul 2022 16:06:42 GMT Connection: keep-alive ETag: "62c5b312-d5fb" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 54779 Md5: 1de2888da43412410830c9b3f49309ad Sha1: 658c0b70f9ed88e2bee17e35ef1f0d5f8f65fbad Sha256: 844dd3021d2ac4f88e7252860842ae15426edce70d172932f708fd5a5047cb29
GET /upload/vod/20220707-1/69b1d1854c245d67ec0f1915b0b786ed.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 60266 Md5: d24ddd46c064430ef1763e923cc3f193$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 60266 Last-Modified: Wed, 06 Jul 2022 16:10:37 GMT Connection: keep-alive ETag: "62c5b3fd-eb6a" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data Size: 60266 Md5: d24ddd46c064430ef1763e923cc3f193 Sha1: b5e2943fabb3afb9712e721079d0daa88f5606b0 Sha256: 9e84a822ad75692e206237ce90e56ffc9820caff6476ad87fa520aad7874f747
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Wed, 06 Jul 2022 13:17:31 GMT Expires: Wed, 13 Jul 2022 13:17:31 GMT ETag: 379252893E14AD83C1C1E5A3FBE55F4E407E95BE Cache-Control: max-age=561098,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp5 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 726cbb457b430b51-OSL --- Additional Info --- Magic: data Size: 471 Md5: ba852907b4fa4aa88de6fbb074095796 Sha1: 379252893e14ad83c1c1e5a3fbe55f4e407e95be Sha256: cceeaf96e503336f8002a10e92780ee6a2fd2309b75c7b1528fce764ffb18964
GET /hm.js?94bb709b51d68511a9583c0d0ed3b04f HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.jlhtie.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11337 Date: Thu, 07 Jul 2022 01:15:51 GMT Etag: 670d941892d96299c0aaefbeea121922 P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=A20D29F57E476511; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (626) Size: 11337 Md5: 9b5e3d53a3d737e2ef04de6fcee6fbe0 Sha1: b99740cf45fb1c90e902a77571eed80b7fbf41d2 Sha256: 8101c23bde8cf3976eb94dfe15e452140c9125a3c61107465c98b91a4e433124
GET /bjh/6217e697e5bcdcf05bce5b844cda6ddc.gif HTTP/1.1 Host: pic.rmb.bdstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 960 x 240\012- data Size: 1031440 Md5: 6217e697e5bcdcf05bce5b844cda6ddc$ 185.10.104.115 HTTP/2 200 OK server: JSP3/2.0.14 date: Thu, 07 Jul 2022 01:15:52 GMT content-type: image/gif content-length: 1031440 expires: Wed, 15 Jun 2022 14:29:52 GMT last-modified: Mon, 21 Feb 2022 15:50:19 GMT etag: "6217e697e5bcdcf05bce5b844cda6ddc" age: 856003 accept-ranges: bytes content-md5: Yhfml+W83PBbzluETNpt3A== x-bce-content-crc32: 3262800787 x-bce-debug-id: XC5yZChdhhchAbUAj5hgejRi/IlMbYjjPS90JFdWyWF57r3NzeDJxytNT5BKHDjg0xztQPDLfzhRrA19mT5cTw== x-bce-request-id: ac8a8cb4-467e-4c11-a210-5fbc303f905e x-bce-storage-class: STANDARD timing-allow-origin: * ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache142 [1], czix190 [1] ohc-file-size: 1031440 x-cache-status: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 240\012- data Size: 1031440 Md5: 6217e697e5bcdcf05bce5b844cda6ddc Sha1: 3aab263cdc8a2cee991e34701689b7b497f92e75 Sha256: d0f2fe7b11ea4b5daae1619e4c8307b7df14866c79f6ded60ba0401bf8350d46
GET /upload/vod/20220326-1/f4605a9e81aac21a081088ed03882eec.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 9062 Md5: 739f9fb0bcfd48eacb06744cab1018c0$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 9062 Last-Modified: Sun, 05 Jun 2022 13:56:32 GMT Connection: keep-alive ETag: "629cb610-2366" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 9062 Md5: 739f9fb0bcfd48eacb06744cab1018c0 Sha1: 7b1f173c2eae7c657c05c6108c865e1286590aea Sha256: 6951db2aaef9ee94b824a8fee431310704d3d4a2fce66e8cb3080ec6b6b4ace4
