www.roseridgeperformancehorses.com/
146.148.181.222200 OK 781 B URL HTTP/1.1 www.roseridgeperformancehorses.com/
IP 146.148.181.222:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f923c25ff09cc1ff9e199936d45e37bb
915c1eb5e6b15de495e57b18ad334d7468812670
d82588b79ad28a893a6ad694e987d39774ab70c9c468634fb9c35c7bca3ea866
GET / HTTP/1.1
Host: www.roseridgeperformancehorses.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 15:00:24 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5524
Expires: Sat, 03 Dec 2022 16:32:29 GMT
Date: Sat, 03 Dec 2022 15:00:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 509
Cache-Control: max-age=157156
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:25 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:39:41 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20105
Expires: Sat, 03 Dec 2022 20:35:30 GMT
Date: Sat, 03 Dec 2022 15:00:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 14:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2425
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HI53d0eD+J9Yn7qtsslsxrewMqVHeJ6maw0dN83r9LepWTVl+x0xHMQmHevlLENC11OxdSOV9EA=
x-amz-request-id: 1YB2FV16WZG9SXTE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 14:46:36 GMT
age: 829
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.roseridgeperformancehorses.com/tj.js
146.148.181.222200 OK 520 B URL HTTP/1.1 www.roseridgeperformancehorses.com/tj.js
IP 146.148.181.222:0
ASN #26658 HENGTONG-IDC-LLC
File type ASCII text, with CRLF line terminators
Hash 8bae37b023ee543732ecb8d8e7295818
ad9ac3836761acbc9bf19f03d268bf48514e3089
32350d991557b211c95c6b8cfff4564e26047f6c8f49cab69e01d4fc47d90535
GET /tj.js HTTP/1.1
Host: www.roseridgeperformancehorses.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 15:00:24 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.roseridgeperformancehorses.com/common.js
146.148.181.222200 OK 1.1 kB URL HTTP/1.1 www.roseridgeperformancehorses.com/common.js
IP 146.148.181.222:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 3b08372f4773c8e7854234aaef938077
b65315c1d4fc673034b770705bf00746f6028d72
da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
GET /common.js HTTP/1.1
Host: www.roseridgeperformancehorses.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 15:00:24 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 3087
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:26 GMT
Last-Modified: Sat, 03 Dec 2022 14:52:07 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.roseridgeperformancehorses.com/favicon.ico
146.148.181.222200 OK 1.2 kB URL HTTP/1.1 www.roseridgeperformancehorses.com/favicon.ico
IP 146.148.181.222:0
ASN #26658 HENGTONG-IDC-LLC
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.roseridgeperformancehorses.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 15:00:25 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 08 Dec 2022 15:00:25 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.roseridgeperformancehorses.com/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.roseridgeperformancehorses.com/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.roseridgeperformancehorses.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 03 Dec 2022 15:00:26 GMT
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 03 Dec 2022 15:00:26 GMT
Etag: "4078521116"
Expires: Sun, 03 Dec 2023 15:00:26 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F883724B0958E3A49466EBA605AF170E:FG=1; max-age=31536000; expires=Sun, 03-Dec-23 15:00:26 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oXlqOnax2HfUa/lxZrXeaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i7/VQmz5f8JUJ2Kvi0+kRgeBrxQ=
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 4a55c7959eb992dad12817248182ea04
b9947d88d72e0f62bdd917cde37b9ee5d1233fd6
49c382119eb83c155c7d46c54b424a4fdcd7add10605c1f85d76f98e01866772
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4bf0ab80-cb4f-4b1c-9f77-fad7e1ea9cab
Content-Length: 1700
Date: Sat, 03 Dec 2022 15:00:26 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.roseridgeperformancehorses.com/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.roseridgeperformancehorses.com/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.roseridgeperformancehorses.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 03 Dec 2022 15:00:26 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5591
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:00:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5591
