Overview

URL jlhtie.com/
IP154.86.232.137
ASNDXTL Tseung Kwan O Service
Location Hong Kong
Report completed2022-07-07 01:16:02 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-07 2 jlhtie.com/ Phishing
2022-07-07 2 www.jlhtie.com/index.php Phishing
2022-07-07 2 www.jlhtie.com/common.js Phishing
2022-07-07 2 www.jlhtie.com/tj.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-06 2 nrxduw5.com Sinkholed
2022-07-06 2 nrxduw5.com Sinkholed


Files

No files detected



Passive DNS (28)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] jlhtie.com (1) 0 No data No data 154.86.232.137 Unknown ranking
[Mnemonic Passive DNS] tgqd.tsmgsoce.com (1) 0 No data No data 172.67.217.11 Unknown ranking
[Mnemonic Passive DNS] ocsp.sectigo.com (11) 487 2018-12-17 11:31:55 UTC 2022-07-06 16:56:01 UTC 172.64.155.188
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.14
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-07-06 04:55:58 UTC 151.101.86.133
[Mnemonic Passive DNS] www.hlgav.xyz (7) 0 No data No data 154.13.7.23 Unknown ranking
[Mnemonic Passive DNS] tmrhoe2.com (1) 0 2022-05-23 04:51:36 UTC 2022-07-06 16:52:39 UTC 103.170.15.79 Unknown ranking
[Mnemonic Passive DNS] pic.rmb.bdstatic.com (1) 25157 2017-02-01 17:01:36 UTC 2022-07-06 08:54:50 UTC 185.10.104.115
[Mnemonic Passive DNS] rgjeow3.com (1) 0 2022-03-23 06:48:07 UTC 2022-07-06 14:04:51 UTC 45.61.212.46 Unknown ranking
[Mnemonic Passive DNS] www.jlhtie.com (4) 0 No data No data 154.86.232.137 Unknown ranking
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 34.215.40.77
[Mnemonic Passive DNS] aooacctp.com (2) 0 No data No data 104.21.234.187 Unknown ranking
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-07-06 04:56:10 UTC 151.101.86.133
[Mnemonic Passive DNS] xox9325.com (1) 0 2022-06-08 06:47:24 UTC 2022-07-06 22:11:28 UTC 45.61.212.46 Unknown ranking
[Mnemonic Passive DNS] 6745jj.com (1) 0 No data No data 104.233.158.17 Unknown ranking
[Mnemonic Passive DNS] gezkdx7.com (1) 0 2022-03-21 06:27:17 UTC 2022-07-06 13:13:51 UTC 45.61.212.46 Unknown ranking
[Mnemonic Passive DNS] dfwskw7.com (1) 0 2022-04-25 14:56:55 UTC 2022-07-06 18:20:55 UTC 45.61.212.225 Unknown ranking
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] statuse.digitalcertvalidation.com (1) 16484 2019-06-21 15:00:06 UTC 2022-07-06 12:49:14 UTC 93.184.220.29
[Mnemonic Passive DNS] hm.baidu.com (6) 8254 2017-01-30 05:28:59 UTC 2022-07-06 06:26:28 UTC 103.235.46.191
[Mnemonic Passive DNS] 701.oss-cn-hongkong.aliyuncs.com (1) 0 No data No data 47.75.19.85 Domain (aliyuncs.com) ranked at: 1959
[Mnemonic Passive DNS] nrxduw5.com (2) 0 2022-03-21 06:37:30 UTC 2022-07-06 22:58:42 UTC 45.61.212.46 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.76.226
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] img.sewozyimg.com (26) 0 No data No data 107.148.224.18 Unknown ranking
[Mnemonic Passive DNS] tt-gif.com (1) 0 No data No data 100.42.229.47 Unknown ranking


Recent reports on same IP/ASN/Domain

No other reports on IP: 154.86.232.137


Last 10 reports on ASN: DXTL Tseung Kwan O Service

Date UQ / IDS / BL URL IP
2022-08-19 23:52:52 +0000
0 - 0 - 4 www.zgzxgrw.com/ 154.218.122.2
2022-08-19 15:48:34 +0000
0 - 0 - 4 www.upskirts-tube.com/bk19/ 156.240.143.2
2022-08-19 06:42:22 +0000
0 - 0 - 1 dota2bets.net/ 154.214.119.97
2022-08-18 19:55:44 +0000
0 - 0 - 1 456nb.com/ 154.219.181.84
2022-08-18 19:12:59 +0000
0 - 0 - 1 maiqige.com/ 154.95.199.197
2022-08-18 18:42:38 +0000
0 - 0 - 5 ysxue8.com/ 156.235.169.187
2022-08-18 18:10:15 +0000
0 - 0 - 5 www.dcltianyuan777.com/ 154.218.65.187
2022-08-18 14:08:00 +0000
0 - 0 - 2 www.amigonerd.net/ 154.86.223.57
2022-08-16 14:55:51 +0000
0 - 0 - 7 hxsdtv7com.com/ 45.192.64.33
2022-08-16 14:18:24 +0000
0 - 0 - 7 www.ydshine.com/n8it/ 154.95.152.85

No other reports on domain: jlhtie.com



JavaScript

Executed Scripts (9)


Executed Evals (1)

#1 JavaScript::Eval (size: 455, repeated: 1) - SHA256: 0fd9a57e931aa82989db46aac5a3fd72c2a5dd2471649332b45456fa7e81cb0b

                                        document.write('<title>]e5P/ؾ	Pl�</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="https://www.hlgav.xyz/"></iframe></div><style type="texts">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 436, repeated: 1) - SHA256: 7d933257924733677de5ec6638a1f76bba3080de8ee1f222c1e58dfbd35b8b13

                                        < title > ] e5P / ؾ Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="https:/ / www.hlgav.xyz / "></iframe></div><style type="
texts ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    


HTTP Transactions (92)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 07 Jul 2022 00:56:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dP4y4PtV6IPc10pYR2GB3L_pjImzetn68w9v6siQeJTSkg7MnA19BQ==
Age: 1164