GET /upload/vod/20220326-1/a01cce768235825a629771d2432e1b44.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8577 Md5: 716208131e9a6128a192723287b81bfc$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 8577 Last-Modified: Sun, 05 Jun 2022 13:57:48 GMT Connection: keep-alive ETag: "629cb65c-2181" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8577 Md5: 716208131e9a6128a192723287b81bfc Sha1: 2d72ff9bd59c8d24f05dc91061423c69432f2311 Sha256: 89bf3cb05e101625ca22ac17091a715bef288c5b3563aafdf8016cb799e992c2
GET /upload/vod/20220326-1/e42c577b92cc26d4e8c068be3795b435.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8715 Md5: 10e17092d7186c6d3c89f8a2a4fcc912$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 8715 Last-Modified: Sun, 05 Jun 2022 13:57:32 GMT Connection: keep-alive ETag: "629cb64c-220b" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8715 Md5: 10e17092d7186c6d3c89f8a2a4fcc912 Sha1: 4f53a3a54bec70c2b73adcd0d372e6ee28fbe7cc Sha256: a832336ae9a287a4aa16cb56ac1f731e315850a050c1f0e5e3f7b1a056164564
GET /upload/vod/20220326-1/c9db6729391c3ed323f96ff8ecaf7350.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 12240 Md5: 578fcb8b8351902fb5c82d8995918b13$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 12240 Last-Modified: Sun, 05 Jun 2022 13:57:35 GMT Connection: keep-alive ETag: "629cb64f-2fd0" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 12240 Md5: 578fcb8b8351902fb5c82d8995918b13 Sha1: 9591c50421f84b3ec17a2cd8f805642f5dd906bb Sha256: bc85abe3f1bb013da20d6095a891e424b6572e71104a5932fe732d3257fe4119
GET /e08b102b9f414214aad1412d5dc68a70.gif HTTP/1.1 Host: xox9325.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 200 x 200\012- data Size: 30032 Md5: f4bf3ec7740819830edfa6989a3bc2b4$ 45.61.212.46 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "62a3067d-7550" Date: Sun, 03 Jul 2022 18:41:19 GMT Server: nginx Last-Modified: Fri, 10 Jun 2022 08:53:17 GMT Accept-Ranges: bytes X-Cache: HIT from cloud-us1-cdnb-16 Content-Length: 30032 --- Additional Info --- Magic: GIF image data, version 89a, 200 x 200\012- data Size: 30032 Md5: f4bf3ec7740819830edfa6989a3bc2b4 Sha1: 09edff14f86a547fb11cc5b98f1fdf9d372491cf Sha256: 9114fd963565fca7fb64d8515d838ba2b9623f237d8a2915fc914bdeb3ffc67f
GET /template/m1938pc/static/css/img_list.css HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/css last-modified: Mon, 13 Sep 2021 12:37:30 GMT vary: Accept-Encoding etag: W/"613f460a-9dd" expires: Thu, 07 Jul 2022 13:15:51 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1183 Md5: 1931c42f7bf953e6e8e5f29f79d90580 Sha1: 3404379ae160fdc667c525ae1de08f2d0df16f95 Sha256: afcbb6d6f961e9e672a8a5baeb837e28bfb62f98891216d33e7f10510fb0700a
GET /upload/vod/20220326-1/af77fa8a21bef435298bd5ba4be5a3cf.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 7830 Md5: 72faeac4d87fe048997da9ac1a0051af$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 7830 Last-Modified: Sun, 05 Jun 2022 13:56:32 GMT Connection: keep-alive ETag: "629cb610-1e96" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 7830 Md5: 72faeac4d87fe048997da9ac1a0051af Sha1: b4a5ba5b4526576d16a42ef38dd9e168c5807a0b Sha256: 203a9bb1a8542cbd6288d511944fa4a3b31e6f94d8077205f34976a3da3dc57f
GET /upload/vod/20220326-1/6585e357487dc9701c79def76b0d0bff.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x539, components 3\012- data Size: 78086 Md5: 8fd44c93c5265736ce63fdb4a49ad25d$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 78086 Last-Modified: Sun, 05 Jun 2022 13:56:02 GMT Connection: keep-alive ETag: "629cb5f2-13106" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x539, components 3\012- data Size: 78086 Md5: 8fd44c93c5265736ce63fdb4a49ad25d Sha1: bed425e657d06d143d1a8e455f940263e883553f Sha256: 4fd2c6fe6e40f3f8a2c327053ac1e90019488298db6a2e810d9cd54a604989a4