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:00:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 40027
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 50583
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 61761
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 61162
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 14363
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 35899
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/data.php
20.187.123.222200 OK 1.6 kB URL HTTP/2 mang.tiryakioyun.com/news/data.php
IP 20.187.123.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 194baed3bd9a11abb0084513e621fc33
5e085847923794a97f35375292639bc2b0c1b680
4ae11ce45be3e589c167a46e792fd1b4ef4a26e1ad18a085e34dabd7f8679605
GET /news/data.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 03 Dec 2022 15:00:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76d11c4f5d3e5858d87820fbc1084894
3e9ca6b5e8d754d4b1645cda3026adca9dfc8958
c26d06b02ae13f8294241d4c84550d6cfaf237cec8b382cc7c7ed965c7acfafe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C26D06B02AE13F8294241D4C84550D6CFAF237CEC8B382CC7C7ED965C7ACFAFE"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15731
Expires: Sat, 03 Dec 2022 19:22:39 GMT
Date: Sat, 03 Dec 2022 15:00:28 GMT
Connection: keep-alive
hm.baidu.com/hm.js?b59e89f80ea32d55479e14559e725f40
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b59e89f80ea32d55479e14559e725f40
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 12cfd81b6436a3310e42265a2b2cbcb8
d12db472abe47e5e43d06156f55e17329fdd7b2e
1be932ecae74db73cfb241a717f7bd2bec1435018812214d85083af11485a05b
GET /hm.js?b59e89f80ea32d55479e14559e725f40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 15:00:28 GMT
Etag: 3becbc15227c8952f1660fa398c7fa6e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AF7671469EAF2B45; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 4ec2aae47e8cf3da9a1e3c2ce68a84e3
0a8262f836c9d4d6c129b065a7845662bce67af4
f883d743ecef713ab668e067a1ab5930b75417ad611e3d94c3b3135a589b5398
GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 15:00:28 GMT
Etag: 443f6fcfd48596938cd7f75a09928a62
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C180ED415B62FBE3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db7f0e85bf41e7eea172de6e14acf198
629f6720f0b16d66b609c90bc9d8d7ce05c61bf2
5e90a8865025a6407c3689a3a1ad98d9bcc9fdd9ec66a4e8fa7955b8929ef897
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1112
Cache-Control: max-age=130381
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:29 GMT
Etag: "638aba82-116"
Expires: Mon, 05 Dec 2022 03:13:30 GMT
Last-Modified: Sat, 03 Dec 2022 02:54:58 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db7f0e85bf41e7eea172de6e14acf198
629f6720f0b16d66b609c90bc9d8d7ce05c61bf2
5e90a8865025a6407c3689a3a1ad98d9bcc9fdd9ec66a4e8fa7955b8929ef897
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1112
Cache-Control: max-age=130381
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:29 GMT
Etag: "638aba82-116"
Expires: Mon, 05 Dec 2022 03:13:30 GMT
Last-Modified: Sat, 03 Dec 2022 02:54:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db7f0e85bf41e7eea172de6e14acf198
629f6720f0b16d66b609c90bc9d8d7ce05c61bf2
5e90a8865025a6407c3689a3a1ad98d9bcc9fdd9ec66a4e8fa7955b8929ef897
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1112
Cache-Control: max-age=130381
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:29 GMT
Etag: "638aba82-116"
Expires: Mon, 05 Dec 2022 03:13:30 GMT
Last-Modified: Sat, 03 Dec 2022 02:54:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db7f0e85bf41e7eea172de6e14acf198
629f6720f0b16d66b609c90bc9d8d7ce05c61bf2
5e90a8865025a6407c3689a3a1ad98d9bcc9fdd9ec66a4e8fa7955b8929ef897
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1112
Cache-Control: max-age=130381
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:29 GMT
Etag: "638aba82-116"
Expires: Mon, 05 Dec 2022 03:13:30 GMT
Last-Modified: Sat, 03 Dec 2022 02:54:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db7f0e85bf41e7eea172de6e14acf198
629f6720f0b16d66b609c90bc9d8d7ce05c61bf2
5e90a8865025a6407c3689a3a1ad98d9bcc9fdd9ec66a4e8fa7955b8929ef897
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1112
Cache-Control: max-age=130381
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:29 GMT
Etag: "638aba82-116"
Expires: Mon, 05 Dec 2022 03:13:30 GMT