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6591
Expires: Thu, 07 Jul 2022 03:05:40 GMT
Date: Thu, 07 Jul 2022 01:15:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BHbWE73B3O5eEAZRWthSaWilm6FfHL2pyqWJRx3b3Wy4_yEx2nhuIQ==
age: 78544
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: jlhtie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         154.86.232.137
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:15:49 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.jlhtie.com/index.php


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 07 Jul 2022 00:34:56 GMT
Cache-Control: max-age=3600
Expires: Thu, 07 Jul 2022 01:11:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O3tsiG_SBxJG6hAv8XjF-2QNZ0vxTebeaC44xgQCM6DGh_ycdhgZ4A==
Age: 2454


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /index.php HTTP/1.1 
Host: www.jlhtie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         154.86.232.137
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:15:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (654), with CRLF line terminators
Size:   581
Md5:    0beba8d7623775eca6e63f9752880e36
Sha1:   9b993b36dfea592223cd1b460993919f1294b4a3
Sha256: 1058a1ddbac39de6f9ea9a162a770c8e9b5b557c36d0334ea8c65401f46076ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4357
Cache-Control: 'max-age=158059'
Date: Thu, 07 Jul 2022 01:15:50 GMT
Last-Modified: Thu, 07 Jul 2022 00:03:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: msASaQSxPna5u+0ZFnX2mQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.40.77
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jN5UH1qsrpvV3mBeyi2rMY8nMBY=

                                        
                                            GET /common.js HTTP/1.1 
Host: www.jlhtie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jlhtie.com/index.php

                                         
                                         154.86.232.137
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:15:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (440), with CRLF line terminators
Size:   682
Md5:    985c63b7ab7df56a59e2f5cc0c4ba40b
Sha1:   c480bbf95c6c5f655351d940404acdf30b3ca092
Sha256: 0d892a9f2243e5f29c961befba0a21c0c69ce52bccfea9bba1fa3f9ed9c77707

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.jlhtie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jlhtie.com/index.php

                                         
                                         154.86.232.137
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:15:50 GMT
Content-Length: 258
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   258
Md5:    410631c41aa1437ccd6094bc1254d5bf
Sha1:   ad3380d08cab0ea1f7207742bd069c6b926731d7
Sha256: af0d16e033c96d80c54c72dbb2f1ba52a492e6b103ada47c47cfdc92b918070e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18985
Expires: Thu, 07 Jul 2022 06:32:15 GMT
Date: Thu, 07 Jul 2022 01:15:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18985
Expires: Thu, 07 Jul 2022 06:32:15 GMT
Date: Thu, 07 Jul 2022 01:15:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18985
Expires: Thu, 07 Jul 2022 06:32:15 GMT
Date: Thu, 07 Jul 2022 01:15:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4243
x-amzn-requestid: 013a931d-b718-49de-a8e0-83dab66aa8b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ugb38Ge7oAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bcd9cc-375eb507376be9e156ed766e;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 23:01:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Z70oJQvoLMemVFsEoYEtvA5wA3jBZqBpFKMiAOABmXkQ8avGPVRESQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 16:49:27 GMT
age: 30383
etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4243
Md5:    4dadb5bd9157f2899ea250117bf6655e
Sha1:   5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3
Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7271
x-amzn-requestid: cec81cbd-de3f-4d78-85e6-5b1a51bc148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3Dp7GmtIAMFzgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c5e63f-7b0aeb393b5a87d65e40c8e3;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 19:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ePVvRFQ2fP52OzAesEQDL3uhCOjYKl7Nmr1NQ4gkwvuXCwu_TdKc3g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:53:24 GMT
age: 12146
etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7271
Md5:    1d4f4e3ad0f3ca501b797538d0f3aaac
Sha1:   949707b56fd4aa6464f5f4a5d52b18ab72d307ff
Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12294
x-amzn-requestid: 5bec92dd-8e32-40ad-95a7-9974235736f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utf-wHQzIAMFQzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c21391-17f0206a62ac8b6732f8d934;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 22:09:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LkFZDZvOu1_bHtVqMvJZkGgQjeiwikM8POQGvK8AlRzizFvNA1ISQw==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:03:35 GMT
age: 11535
etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12294
Md5:    8b57e1aba0bce88ae13af9ccf60089bd
Sha1:   7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7
Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:45:43 GMT
age: 66607
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0584e039-a479-41c4-ad51-d842dbd32f7c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5198
x-amzn-requestid: f56b5dea-3209-4e32-985e-fbcb45c70e71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0xnWFKCIAMFe2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4fc95-159a1632285a681d7478353a;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 03:08:05 GMT
x-amz-cf-pop: SFO20-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jh8Cn-5251TNBafhSRsz0jUA8md-ZKQpjj_N1YYcUaVnJAYIdFAQ2A==
via: 1.1 21e2c668bb54ebb4456425e394c3356a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:34:54 GMT
age: 78056
etag: "76b2ac44ab4590c5345063d314975f483a61cb1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5198
Md5:    cd4e7dda9491e473d4b36a87915a82df
Sha1:   76b2ac44ab4590c5345063d314975f483a61cb1f
Sha256: f1e7681478f46029c90d707def4755f3d91a9f0b1d3509008bfca84d84a9634a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7249
x-amzn-requestid: 865b5a9b-a852-4a12-8722-a9924f7390f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UhikQFDeoAMFRMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bd4ae7-373db7491a65d6700061bc8b;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 07:04:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cG4rrc0FSLhmmqX7gfFNGDK4l_mL9KjUlyTg1MHHYHepJLjDyjg2Tw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:39:20 GMT
age: 66990
etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7249
Md5:    5c958b0c904620aff5f5f8a74f80d9f9
Sha1:   2f79d1e28bb827f7fa60b6675dba8022c28a1a3d
Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.jlhtie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jlhtie.com/index.php

                                         
                                         154.86.232.137
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:15:50 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 12 Jul 2022 01:15:50 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "23762B1C5FE813769B4F853EFC335F6BCB5167C98521D291A05BD2E2771789B9"
Last-Modified: Tue, 05 Jul 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Thu, 07 Jul 2022 07:15:26 GMT
Date: Thu, 07 Jul 2022 01:15:51 GMT
Connection: keep-alive