GET /upload/vod/20220326-1/d90ad1e53305e854d2ad795818131997.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 12608 Md5: efe093f91dc08312e39632aa9d3000e6$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 12608 Last-Modified: Sun, 05 Jun 2022 13:57:43 GMT Connection: keep-alive ETag: "629cb657-3140" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 12608 Md5: efe093f91dc08312e39632aa9d3000e6 Sha1: 889faa2fc10ac76ac71ee705ab2530bb065e7582 Sha256: d4c11c564c7b423b2c1ec9946ab120f024b8afd31169ac504afa8f769d731302
GET /upload/vod/20220326-1/0669ddd590119508a61fb3bca622465f.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 11072 Md5: 3b287f7243a2a8a7573f66d4c7a89378$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 11072 Last-Modified: Sun, 05 Jun 2022 13:56:06 GMT Connection: keep-alive ETag: "629cb5f6-2b40" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 11072 Md5: 3b287f7243a2a8a7573f66d4c7a89378 Sha1: bb4cf4e0c02ae1df83b085c7b99c048823c1ce99 Sha256: 1198d58a468593b9e82dbb5553620813196ce239a1afaf5020fd58c6d9fa0dcf
GET /upload/vod/20220326-1/b0535aa638bd51deda4fa279c3c9cdde.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 7715 Md5: 38490a918375f97215c4d3a705ecf6c7$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 7715 Last-Modified: Sun, 05 Jun 2022 13:55:22 GMT Connection: keep-alive ETag: "629cb5ca-1e23" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 7715 Md5: 38490a918375f97215c4d3a705ecf6c7 Sha1: ab5bd4514ca9dedcbc63c9a396f99ae2a8181349 Sha256: 1e8f2ce55da33604269b1ec05e9e4f6abad5cc2ec7a22d9628661b59ecbfc65d
GET /hm.js?4802bbda1494e9a039ed8837a43ab75d HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11338 Date: Thu, 07 Jul 2022 01:15:52 GMT Etag: 5578bcfdc0be5fb4a9ff558d30b62a43 P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=93AABD766AE2F6F9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (627) Size: 11338 Md5: 0757616d7c6581b9d175ae96686c73dd Sha1: 2ba835a1cb5a6be49723e06066bca62a0ab0f424 Sha256: 5b87a671fcf47674e2dc186f3e8257ded96fb608322b19885074b44d3ddd5f9a
GET /960x240.gif HTTP/1.1 Host: 6745jj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 960 x 240\012- data Size: 178672 Md5: efee8a79540ee00db69bebdc99794192$ 104.233.158.17 HTTP/1.1 200 OK Content-Type: image/gif Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 178672 Connection: keep-alive Last-Modified: Fri, 06 May 2022 06:42:35 GMT ETag: "6274c35b-2b9f0" Expires: Tue, 19 Jul 2022 15:49:48 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 960 x 240\012- data Size: 178672 Md5: efee8a79540ee00db69bebdc99794192 Sha1: d0065a17839693634546f59f1adcf59f8b4da39f Sha256: 3a56867d2650ebcbaed66b0255e1752f0236284585167348be04fbd52aea4037
GET /upload/vod/20220326-1/490f2c00542c8ef9bfb47691494012d1.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data Size: 198724 Md5: 9b25643d7a84f87e17df0bb2ed03e8a3$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 198724 Last-Modified: Sun, 05 Jun 2022 14:00:13 GMT Connection: keep-alive ETag: "629cb6ed-30844" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data Size: 198724 Md5: 9b25643d7a84f87e17df0bb2ed03e8a3 Sha1: ba72203ef0716cda42d7d09dc7130e45b190fb2c Sha256: 13af7d6e2f71ea003326bc2a61fc8f12ab635d047a3c2e30bf27e98c00ce58c5