Last-Modified: Sat, 03 Dec 2022 02:54:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
z4a.net/images/2022/10/17/960x60.gif
104.21.234.235200 OK 176 kB URL HTTP/2 z4a.net/images/2022/10/17/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 176 kB (176400 bytes)
Hash 790f7ce169b014489226f2bc54fcebdb
8c728b76de39bd04e942af210a6742a2727eedd5
111153d903587269530c51cc32126f82d51a9461b42be47237db3f289f6483c6
GET /images/2022/10/17/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: image/gif
content-length: 176400
expires: Tue, 17 Oct 2023 07:23:23 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 4088226
last-modified: Mon, 17 Oct 2022 07:23:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PqKsDuozp2hw3QBICqZh7B7VGqEPtJXzlpKYAF6h4sJ9%2Bi%2B6ACsXfAYz%2FCkWLd4NKqqhpcjKYrSk5clWSIS89GcQIS7xLdVrYtl0uIJcFV%2BlmWd6xB4JUsd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773d2c127edf7333-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/10/17/960-60-0.gif
104.21.234.235200 OK 198 kB URL HTTP/2 z4a.net/images/2022/10/17/960-60-0.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 198 kB (198523 bytes)
Hash 785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4
GET /images/2022/10/17/960-60-0.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: image/gif
content-length: 198523
expires: Tue, 17 Oct 2023 07:38:56 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 4087293
last-modified: Mon, 17 Oct 2022 07:38:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecMyFEp4vgB4KnK1Qyzrct%2B4mgmRDFEBvQuhjynZmmAIlX8tMpLr4vQKGcU8gJzFmBgjVCZSIDPXUCfH2yDMTZZyAX4vgf3yQp3Tk0C4GIACLKxKv09x2SQ7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773d2c127ed97333-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=224046568&si=b59e89f80ea32d55479e14559e725f40&v=1.3.0&lv=1&sn=51222&r=0&ww=1280&u=http%3A%2F%2Fwww.roseridgeperformancehorses.com%2F&tt=%E7%9B%8A%E9%98%B3%E5%B0%98%E7%8F%8A%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=224046568&si=b59e89f80ea32d55479e14559e725f40&v=1.3.0&lv=1&sn=51222&r=0&ww=1280&u=http%3A%2F%2Fwww.roseridgeperformancehorses.com%2F&tt=%E7%9B%8A%E9%98%B3%E5%B0%98%E7%8F%8A%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=224046568&si=b59e89f80ea32d55479e14559e725f40&v=1.3.0&lv=1&sn=51222&r=0&ww=1280&u=http%3A%2F%2Fwww.roseridgeperformancehorses.com%2F&tt=%E7%9B%8A%E9%98%B3%E5%B0%98%E7%8F%8A%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 15:00:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=95CE0581DBD72E95; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
z4a.net/images/2022/10/17/960-60.gif
104.21.234.235200 OK 227 kB URL HTTP/2 z4a.net/images/2022/10/17/960-60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 227 kB (226581 bytes)
Hash 68199d1d30e08ef7fba5ecc5af4d9548
3978b7653bca5c630c7b8d7aa06366d56eeaa7a1
7bbd0bd6239be8c6c5762c11822e2d4ca30cbabaae992af2e94cad2338c7de65
GET /images/2022/10/17/960-60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: image/gif
content-length: 226581
expires: Thu, 02 Nov 2023 21:48:47 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2653901
last-modified: Wed, 02 Nov 2022 21:48:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbFcuYgOIbrthgrhxJYAqsydW95WhN4EhvvSHykO7uHmdqQPqxsaRNfnsFUfYnptjYph%2F6b%2BcI5yFYXdYpExwL1LU%2F1UypMe3%2Fi3A5X%2BHMMx9KBx1f6Hku4z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773d2c127edd7333-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/10/16/960x60.gif
104.21.234.235200 OK 451 kB URL HTTP/2 z4a.net/images/2022/10/16/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 451 kB (451409 bytes)
Hash 0b79d0bdb91d08fe6e58da26af40a3d2
75f37e1aa43e309adbf1e6050c994e6216be694e
6acbe8704cafa212528bf8299e534e5b4906be6653ae25627bb8cd7ad356b9ae
GET /images/2022/10/16/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: image/gif
content-length: 451409
expires: Wed, 15 Nov 2023 22:49:37 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1527052
last-modified: Tue, 15 Nov 2022 22:49:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIc1xwPZjNlvTtpsmQzdUjMR9tFYZ0%2F509aFmNBAKvUrndLpWbo1fz%2Fpka1F4znxX7LUQcrIlErK5eGXOsELvLzqPVqvd9PoJ1Ka6mvT4NrozzePAhmPbCqF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773d2c127edb7333-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mgjcqg.xyz/template/m1938pc/images/1.gif
173.231.17.185200 OK 254 B URL HTTP/2 www.mgjcqg.xyz/template/m1938pc/images/1.gif