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         151.101.86.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Expires: Sun, 10 Jul 2022 23:41:28 GMT
ETag: "f2797eff71810856ed0ea47e5a9d2764b8282435"
Last-Modified: Wed, 06 Jul 2022 23:41:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1432
Accept-Ranges: bytes
Date: Thu, 07 Jul 2022 01:15:51 GMT
Age: 2446
Connection: keep-alive
X-Served-By: cache-qpg1279-QPG, cache-bma1671-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 10
X-Timer: S1657156551.296718,VS0,VE0


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    884fe45024d6bf9f9c6df2c695c7b76b
Sha1:   f2797eff71810856ed0ea47e5a9d2764b8282435
Sha256: 1f31435b7fda1b3aef7f1e8eed29c024b4b1d9628bec8ab431a23901a80b0795
                                        
                                            GET /pf2022.jpg HTTP/1.1 
Host: tgqd.tsmgsoce.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.217.11
HTTP/2 200 OK
                                        
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: image/jpeg
content-length: 23342
last-modified: Sat, 28 May 2022 08:46:59 GMT
etag: "6291e183-5b2e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 349
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggkh3PehpB0hK3MjLbqbzWagLQTxe5rSC4E0SHXq93%2BSpmYAPE4tfzWTK5nvx3bZLG2%2BQZ5fhk32uv1GWGUpzIrOkQ9WG2SSc%2BFseCk8uyOrCycFhRh%2BZx5McI%2FFnlbAOfP2JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 726cbb3f8dd3b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 576x576, components 3\012- data
Size:   23342
Md5:    7660372b7e830716e25deef41b32d08c
Sha1:   3346df51d6890cd8391c77a9ed597911c8a47323
Sha256: 642b78336be967e5264b8324d678d4ed106fb65c2a86d7764a3b35694787c01a
                                        
                                            GET /template/m1938pc/static/css/footer.css HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/css
content-length: 786
last-modified: Mon, 13 Sep 2021 12:37:30 GMT
etag: "613f460a-312"
expires: Thu, 07 Jul 2022 13:15:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   786
Md5:    035c39627f489e6f8371e06f956c23c2
Sha1:   14ac806f3909e4b3d2120ba39936867d292376f1
Sha256: 551bb1c2ffb8a2e628101cedb256030b199a6e1276b6d53cc62f7baf02ead8c7
                                        
                                            GET /template/m1938pc/static/css/default.css HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/css
content-length: 22
last-modified: Mon, 13 Sep 2021 12:37:30 GMT
etag: "613f460a-16"
expires: Thu, 07 Jul 2022 13:15:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    99bd951428de1a6dea7746c9db4face5
Sha1:   45a7071d97b407a28143bafb878477fbfbd5dd05
Sha256: 4d4e1af3c62dde233082e14491f7627f63e370721e38f8f411a26270e18f4c1b
                                        
                                            POST / HTTP/1.1 
Host: statuse.digitalcertvalidation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4242
Cache-Control: 'max-age=158059'
Date: Thu, 07 Jul 2022 01:15:52 GMT
Last-Modified: Thu, 07 Jul 2022 00:05:10 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /logotp/xf17.gif HTTP/1.1 
Host: aooacctp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.187
HTTP/2 200 OK
                                        
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: image/gif
content-length: 1639812
last-modified: Fri, 15 Apr 2022 17:52:25 GMT
etag: "6259b0d9-190584"
expires: Fri, 05 Aug 2022 17:23:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 28332
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpD0Iw0%2BwRi33YbY25vQzeGO%2FmD%2F1%2BjZWyqrN2GksaR5kexjzjMS2EaZAtHaTkXaKgGE5Kp7BkIJxX4nG0hHp2g%2B3vgm4Eqg%2B6ovyRk%2FROuNVvW7FyH5%2FCFl6TeCvdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 726cbb40fca774f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   1639812
Md5:    89f17a6c0e5ecfebd7d054e27f9829a9
Sha1:   f8b87ba147f755491aa9753f750867d8349ced11
Sha256: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
                                        
                                            GET /logotp/xfb09.gif HTTP/1.1 
Host: aooacctp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.187
HTTP/2 200 OK
                                        
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: image/gif
content-length: 443705
last-modified: Fri, 15 Apr 2022 17:52:24 GMT
etag: "6259b0d8-6c539"
expires: Fri, 05 Aug 2022 17:23:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 28332
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YOd%2BhpfSfO7d1EsRyLJP7FWeVROV%2BL4kPpRl5%2BvOzla6PYcYTyv68y70GVjPUC18XRweTnIJ6eK5yCS9tqwPBnqiltBmb58%2BrupULIJKANcpx2jhQTqm2Y6fEjZdEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 726cbb40fcad74f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   443705
Md5:    8bc908398e73478d0b28d85191689891
Sha1:   5e9022d7583285c988d0acb55b6db7c920f3c3d0
Sha256: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 18:07:39 GMT
Expires: Tue, 12 Jul 2022 18:07:39 GMT
ETag: CF89CC9EBD973306E73F7BFC7418BE52CE118C0B
Cache-Control: max-age=492106,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp11
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb42ebd6b509-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 18:07:39 GMT
Expires: Tue, 12 Jul 2022 18:07:39 GMT
ETag: CF89CC9EBD973306E73F7BFC7418BE52CE118C0B
Cache-Control: max-age=492106,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp7
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb42ebbeb4f4-OSL

                                        
                                            GET /template/m1938pc/static/css/main.css HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/css
last-modified: Mon, 13 Sep 2021 12:37:28 GMT
vary: Accept-Encoding
etag: W/"613f4608-85b"
expires: Thu, 07 Jul 2022 13:15:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1054
Md5:    a3709f3afda6ec6c4fc5a22dc024b339
Sha1:   469c28e0ab28b1efe6fef4d73169bd7a2b78b9a5
Sha256: 59c43199769fcf0b4b375799acad4f7261031b33927579e3b16cce2d28936263
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 18:07:39 GMT
Expires: Tue, 12 Jul 2022 18:07:39 GMT
ETag: CF89CC9EBD973306E73F7BFC7418BE52CE118C0B
Cache-Control: max-age=492106,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb42ebcf0af6-OSL