GET /fa80d1bb60f94250aa5f97867f14112c.gif HTTP/1.1 Host: tmrhoe2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 200 x 200\012- data Size: 152028 Md5: a287db1ba6f90c8d875f11d2b59a9f28$ 103.170.15.79 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "62a3058a-251dc" Date: Sun, 03 Jul 2022 18:43:55 GMT Server: nginx Last-Modified: Fri, 10 Jun 2022 08:49:14 GMT Accept-Ranges: bytes X-Cache: HIT from yd11_13-cdn-g01-la2-09 Content-Length: 152028 --- Additional Info --- Magic: GIF image data, version 89a, 200 x 200\012- data Size: 152028 Md5: a287db1ba6f90c8d875f11d2b59a9f28 Sha1: 3550fa5a58039c1210393e5a192c830c9b2c2134 Sha256: 4b03e19f3b7691989a32e8b7c99e82806be6eedd4f67927c2deaddddfc0e8efc
GET /943a153059c5487bb21fded0d9b14081.gif HTTP/1.1 Host: gezkdx7.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 180 x 180\012- data Size: 344751 Md5: 737c4ed211b8aeaa644400a85d02023b$ 45.61.212.46 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "62931339-542af" Date: Sat, 25 Jun 2022 05:02:32 GMT Server: nginx Last-Modified: Sun, 29 May 2022 06:31:21 GMT Accept-Ranges: bytes X-Cache: HIT from cloud-us1-cdnb-16 Content-Length: 344751 --- Additional Info --- Magic: GIF image data, version 89a, 180 x 180\012- data Size: 344751 Md5: 737c4ed211b8aeaa644400a85d02023b Sha1: f1cf42cd5d70d2bae0d5a890fc2aac5fc76b4420 Sha256: 627ba9f86b478606d3fc36097593d9513d273651c5fbf77723b91cc270947f4e
GET /upload/vod/20220707-1/94ea35e317fde56018de4623a3d95202.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.47.100", baseline, precision 8, 680x453, components 3\012- data Size: 81876 Md5: fa45d640746634ca95c41d018f0fc2a0$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 81876 Last-Modified: Wed, 06 Jul 2022 16:21:37 GMT Connection: keep-alive ETag: "62c5b691-13fd4" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.47.100", baseline, precision 8, 680x453, components 3\012- data Size: 81876 Md5: fa45d640746634ca95c41d018f0fc2a0 Sha1: 8de92dc9b8ce23e48febcf5743840cf96140ecb2 Sha256: 7587506700fce6349cc16ea2f4dcbfd9af049e2147a2260bdcc91098ec0bf131
GET / HTTP/1.1 Host: www.hlgav.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.jlhtie.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	154.13.7.23 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:51 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 344696 Md5: 40d4adfab859e1b024121e9ecf319547 Sha1: 9d25740f9fb8054d2645cf983ffbb9719c483c9a Sha256: 6ce38efa092d997a7f66702c588c03abf20d501981de788ecdc68a8044bbb044
GET /0dfea9db7d8a48e6b64bfb0dbb33dcbc.gif HTTP/1.1 Host: nrxduw5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 960 x 60\012- data Size: 250288 Md5: 40ef6f52c34c2ede61af0dc918dc27c0$ 45.61.212.46 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "62b453ae-3d1b0" Date: Fri, 01 Jul 2022 00:17:41 GMT Server: nginx Last-Modified: Thu, 23 Jun 2022 11:51:10 GMT Accept-Ranges: bytes X-Cache: HIT from cloud-us1-cdnb-16 Content-Length: 250288 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 60\012- data Size: 250288 Md5: 40ef6f52c34c2ede61af0dc918dc27c0 Sha1: 52aaebd6e45785192121c13f46be4a7850163a95 Sha256: d51cd6bbac18961b249ece789683a74990bea115ce8b9982f9dcbd29ddff5539 Alerts: Blocklists: - quad9: Sinkholed
GET /upload/vod/20220707-1/b7910c616274ad81ad7e206dbfffa491.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.52.102", baseline, precision 8, 680x453, components 3\012- data Size: 64594 Md5: c80ab2a385a0924065e5fd2c9ba247d2$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 64594 Last-Modified: Wed, 06 Jul 2022 16:06:26 GMT Connection: keep-alive ETag: "62c5b302-fc52" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.52.102", baseline, precision 8, 680x453, components 3\012- data Size: 64594 Md5: c80ab2a385a0924065e5fd2c9ba247d2 Sha1: 5e8d03085a1d0c4d74619b5b5d97d257bdffc92a Sha256: 46c47f7b23b32a09023c6f843ef3582444062d4a6adf9eb6cfa5435803fc7e97