IP 173.231.17.185:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Mon, 02 Jan 2023 15:00:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=152079567&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=51222&r=0&ww=1280&u=http%3A%2F%2Fwww.roseridgeperformancehorses.com%2F&tt=%E7%9B%8A%E9%98%B3%E5%B0%98%E7%8F%8A%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=152079567&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=51222&r=0&ww=1280&u=http%3A%2F%2Fwww.roseridgeperformancehorses.com%2F&tt=%E7%9B%8A%E9%98%B3%E5%B0%98%E7%8F%8A%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=152079567&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=51222&r=0&ww=1280&u=http%3A%2F%2Fwww.roseridgeperformancehorses.com%2F&tt=%E7%9B%8A%E9%98%B3%E5%B0%98%E7%8F%8A%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 15:00:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=60F572CFE2005945; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Sat, 03 Dec 2022 06:32:29 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: ifQAAAB-BFfaNC0X
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1670049149
Via: cache15.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0]
Content-Encoding: gzip
Age: 30481
X-Cache: HIT TCP_MEM_HIT dirn:3:238906115
X-Swift-SaveTime: Sat, 03 Dec 2022 06:33:40 GMT
X-Swift-CacheTime: 86329
Timing-Allow-Origin: *
EagleId: 2ff62c9716700796306158623e
www.mgjcqg.xyz/template/m1938pc/images/video-mask.png
173.231.17.185200 OK 107 B URL HTTP/2 www.mgjcqg.xyz/template/m1938pc/images/video-mask.png
IP 173.231.17.185:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:30 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Mon, 02 Jan 2023 15:00:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgjcqg.xyz/template/m1938pc/html9/ad/zxf8.js
173.231.17.185200 OK 2.2 kB URL HTTP/2 www.mgjcqg.xyz/template/m1938pc/html9/ad/zxf8.js
IP 173.231.17.185:0
Hash 4b892c63435900bd330bac79b70a7d68
4ae625be0bba725e4fbc849307bcf31c6b9d9303
bdea1dda405f09cd6592a71e4559c9720a027cbdf22872a6297e76f320225102
GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 07:42:17 GMT
vary: Accept-Encoding
etag: W/"6385b7d9-614"
expires: Sun, 04 Dec 2022 03:00:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.mgjcqg.xyz/template/m1938pc/js/jquery.config.js
173.231.17.185200 OK 5.0 kB URL HTTP/2 www.mgjcqg.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.17.185:0
Hash ae8f517a974915f7c05fad0e16c96395
2fbacddbaefc5694431f4c3280132c556f14b346
cd7ac92b9985ef40aac9d35b4f137ac3c42652b193b33cd5f30820bbc27a1ba7
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Sun, 04 Dec 2022 03:00:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2bb3b350fe1a3bca91787a8de0dcdd0
96096c496faf5773801e572b3c56ba31e52c5f8e
f90fadbf4f4313408f749718b20ff3b2868ac0f3a0d782932d1f586b4bfbe81f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F90FADBF4F4313408F749718B20FF3B2868AC0F3A0D782932D1F586B4BFBE81F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sat, 03 Dec 2022 15:40:33 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2bb3b350fe1a3bca91787a8de0dcdd0
96096c496faf5773801e572b3c56ba31e52c5f8e
f90fadbf4f4313408f749718b20ff3b2868ac0f3a0d782932d1f586b4bfbe81f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F90FADBF4F4313408F749718B20FF3B2868AC0F3A0D782932D1F586B4BFBE81F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sat, 03 Dec 2022 15:40:33 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2bb3b350fe1a3bca91787a8de0dcdd0
96096c496faf5773801e572b3c56ba31e52c5f8e
f90fadbf4f4313408f749718b20ff3b2868ac0f3a0d782932d1f586b4bfbe81f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F90FADBF4F4313408F749718B20FF3B2868AC0F3A0D782932D1F586B4BFBE81F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sat, 03 Dec 2022 15:40:33 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2bb3b350fe1a3bca91787a8de0dcdd0
96096c496faf5773801e572b3c56ba31e52c5f8e
f90fadbf4f4313408f749718b20ff3b2868ac0f3a0d782932d1f586b4bfbe81f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F90FADBF4F4313408F749718B20FF3B2868AC0F3A0D782932D1F586B4BFBE81F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sat, 03 Dec 2022 15:40:33 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2bb3b350fe1a3bca91787a8de0dcdd0
96096c496faf5773801e572b3c56ba31e52c5f8e
f90fadbf4f4313408f749718b20ff3b2868ac0f3a0d782932d1f586b4bfbe81f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F90FADBF4F4313408F749718B20FF3B2868AC0F3A0D782932D1F586B4BFBE81F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sat, 03 Dec 2022 15:40:33 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/zr0uwiio0k2.jpg