                                        
                                            GET /template/m1938pc/static/css/index.css HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/css
last-modified: Fri, 17 Sep 2021 00:57:20 GMT
vary: Accept-Encoding
etag: W/"6143e7f0-1839"
expires: Thu, 07 Jul 2022 13:15:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1908
Md5:    74156e36c90ab7dcaa9c11c2b6e16efe
Sha1:   2d96fb81a37cba50337a6420f362541b62e2af99
Sha256: a954b501cb215b26f8c23d2dc7a97b865893d129ac06aaec0fac1a01181bf7b1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 23:03:16 GMT
Expires: Mon, 11 Jul 2022 23:03:16 GMT
ETag: 2A5C7C710EF6B59DCFB60478898E216F67E691C0
Cache-Control: max-age=423443,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp2
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb439c1fb4f4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 17:27:29 GMT
Expires: Mon, 11 Jul 2022 17:27:29 GMT
ETag: E5ACEA95C1B8B66AA4B541DAAB31AC841BCBDF95
Cache-Control: max-age=403296,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp12
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb439a900b51-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 10:00:55 GMT
Expires: Tue, 12 Jul 2022 10:00:55 GMT
ETag: 58AB2E8BFA2C65B8F7B8F8977A91256510467352
Cache-Control: max-age=462902,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp7
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb439c0d0af6-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F8A05399FC8816A9D2DF93AF8C580858EF4DC351A91600BBB2A1E2F6E8A8947"
Last-Modified: Mon, 04 Jul 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 07 Jul 2022 07:15:52 GMT
Date: Thu, 07 Jul 2022 01:15:52 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/20220707-1/84d5373cd8a1abf40d99cb518dbac455.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 9062
Last-Modified: Wed, 06 Jul 2022 16:06:30 GMT
Connection: keep-alive
ETag: "62c5b306-2366"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9062
Md5:    970c598bbc806411a19f49d9d88e3364
Sha1:   8bb0b75b69e85341c34f5f805926faef56cf55ea
Sha256: 23f59f04eebcc20b553e830d55a29cc4411475eed391e240ae17fdc1eb62c220
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 03 Jul 2022 16:54:49 GMT
Expires: Sun, 10 Jul 2022 16:54:49 GMT
ETag: AC7E40D9C584079715590668B720393405FE7436
Cache-Control: max-age=314936,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp8
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb441ab20b51-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 06 Jul 2022 12:12:40 GMT
Expires: Wed, 13 Jul 2022 12:12:40 GMT
ETag: D04C424E589A7AA5DB77FF647CA283A4CFFD6EFC
Cache-Control: max-age=557207,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb4418beb527-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 03 Jul 2022 16:54:49 GMT
Expires: Sun, 10 Jul 2022 16:54:49 GMT
ETag: AC7E40D9C584079715590668B720393405FE7436
Cache-Control: max-age=314936,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb441c69b4f4-OSL

                                        
                                            GET /template/m1938pc/static/css/blue.css HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/template/m1938pc/static/css/default.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/css
last-modified: Mon, 13 Sep 2021 12:37:30 GMT
vary: Accept-Encoding
etag: W/"613f460a-bf0"
expires: Thu, 07 Jul 2022 13:15:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   121257
Md5:    6b1f4b03c31c4c7dd638e4a9efd7e084
Sha1:   c090ad164e6755909acd4868ebf54b441a743f4a
Sha256: d711d598544151bbf5bb9c1ac0067409163b56f2b970bd73691034760d0cf531
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         151.101.86.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Expires: Sun, 10 Jul 2022 23:24:14 GMT
ETag: "aee59623dcc280f3d2f858b0f279a769ec560508"
Last-Modified: Wed, 06 Jul 2022 23:24:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1459
Accept-Ranges: bytes
Date: Thu, 07 Jul 2022 01:15:52 GMT
Age: 3071
Connection: keep-alive
X-Served-By: cache-qpg1271-QPG, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1657156552.473830,VS0,VE1


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    696b18490aadd2d7c0e35f44c03909e0
Sha1:   aee59623dcc280f3d2f858b0f279a769ec560508
Sha256: 45bbb765d8f02aec49d97e956b792faa84647fb1adb6db38868e40ba81eae4aa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 18:11:17 GMT
Expires: Tue, 12 Jul 2022 18:11:17 GMT
ETag: 894E6228D9B89EA56FE0072E2D8E91E3EADDFF6C
Cache-Control: max-age=492324,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp16
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb449c9b0af6-OSL

                                        
                                            GET /upload/vod/20220707-1/4b769ee508d4f05011acc34e87e94a5a.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 46025
Last-Modified: Wed, 06 Jul 2022 16:10:32 GMT
Connection: keep-alive
ETag: "62c5b3f8-b3c9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.47.100", baseline, precision 8, 680x453, components 3\012- data
Size:   46025
Md5:    aa42b7127158ca3271d1dfdf1b6ee9c3
Sha1:   2cc18d5d1fc76a2d9edd8a45114ca79344283356
Sha256: fff130f51b909731d341477b213da5c391554cd5977af3628a3a0bc005218bcf
                                        
                                            GET /upload/vod/20220326-1/0c8344e8cf90096559f6dbef32cd3cf8.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 9364
Last-Modified: Sun, 05 Jun 2022 13:57:41 GMT
Connection: keep-alive
ETag: "629cb655-2494"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9364
Md5:    0bc658aa4bd5f4698ce10bd783b05b75
Sha1:   d0c726f8ac9106259946bc1e2b7f0345f24d1774
Sha256: 22cc0b6294e8d3e362eeb9a1a7a6f883999ad0739b5584b7b952c96450882e07
                                        
                                            GET /upload/vod/20220707-1/ec95a404d845676f46a186ff5a30355e.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 46120
Last-Modified: Wed, 06 Jul 2022 16:10:36 GMT
Connection: keep-alive
ETag: "62c5b3fc-b428"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size:   46120
Md5:    e4ead13b0397222618f120cad406fc8d
Sha1:   5f89c462558089cced0953310b1f4b8c02d1cdea
Sha256: 1b9fb98b4ba52416d024f3a9092185bf6fd711efb19f6ceaed53af644e17eeea
                                        