GET /afa928fdc69e446e80d8dc784dbf71c7.gif HTTP/1.1 Host: dfwskw7.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 180 x 180\012- data Size: 29836 Md5: c75065e9b2cdd6327ec4bcd5564139dd$ 45.61.212.225 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "62931325-748c" Date: Tue, 21 Jun 2022 15:35:25 GMT Server: nginx Last-Modified: Sun, 29 May 2022 06:31:01 GMT Accept-Ranges: bytes X-Cache: HIT from cloud-us3-cdnb-25 Content-Length: 29836 --- Additional Info --- Magic: GIF image data, version 89a, 180 x 180\012- data Size: 29836 Md5: c75065e9b2cdd6327ec4bcd5564139dd Sha1: 942a4075f3561f09179d6a332eebfdca981601b0 Sha256: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1801590018&si=94bb709b51d68511a9583c0d0ed3b04f&v=1.2.95&lv=1&sn=38542&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jlhtie.com%2Findex.php&tt=%E5%B9%BF%E8%A5%BF%E9%85%9D%E9%9D%A5%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.jlhtie.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3$ 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Thu, 07 Jul 2022 01:15:52 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=E94057D45165CFC6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /upload/vod/20220326-1/fdddbb1f20a62d9e1dba0a3309d79765.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data Size: 192810 Md5: 05cbf3af180f781fd300961229aff67f$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 192810 Last-Modified: Sun, 05 Jun 2022 13:57:36 GMT Connection: keep-alive ETag: "629cb650-2f12a" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data Size: 192810 Md5: 05cbf3af180f781fd300961229aff67f Sha1: 6a7c5fde1418b100ca4be06f330417e7461b4eac Sha256: 8ba80e1f03f4d5e2b72eca098c0f3374cc2b2ae81c4763b8f302337379870cc5
GET /upload/vod/20220707-1/0f2ef0a4839b5efc2696a5bec09f44f8.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, baseline, precision 8, 320x240, components 3\012- data Size: 10131 Md5: 5122d9235ba71eee58412ccbb98c467e$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:53 GMT Content-Length: 10131 Last-Modified: Wed, 06 Jul 2022 16:07:25 GMT Connection: keep-alive ETag: "62c5b33d-2793" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 320x240, components 3\012- data Size: 10131 Md5: 5122d9235ba71eee58412ccbb98c467e Sha1: 7ddca5baecdd1db91cd65f9cc0a7810df911141d Sha256: 3639a21c32926c03a0048ee71eb0c4ed751e1d097a8cf9e305734f4663d68730
GET /upload/vod/20220707-1/866755c2f9fb1e7d71a54e47a1367141.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=PhotoScape], baseline, precision 8, 680x453, components 3\012- data Size: 73456 Md5: f5cb16c6dc75265cd31c66cf76970b7d$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 73456 Last-Modified: Wed, 06 Jul 2022 16:06:31 GMT Connection: keep-alive ETag: "62c5b307-11ef0" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=PhotoScape], baseline, precision 8, 680x453, components 3\012- data Size: 73456 Md5: f5cb16c6dc75265cd31c66cf76970b7d Sha1: 38863e8a0167215ad1f81a37931a71fca8533c71 Sha256: 7e363437b0cf1129709813892a3f4d3eb9b0793f94913357eb2311527d2d1fdf
GET /upload/vod/20220326-1/99e19f487bc38795a0be44f23338a9ab.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 10017 Md5: 52fd40b20fdb98728190ad5370303a5a$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:53 GMT Content-Length: 10017 Last-Modified: Sun, 05 Jun 2022 13:57:28 GMT Connection: keep-alive ETag: "629cb648-2721" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 10017 Md5: 52fd40b20fdb98728190ad5370303a5a Sha1: 596a7761fe6b3530496aa352413ca7c9570881f0 Sha256: da48d7ef495f8ea640246f77cdb7dd198e4374f353a4c392e69e12169639d198