172.67.28.138200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/zr0uwiio0k2.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d5b422ac4d96d482e51fd80b0954ffe
28f9e5048b98267688c5421e46537a22ac06f32f
5db0dcc11b906b5ab3e43a095d5e51092c48199834baaf27f2bd07f895db84e3
GET /upload/vod/2022/12/zr0uwiio0k2.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 9604
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10938
content-disposition: inline; filename="zr0uwiio0k2.webp"
etag: "638aaefa-2aba"
last-modified: Sat, 03 Dec 2022 02:05:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3054
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eaffeb4fa-OSL
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:31 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:31 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:31 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7516.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:31 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:31 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:31 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 193be49c3d7956fae1e79aad7a1f53ec
4e8e09c916f8ea6494860c3d1d0deca9c05394f1
c0596667b6e9768b672577ed52175a44cb6605b83824b1f1aab1e467c06b95d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0596667B6E9768B672577ED52175A44CB6605B83824B1F1AAB1E467C06B95D1"
Last-Modified: Sat, 03 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14854
Expires: Sat, 03 Dec 2022 19:08:05 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/141fk1fzwop.jpg
172.67.28.138200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/141fk1fzwop.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b7a14747b4ae18ae72bda218e406cec
9befba2c24b834797a1227dab1c42afb650c27bc
0d56c283e1a1d0b85a8cb9a8d47de9bf11e23a8aa0d68535de91664807341a0c
GET /upload/vod/2022/12/141fk1fzwop.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6958
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8389
content-disposition: inline; filename="141fk1fzwop.webp"
etag: "638aae9b-20c5"
last-modified: Sat, 03 Dec 2022 02:04:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb863b4fa-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 9981a9a071661f678ebd4b88c0a78be8
e164ba12f19c8caeef2ae6c352847d1a3d2393b3
17ca7aee9822f697590bedab91bfdbf98f150b06cb9c5f5fdbb4a2cd3ecb2ea1
GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 15:00:30 GMT
Etag: 8ee5e11f8f600cdb472d007881d91819
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=86EEA6DB0A63D0EA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d21b3bba9ee68cd699541eba8fb430ae
fab9c75213a656dfac7a98d9ae090c0e8723e0ad
f3f36ddad118d49d90a65852278638729ffd7c99b702709f4057d0ec24301a63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3F36DDAD118D49D90A65852278638729FFD7C99B702709F4057D0EC24301A63"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13909
Expires: Sat, 03 Dec 2022 18:52:20 GMT
Date: Sat, 03 Dec 2022 15:00:31 GMT
Connection: keep-alive
hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash dfc1af5538e72c5ca47796740bea9350
fb5ff885f7bf65e0040c73b10b250bac23edf40d
50c73370a85ec44547fef5fbae791dc270a5e65fdac2643ac426d7c4bd27a44c
GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 15:00:30 GMT
Etag: ecec09d373752e9d09fe1df4fb3f8983
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3F79E0E7F6B9736E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9ec224d0aefe4b9370fc6c1428cf83b9
b8753a6cebab72d88ecf9cf6cd100624e71411db
ec5effe2a1d7a058e5e14648a34d25b94983882d46286d2c952173be498b23fd
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Dec 2022 15:00:31 GMT
Last-Modified: Sat, 03 Dec 2022 12:37:07 GMT
ETag: "638b42f3-1d7"
Expires: Mon, 05 Dec 2022 12:37:07 GMT
Cache-Control: max-age=164196
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670079631
Via: cache14.l2de2[4,4,200-0,M], cache14.l2de2[5,0], cache2.se1[27,27,200-0,M], cache2.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 03 Dec 2022 15:00:31 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616700796313741694e
lbfm.lbpictupian.com/upload/vod/2022/12/x3dwfjv3g4p.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/x3dwfjv3g4p.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fed9bd2ce9d2133e6fdd8b75d166bcc
734ae4fe343ae9fa935c065607736f461f8b9cb3