                                            GET /upload/vod/20220707-1/be3986e74cbc99c31b3164ec462c6bee.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 44967
Last-Modified: Wed, 06 Jul 2022 16:06:31 GMT
Connection: keep-alive
ETag: "62c5b307-afa7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size:   44967
Md5:    89a6793d9e537b491ed32cba8b4fc147
Sha1:   f146c9574ff898e586ee41cbd51fe58d301639a4
Sha256: 0e58611f45f0ee6539419e03ecc87a0befed1f6abf32000554a059e4dae37bd3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "19D8E255F027B6144F9DAB7035F5E5FAAAADEA6DB54C55B1F5DD8E576C348137"
Last-Modified: Wed, 06 Jul 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Thu, 07 Jul 2022 07:15:04 GMT
Date: Thu, 07 Jul 2022 01:15:52 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/20220707-1/c54e55b7a59179def32fd50428227e83.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 54779
Last-Modified: Wed, 06 Jul 2022 16:06:42 GMT
Connection: keep-alive
ETag: "62c5b312-d5fb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size:   54779
Md5:    1de2888da43412410830c9b3f49309ad
Sha1:   658c0b70f9ed88e2bee17e35ef1f0d5f8f65fbad
Sha256: 844dd3021d2ac4f88e7252860842ae15426edce70d172932f708fd5a5047cb29
                                        
                                            GET /upload/vod/20220707-1/69b1d1854c245d67ec0f1915b0b786ed.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 60266
Last-Modified: Wed, 06 Jul 2022 16:10:37 GMT
Connection: keep-alive
ETag: "62c5b3fd-eb6a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size:   60266
Md5:    d24ddd46c064430ef1763e923cc3f193
Sha1:   b5e2943fabb3afb9712e721079d0daa88f5606b0
Sha256: 9e84a822ad75692e206237ce90e56ffc9820caff6476ad87fa520aad7874f747
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 06 Jul 2022 13:17:31 GMT
Expires: Wed, 13 Jul 2022 13:17:31 GMT
ETag: 379252893E14AD83C1C1E5A3FBE55F4E407E95BE
Cache-Control: max-age=561098,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp5
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726cbb457b430b51-OSL

                                        
                                            GET /hm.js?94bb709b51d68511a9583c0d0ed3b04f HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jlhtie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11337
Date: Thu, 07 Jul 2022 01:15:51 GMT
Etag: 670d941892d96299c0aaefbeea121922
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A20D29F57E476511; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11337
Md5:    9b5e3d53a3d737e2ef04de6fcee6fbe0
Sha1:   b99740cf45fb1c90e902a77571eed80b7fbf41d2
Sha256: 8101c23bde8cf3976eb94dfe15e452140c9125a3c61107465c98b91a4e433124
                                        
                                            GET /bjh/6217e697e5bcdcf05bce5b844cda6ddc.gif HTTP/1.1 
Host: pic.rmb.bdstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.10.104.115
HTTP/2 200 OK
                                        
server: JSP3/2.0.14
date: Thu, 07 Jul 2022 01:15:52 GMT
content-type: image/gif
content-length: 1031440
expires: Wed, 15 Jun 2022 14:29:52 GMT
last-modified: Mon, 21 Feb 2022 15:50:19 GMT
etag: "6217e697e5bcdcf05bce5b844cda6ddc"
age: 856003
accept-ranges: bytes
content-md5: Yhfml+W83PBbzluETNpt3A==
x-bce-content-crc32: 3262800787
x-bce-debug-id: XC5yZChdhhchAbUAj5hgejRi/IlMbYjjPS90JFdWyWF57r3NzeDJxytNT5BKHDjg0xztQPDLfzhRrA19mT5cTw==
x-bce-request-id: ac8a8cb4-467e-4c11-a210-5fbc303f905e
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache142 [1], czix190 [1]
ohc-file-size: 1031440
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   1031440
Md5:    6217e697e5bcdcf05bce5b844cda6ddc
Sha1:   3aab263cdc8a2cee991e34701689b7b497f92e75
Sha256: d0f2fe7b11ea4b5daae1619e4c8307b7df14866c79f6ded60ba0401bf8350d46
                                        
                                            GET /upload/vod/20220326-1/f4605a9e81aac21a081088ed03882eec.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 9062
Last-Modified: Sun, 05 Jun 2022 13:56:32 GMT
Connection: keep-alive
ETag: "629cb610-2366"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9062
Md5:    739f9fb0bcfd48eacb06744cab1018c0
Sha1:   7b1f173c2eae7c657c05c6108c865e1286590aea
Sha256: 6951db2aaef9ee94b824a8fee431310704d3d4a2fce66e8cb3080ec6b6b4ace4
                                        
                                            GET /upload/vod/20220326-1/a01cce768235825a629771d2432e1b44.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 8577
Last-Modified: Sun, 05 Jun 2022 13:57:48 GMT
Connection: keep-alive
ETag: "629cb65c-2181"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8577
Md5:    716208131e9a6128a192723287b81bfc
Sha1:   2d72ff9bd59c8d24f05dc91061423c69432f2311
Sha256: 89bf3cb05e101625ca22ac17091a715bef288c5b3563aafdf8016cb799e992c2
                                        
                                            GET /upload/vod/20220326-1/e42c577b92cc26d4e8c068be3795b435.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 8715
Last-Modified: Sun, 05 Jun 2022 13:57:32 GMT
Connection: keep-alive
ETag: "629cb64c-220b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8715
Md5:    10e17092d7186c6d3c89f8a2a4fcc912
Sha1:   4f53a3a54bec70c2b73adcd0d372e6ee28fbe7cc
Sha256: a832336ae9a287a4aa16cb56ac1f731e315850a050c1f0e5e3f7b1a056164564
                                        
                                            GET /upload/vod/20220326-1/c9db6729391c3ed323f96ff8ecaf7350.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 12240
Last-Modified: Sun, 05 Jun 2022 13:57:35 GMT
Connection: keep-alive
ETag: "629cb64f-2fd0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12240
Md5:    578fcb8b8351902fb5c82d8995918b13
Sha1:   9591c50421f84b3ec17a2cd8f805642f5dd906bb
Sha256: bc85abe3f1bb013da20d6095a891e424b6572e71104a5932fe732d3257fe4119
                                        
                                            GET /e08b102b9f414214aad1412d5dc68a70.gif HTTP/1.1 
Host: xox9325.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62a3067d-7550"
Date: Sun, 03 Jul 2022 18:41:19 GMT
Server: nginx
Last-Modified: Fri, 10 Jun 2022 08:53:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 30032