GET /cf3bbe33b0d048e689c091298f0b8e86.gif HTTP/1.1 Host: rgjeow3.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 960 x 80\012- data Size: 679154 Md5: 31a2c8b304c60ba0149121ba24738944$ 45.61.212.46 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "62b2a31e-a5cf2" Date: Wed, 22 Jun 2022 05:47:47 GMT Server: nginx Last-Modified: Wed, 22 Jun 2022 05:05:34 GMT Accept-Ranges: bytes X-Cache: HIT from cloud-us1-cdnb-16 Content-Length: 679154 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 80\012- data Size: 679154 Md5: 31a2c8b304c60ba0149121ba24738944 Sha1: b7e41db8a64cd0e82db9423dc5feeaeae6be5d3e Sha256: a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa
GET /upload/vod/20220326-1/b74ea7f7e86ae87ccbc89b88ecc7ff3e.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 6847 Md5: 3c60d787529ad2d86700c467e194659c$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:53 GMT Content-Length: 6847 Last-Modified: Sun, 05 Jun 2022 13:57:31 GMT Connection: keep-alive ETag: "629cb64b-1abf" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 6847 Md5: 3c60d787529ad2d86700c467e194659c Sha1: b6306721d9639f86fb38ac8e0a9d542fab6d44ac Sha256: ae2427d2fe32779be1141b608a006fc0911485bbb31e8a7395b7f1c054ccef23
GET /upload/vod/20220326-1/c16b8dc36bc4076839534396304268a3.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8887 Md5: 3988cd238ff4af4252139e25def302a0$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:53 GMT Content-Length: 8887 Last-Modified: Sun, 05 Jun 2022 13:56:35 GMT Connection: keep-alive ETag: "629cb613-22b7" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8887 Md5: 3988cd238ff4af4252139e25def302a0 Sha1: 68c1c082ba504b07d5a78924a5ec861b49b1cc7c Sha256: 1805600c93cdc56a9db529f1a3027dcd328ea71a634638132fb998def385b921
GET /upload/vod/20220326-1/3c0e06c4b971e84dac1cf6146b0adb97.jpg HTTP/1.1 Host: img.sewozyimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8163 Md5: a2cd14d8fed35ba2f03e36a93b948345$ 107.148.224.18 HTTP/1.1 200 OK Content-Type: image/jpeg Server: Tengine Date: Thu, 07 Jul 2022 01:15:53 GMT Content-Length: 8163 Last-Modified: Sun, 05 Jun 2022 13:57:15 GMT Connection: keep-alive ETag: "629cb63b-1fe3" Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: POST, GET, OPTIONS X-Cache: hit Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data Size: 8163 Md5: a2cd14d8fed35ba2f03e36a93b948345 Sha1: 2ac69724ddea4a360bd15f433c742f03a28c8a5b Sha256: e850793403ff83a08d9d511fc53bd070c7930971b033b6d6467d62c065c43ffc
GET /072e6345510b44bab99363c75c1af98a.gif HTTP/1.1 Host: nrxduw5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 750 x 120\012- data Size: 1022789 Md5: a0a14d1a48173b20f7d520959d73fc5d$ 45.61.212.46 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "628a083b-f9b45" Date: Tue, 21 Jun 2022 13:54:19 GMT Server: nginx Last-Modified: Sun, 22 May 2022 09:54:03 GMT Accept-Ranges: bytes X-Cache: HIT from cloud-us1-cdnb-16 Content-Length: 1022789 --- Additional Info --- Magic: GIF image data, version 89a, 750 x 120\012- data Size: 1022789 Md5: a0a14d1a48173b20f7d520959d73fc5d Sha1: e4d4bf332ce4cd141c81360cc58c0ca2a5ff2520 Sha256: 3232dce57b56b38bc2771e35b5a66d4709caee334a218200d6c642e6ad9f2cd0 Alerts: Blocklists: - quad9: Sinkholed