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   30032
Md5:    f4bf3ec7740819830edfa6989a3bc2b4
Sha1:   09edff14f86a547fb11cc5b98f1fdf9d372491cf
Sha256: 9114fd963565fca7fb64d8515d838ba2b9623f237d8a2915fc914bdeb3ffc67f
                                        
                                            GET /template/m1938pc/static/css/img_list.css HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/css
last-modified: Mon, 13 Sep 2021 12:37:30 GMT
vary: Accept-Encoding
etag: W/"613f460a-9dd"
expires: Thu, 07 Jul 2022 13:15:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1183
Md5:    1931c42f7bf953e6e8e5f29f79d90580
Sha1:   3404379ae160fdc667c525ae1de08f2d0df16f95
Sha256: afcbb6d6f961e9e672a8a5baeb837e28bfb62f98891216d33e7f10510fb0700a
                                        
                                            GET /upload/vod/20220326-1/af77fa8a21bef435298bd5ba4be5a3cf.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 7830
Last-Modified: Sun, 05 Jun 2022 13:56:32 GMT
Connection: keep-alive
ETag: "629cb610-1e96"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7830
Md5:    72faeac4d87fe048997da9ac1a0051af
Sha1:   b4a5ba5b4526576d16a42ef38dd9e168c5807a0b
Sha256: 203a9bb1a8542cbd6288d511944fa4a3b31e6f94d8077205f34976a3da3dc57f
                                        
                                            GET /upload/vod/20220326-1/6585e357487dc9701c79def76b0d0bff.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 78086
Last-Modified: Sun, 05 Jun 2022 13:56:02 GMT
Connection: keep-alive
ETag: "629cb5f2-13106"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x539, components 3\012- data
Size:   78086
Md5:    8fd44c93c5265736ce63fdb4a49ad25d
Sha1:   bed425e657d06d143d1a8e455f940263e883553f
Sha256: 4fd2c6fe6e40f3f8a2c327053ac1e90019488298db6a2e810d9cd54a604989a4
                                        
                                            GET /upload/vod/20220326-1/d90ad1e53305e854d2ad795818131997.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 12608
Last-Modified: Sun, 05 Jun 2022 13:57:43 GMT
Connection: keep-alive
ETag: "629cb657-3140"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12608
Md5:    efe093f91dc08312e39632aa9d3000e6
Sha1:   889faa2fc10ac76ac71ee705ab2530bb065e7582
Sha256: d4c11c564c7b423b2c1ec9946ab120f024b8afd31169ac504afa8f769d731302
                                        
                                            GET /upload/vod/20220326-1/0669ddd590119508a61fb3bca622465f.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 11072
Last-Modified: Sun, 05 Jun 2022 13:56:06 GMT
Connection: keep-alive
ETag: "629cb5f6-2b40"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11072
Md5:    3b287f7243a2a8a7573f66d4c7a89378
Sha1:   bb4cf4e0c02ae1df83b085c7b99c048823c1ce99
Sha256: 1198d58a468593b9e82dbb5553620813196ce239a1afaf5020fd58c6d9fa0dcf
                                        
                                            GET /upload/vod/20220326-1/b0535aa638bd51deda4fa279c3c9cdde.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 7715
Last-Modified: Sun, 05 Jun 2022 13:55:22 GMT
Connection: keep-alive
ETag: "629cb5ca-1e23"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7715
Md5:    38490a918375f97215c4d3a705ecf6c7
Sha1:   ab5bd4514ca9dedcbc63c9a396f99ae2a8181349
Sha256: 1e8f2ce55da33604269b1ec05e9e4f6abad5cc2ec7a22d9628661b59ecbfc65d
                                        
                                            GET /hm.js?4802bbda1494e9a039ed8837a43ab75d HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Thu, 07 Jul 2022 01:15:52 GMT
Etag: 5578bcfdc0be5fb4a9ff558d30b62a43
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=93AABD766AE2F6F9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11338
Md5:    0757616d7c6581b9d175ae96686c73dd
Sha1:   2ba835a1cb5a6be49723e06066bca62a0ab0f424
Sha256: 5b87a671fcf47674e2dc186f3e8257ded96fb608322b19885074b44d3ddd5f9a
                                        
                                            GET /960x240.gif HTTP/1.1 
Host: 6745jj.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.233.158.17
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 178672
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 06:42:35 GMT
ETag: "6274c35b-2b9f0"
Expires: Tue, 19 Jul 2022 15:49:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   178672
Md5:    efee8a79540ee00db69bebdc99794192
Sha1:   d0065a17839693634546f59f1adcf59f8b4da39f
Sha256: 3a56867d2650ebcbaed66b0255e1752f0236284585167348be04fbd52aea4037
                                        
                                            GET /upload/vod/20220326-1/490f2c00542c8ef9bfb47691494012d1.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 198724
Last-Modified: Sun, 05 Jun 2022 14:00:13 GMT
Connection: keep-alive
ETag: "629cb6ed-30844"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size:   198724
Md5:    9b25643d7a84f87e17df0bb2ed03e8a3
Sha1:   ba72203ef0716cda42d7d09dc7130e45b190fb2c
Sha256: 13af7d6e2f71ea003326bc2a61fc8f12ab635d047a3c2e30bf27e98c00ce58c5
                                        
                                            GET /fa80d1bb60f94250aa5f97867f14112c.gif HTTP/1.1 
Host: tmrhoe2.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.79
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62a3058a-251dc"
Date: Sun, 03 Jul 2022 18:43:55 GMT
Server: nginx
Last-Modified: Fri, 10 Jun 2022 08:49:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-09
Content-Length: 152028


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   152028
Md5:    a287db1ba6f90c8d875f11d2b59a9f28
Sha1:   3550fa5a58039c1210393e5a192c830c9b2c2134
Sha256: 4b03e19f3b7691989a32e8b7c99e82806be6eedd4f67927c2deaddddfc0e8efc
                                        
                                            GET /943a153059c5487bb21fded0d9b14081.gif HTTP/1.1 
Host: gezkdx7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62931339-542af"
Date: Sat, 25 Jun 2022 05:02:32 GMT
Server: nginx
Last-Modified: Sun, 29 May 2022 06:31:21 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 344751