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=1008&et=0&ja=0&ln=en-us&lo=0&rnd=1114392539&si=4802bbda1494e9a039ed8837a43ab75d&su=http%3A%2F%2Fwww.jlhtie.com%2F&v=1.2.95&lv=1&sn=38543&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fwww.hlgav.xyz%2F HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3$ 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Thu, 07 Jul 2022 01:15:53 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=0C6A81EFC4148E5A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /logo/20.gif HTTP/1.1 Host: tt-gif.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 272 x 272\012- data Size: 397251 Md5: 66ece7346a37c9793896b4dcffc0aa33$ 100.42.229.47 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:15:52 GMT content-type: image/gif content-length: 397251 last-modified: Mon, 18 Apr 2022 09:36:21 GMT etag: "625d3115-60fc3" expires: Sat, 06 Aug 2022 01:15:52 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 272 x 272\012- data Size: 397251 Md5: 66ece7346a37c9793896b4dcffc0aa33 Sha1: 1ede3c927fc4c1a960463595289914f0a681ebe7 Sha256: bf6660578b978113e0c2a1a5ad09dd8d355ab591a16670be0dfb1a2a3eabea30
GET /hm.js?f7d00a66e3f0fa1084921b25394e56de HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11339 Date: Thu, 07 Jul 2022 01:15:52 GMT Etag: 9cb294a0cd0853c697a8de99c0bef3dd P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=5D4D29DA76424512; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (628) Size: 11339 Md5: 2b4ee4fb9da4fa863d9b04a80702a6f4 Sha1: f1ce26535e4e165e6acd7b6acf93ecb1966cbb30 Sha256: 458b978462e026a1ef305a88ad12a9dce4ea24f96d4efc6e6dad717d3c36826b
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=1008&et=0&ja=0&ln=en-us&lo=0&rnd=852880843&si=f7d00a66e3f0fa1084921b25394e56de&su=http%3A%2F%2Fwww.jlhtie.com%2F&v=1.2.95&lv=1&sn=38543&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fwww.hlgav.xyz%2F HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3$ 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Thu, 07 Jul 2022 01:15:53 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=34C1DF104CB64EBF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /gg/400x400.gif HTTP/1.1 Host: 701.oss-cn-hongkong.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hlgav.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 400 x 400\012- data Size: 438238 Md5: 22474e62dc325d4450330029e27249cb$ 47.75.19.85 HTTP/1.1 200 OK Content-Type: image/gif Server: AliyunOSS Date: Thu, 07 Jul 2022 01:15:52 GMT Content-Length: 438238 Connection: keep-alive x-oss-request-id: 62C633C8D0409B383993318E Accept-Ranges: bytes ETag: "22474E62DC325D4450330029E27249CB" Last-Modified: Tue, 21 Jun 2022 08:13:54 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13533707309778421520 x-oss-storage-class: Standard Content-MD5: IkdOYtwyXURQMwAp4nJJyw== x-oss-server-time: 3 --- Additional Info --- Magic: GIF image data, version 89a, 400 x 400\012- data Size: 438238 Md5: 22474e62dc325d4450330029e27249cb Sha1: c92aa67c36fe0bf046b370e9f40479deebc3d583 Sha256: cffedfbaa4a4a20c82c97af2c9aea7af2380763015f2a6c626764f1cff44b641
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91e1318-19c1-478d-9499-3baab13b925b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6764 Md5: 92e0cfdf03ce76aa5a899b42fc763e83$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6764 x-amzn-requestid: 066475d9-bed3-4626-9a4d-a9e713866195 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U3UCmEwgIAMFSDw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c60076-694099bd5429b3a91e282d27;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 21:36:54 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8Ie_zy0LfZGwhWeD3rj2aXI9WVNbOzQr4ixU7QvFid2bFdI2aXdYyw== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 22:03:40 GMT age: 11537 etag: "245427c92c74e85f199f9fd9563c91cb62cba979" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6764 Md5: 92e0cfdf03ce76aa5a899b42fc763e83 Sha1: 245427c92c74e85f199f9fd9563c91cb62cba979 Sha256: 2216f105d3350eabd7422e964bbbd9758009675ace79437c368097a27bf1f1fb