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 180\012- data
Size:   344751
Md5:    737c4ed211b8aeaa644400a85d02023b
Sha1:   f1cf42cd5d70d2bae0d5a890fc2aac5fc76b4420
Sha256: 627ba9f86b478606d3fc36097593d9513d273651c5fbf77723b91cc270947f4e
                                        
                                            GET /upload/vod/20220707-1/94ea35e317fde56018de4623a3d95202.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 81876
Last-Modified: Wed, 06 Jul 2022 16:21:37 GMT
Connection: keep-alive
ETag: "62c5b691-13fd4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.47.100", baseline, precision 8, 680x453, components 3\012- data
Size:   81876
Md5:    fa45d640746634ca95c41d018f0fc2a0
Sha1:   8de92dc9b8ce23e48febcf5743840cf96140ecb2
Sha256: 7587506700fce6349cc16ea2f4dcbfd9af049e2147a2260bdcc91098ec0bf131
                                        
                                            GET / HTTP/1.1 
Host: www.hlgav.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jlhtie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         154.13.7.23
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   344696
Md5:    40d4adfab859e1b024121e9ecf319547
Sha1:   9d25740f9fb8054d2645cf983ffbb9719c483c9a
Sha256: 6ce38efa092d997a7f66702c588c03abf20d501981de788ecdc68a8044bbb044
                                        
                                            GET /0dfea9db7d8a48e6b64bfb0dbb33dcbc.gif HTTP/1.1 
Host: nrxduw5.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62b453ae-3d1b0"
Date: Fri, 01 Jul 2022 00:17:41 GMT
Server: nginx
Last-Modified: Thu, 23 Jun 2022 11:51:10 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 250288


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   250288
Md5:    40ef6f52c34c2ede61af0dc918dc27c0
Sha1:   52aaebd6e45785192121c13f46be4a7850163a95
Sha256: d51cd6bbac18961b249ece789683a74990bea115ce8b9982f9dcbd29ddff5539

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /upload/vod/20220707-1/b7910c616274ad81ad7e206dbfffa491.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 64594
Last-Modified: Wed, 06 Jul 2022 16:06:26 GMT
Connection: keep-alive
ETag: "62c5b302-fc52"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.52.102", baseline, precision 8, 680x453, components 3\012- data
Size:   64594
Md5:    c80ab2a385a0924065e5fd2c9ba247d2
Sha1:   5e8d03085a1d0c4d74619b5b5d97d257bdffc92a
Sha256: 46c47f7b23b32a09023c6f843ef3582444062d4a6adf9eb6cfa5435803fc7e97
                                        
                                            GET /afa928fdc69e446e80d8dc784dbf71c7.gif HTTP/1.1 
Host: dfwskw7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62931325-748c"
Date: Tue, 21 Jun 2022 15:35:25 GMT
Server: nginx
Last-Modified: Sun, 29 May 2022 06:31:01 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 29836


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 180\012- data
Size:   29836
Md5:    c75065e9b2cdd6327ec4bcd5564139dd
Sha1:   942a4075f3561f09179d6a332eebfdca981601b0
Sha256: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1801590018&si=94bb709b51d68511a9583c0d0ed3b04f&v=1.2.95&lv=1&sn=38542&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jlhtie.com%2Findex.php&tt=%E5%B9%BF%E8%A5%BF%E9%85%9D%E9%9D%A5%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jlhtie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 07 Jul 2022 01:15:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E94057D45165CFC6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /upload/vod/20220326-1/fdddbb1f20a62d9e1dba0a3309d79765.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 192810
Last-Modified: Sun, 05 Jun 2022 13:57:36 GMT
Connection: keep-alive
ETag: "629cb650-2f12a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data
Size:   192810
Md5:    05cbf3af180f781fd300961229aff67f
Sha1:   6a7c5fde1418b100ca4be06f330417e7461b4eac
Sha256: 8ba80e1f03f4d5e2b72eca098c0f3374cc2b2ae81c4763b8f302337379870cc5
                                        
                                            GET /upload/vod/20220707-1/0f2ef0a4839b5efc2696a5bec09f44f8.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:53 GMT
Content-Length: 10131
Last-Modified: Wed, 06 Jul 2022 16:07:25 GMT
Connection: keep-alive
ETag: "62c5b33d-2793"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size:   10131
Md5:    5122d9235ba71eee58412ccbb98c467e
Sha1:   7ddca5baecdd1db91cd65f9cc0a7810df911141d
Sha256: 3639a21c32926c03a0048ee71eb0c4ed751e1d097a8cf9e305734f4663d68730
                                        
                                            GET /upload/vod/20220707-1/866755c2f9fb1e7d71a54e47a1367141.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 73456
Last-Modified: Wed, 06 Jul 2022 16:06:31 GMT
Connection: keep-alive
ETag: "62c5b307-11ef0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=PhotoScape], baseline, precision 8, 680x453, components 3\012- data
Size:   73456
Md5:    f5cb16c6dc75265cd31c66cf76970b7d
Sha1:   38863e8a0167215ad1f81a37931a71fca8533c71
Sha256: 7e363437b0cf1129709813892a3f4d3eb9b0793f94913357eb2311527d2d1fdf
                                        
                                            GET /upload/vod/20220326-1/99e19f487bc38795a0be44f23338a9ab.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:53 GMT
Content-Length: 10017
Last-Modified: Sun, 05 Jun 2022 13:57:28 GMT
Connection: keep-alive
ETag: "629cb648-2721"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10017
Md5:    52fd40b20fdb98728190ad5370303a5a
Sha1:   596a7761fe6b3530496aa352413ca7c9570881f0
Sha256: da48d7ef495f8ea640246f77cdb7dd198e4374f353a4c392e69e12169639d198
                                        
                                            GET /cf3bbe33b0d048e689c091298f0b8e86.gif HTTP/1.1 
Host: rgjeow3.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62b2a31e-a5cf2"
Date: Wed, 22 Jun 2022 05:47:47 GMT
Server: nginx
Last-Modified: Wed, 22 Jun 2022 05:05:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 679154


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   679154
Md5:    31a2c8b304c60ba0149121ba24738944
Sha1:   b7e41db8a64cd0e82db9423dc5feeaeae6be5d3e
Sha256: a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa
                                        
                                            GET /upload/vod/20220326-1/b74ea7f7e86ae87ccbc89b88ecc7ff3e.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:53 GMT
Content-Length: 6847
Last-Modified: Sun, 05 Jun 2022 13:57:31 GMT
Connection: keep-alive
ETag: "629cb64b-1abf"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6847
Md5:    3c60d787529ad2d86700c467e194659c
Sha1:   b6306721d9639f86fb38ac8e0a9d542fab6d44ac
Sha256: ae2427d2fe32779be1141b608a006fc0911485bbb31e8a7395b7f1c054ccef23
                                        
                                            GET /upload/vod/20220326-1/c16b8dc36bc4076839534396304268a3.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:53 GMT
Content-Length: 8887
Last-Modified: Sun, 05 Jun 2022 13:56:35 GMT
Connection: keep-alive
ETag: "629cb613-22b7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8887
Md5:    3988cd238ff4af4252139e25def302a0
Sha1:   68c1c082ba504b07d5a78924a5ec861b49b1cc7c
Sha256: 1805600c93cdc56a9db529f1a3027dcd328ea71a634638132fb998def385b921
                                        
                                            GET /upload/vod/20220326-1/3c0e06c4b971e84dac1cf6146b0adb97.jpg HTTP/1.1 
Host: img.sewozyimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.148.224.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Thu, 07 Jul 2022 01:15:53 GMT
Content-Length: 8163
Last-Modified: Sun, 05 Jun 2022 13:57:15 GMT
Connection: keep-alive
ETag: "629cb63b-1fe3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8163
Md5:    a2cd14d8fed35ba2f03e36a93b948345
Sha1:   2ac69724ddea4a360bd15f433c742f03a28c8a5b
Sha256: e850793403ff83a08d9d511fc53bd070c7930971b033b6d6467d62c065c43ffc
                                        
                                            GET /072e6345510b44bab99363c75c1af98a.gif HTTP/1.1 
Host: nrxduw5.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "628a083b-f9b45"
Date: Tue, 21 Jun 2022 13:54:19 GMT
Server: nginx
Last-Modified: Sun, 22 May 2022 09:54:03 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 1022789


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 120\012- data
Size:   1022789
Md5:    a0a14d1a48173b20f7d520959d73fc5d
Sha1:   e4d4bf332ce4cd141c81360cc58c0ca2a5ff2520
Sha256: 3232dce57b56b38bc2771e35b5a66d4709caee334a218200d6c642e6ad9f2cd0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=1008&et=0&ja=0&ln=en-us&lo=0&rnd=1114392539&si=4802bbda1494e9a039ed8837a43ab75d&su=http%3A%2F%2Fwww.jlhtie.com%2F&v=1.2.95&lv=1&sn=38543&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fwww.hlgav.xyz%2F HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 07 Jul 2022 01:15:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0C6A81EFC4148E5A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /logo/20.gif HTTP/1.1 
Host: tt-gif.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         100.42.229.47
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:15:52 GMT
content-type: image/gif
content-length: 397251
last-modified: Mon, 18 Apr 2022 09:36:21 GMT
etag: "625d3115-60fc3"
expires: Sat, 06 Aug 2022 01:15:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 272 x 272\012- data
Size:   397251
Md5:    66ece7346a37c9793896b4dcffc0aa33
Sha1:   1ede3c927fc4c1a960463595289914f0a681ebe7
Sha256: bf6660578b978113e0c2a1a5ad09dd8d355ab591a16670be0dfb1a2a3eabea30
                                        
                                            GET /hm.js?f7d00a66e3f0fa1084921b25394e56de HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Thu, 07 Jul 2022 01:15:52 GMT
Etag: 9cb294a0cd0853c697a8de99c0bef3dd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5D4D29DA76424512; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (628)
Size:   11339
Md5:    2b4ee4fb9da4fa863d9b04a80702a6f4
Sha1:   f1ce26535e4e165e6acd7b6acf93ecb1966cbb30
Sha256: 458b978462e026a1ef305a88ad12a9dce4ea24f96d4efc6e6dad717d3c36826b
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=1008&et=0&ja=0&ln=en-us&lo=0&rnd=852880843&si=f7d00a66e3f0fa1084921b25394e56de&su=http%3A%2F%2Fwww.jlhtie.com%2F&v=1.2.95&lv=1&sn=38543&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fwww.hlgav.xyz%2F HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 07 Jul 2022 01:15:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=34C1DF104CB64EBF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /gg/400x400.gif HTTP/1.1 
Host: 701.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hlgav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.85
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 07 Jul 2022 01:15:52 GMT
Content-Length: 438238
Connection: keep-alive
x-oss-request-id: 62C633C8D0409B383993318E
Accept-Ranges: bytes
ETag: "22474E62DC325D4450330029E27249CB"
Last-Modified: Tue, 21 Jun 2022 08:13:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13533707309778421520
x-oss-storage-class: Standard
Content-MD5: IkdOYtwyXURQMwAp4nJJyw==
x-oss-server-time: 3


--- Additional Info ---
Magic:  GIF image data, version 89a, 400 x 400\012- data
Size:   438238
Md5:    22474e62dc325d4450330029e27249cb
Sha1:   c92aa67c36fe0bf046b370e9f40479deebc3d583
Sha256: cffedfbaa4a4a20c82c97af2c9aea7af2380763015f2a6c626764f1cff44b641
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91e1318-19c1-478d-9499-3baab13b925b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6764
x-amzn-requestid: 066475d9-bed3-4626-9a4d-a9e713866195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UCmEwgIAMFSDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60076-694099bd5429b3a91e282d27;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8Ie_zy0LfZGwhWeD3rj2aXI9WVNbOzQr4ixU7QvFid2bFdI2aXdYyw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:03:40 GMT
age: 11537
etag: "245427c92c74e85f199f9fd9563c91cb62cba979"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6764
Md5:    92e0cfdf03ce76aa5a899b42fc763e83
Sha1:   245427c92c74e85f199f9fd9563c91cb62cba979
Sha256: 2216f105d3350eabd7422e964bbbd9758009675ace79437c368097a27bf1f1fb