2e5512c38697cda2ba444a614f6ba0b68978ce7e5299e79b9c39f4de13da7642
GET /upload/vod/2022/12/x3dwfjv3g4p.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6850
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8355
content-disposition: inline; filename="x3dwfjv3g4p.webp"
etag: "638aae97-20a3"
last-modified: Sat, 03 Dec 2022 02:04:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea808b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/2ooskg0slbo.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/2ooskg0slbo.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5871793a3fb5faf664da2fa0fbae613a
eed0abac9a4d87fd37df746264ba54ad94c4af3b
60727d7b3f32fd6c0618e43fe97f2d2704bfba89b0cb00c20695d4cdf988a74f
GET /upload/vod/2022/12/2ooskg0slbo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 5972
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8427
content-disposition: inline; filename="2ooskg0slbo.webp"
etag: "638aaee9-20eb"
last-modified: Sat, 03 Dec 2022 02:05:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1e9ff9b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/jggnfmq5udm.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/jggnfmq5udm.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abc23afe6d4bc7b8060b444534df0c47
4ff4375228701238bbcf44678de8b3164b86dcd0
d6589183424405a1d7c27c0ddd93c75f0f9504f0c48bebc9382f19dd11501c84
GET /upload/vod/2022/12/jggnfmq5udm.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 11100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12576
content-disposition: inline; filename="jggnfmq5udm.webp"
etag: "638aaef6-3120"
last-modified: Sat, 03 Dec 2022 02:05:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eaffdb4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/nqlgfv4scxl.jpg
172.67.28.138200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/nqlgfv4scxl.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d7b4d23d17964227afd4f6717cb4ef6
57c32b8ae94dcb67af88a444f2242e2052c64af7
5fa978840593d73812ed1377db61df9e6589ca57faf8b70d3c68919f9587d602
GET /upload/vod/2022/12/nqlgfv4scxl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6964
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8252
content-disposition: inline; filename="nqlgfv4scxl.webp"
etag: "638aae24-203c"
last-modified: Sat, 03 Dec 2022 02:02:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea813b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/oabyxqrg4w5.jpg
172.67.28.138200 OK 6.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/oabyxqrg4w5.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5a05d8df2696d3d7f8656b262187baa
27cdebe99349444a7dc3daba8aa2541db3216e6b
3c7aeda262e0896140730ec52b8dbb1957a3fe13434c93aa4e11cf64b49444e9
GET /upload/vod/2022/12/oabyxqrg4w5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6494
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7566
content-disposition: inline; filename="oabyxqrg4w5.webp"
etag: "638aae1b-1d8e"
last-modified: Sat, 03 Dec 2022 02:02:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea80ab4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/dnar12tp05u.jpg
172.67.28.138200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/dnar12tp05u.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fe41c280de4019a48be5b13953af5bf
116d7773fc97e51906a5d3e7c1b59f9585495cc7
fc48ba38578d4a98831812a21146e8bf5f39922b0999507d11567e531a630d56
GET /upload/vod/2022/12/dnar12tp05u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 9874
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11329
content-disposition: inline; filename="dnar12tp05u.webp"
etag: "638aae29-2c41"
last-modified: Sat, 03 Dec 2022 02:02:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea818b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/cdxdovibtto.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/cdxdovibtto.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6a310fb478b32f5f2cee6cd888bec55
bc50778a4e86afad994e2f075d5d114da1418ace
5742d2d2d9a9edded97673d86e9ad2b00949a79a7e804c73aa7bbf7ad88519b6
GET /upload/vod/2022/12/cdxdovibtto.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 10280
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11259
content-disposition: inline; filename="cdxdovibtto.webp"
etag: "638aae89-2bfb"
last-modified: Sat, 03 Dec 2022 02:03:53 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea800b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wnsaukcorgn.jpg
172.67.28.138200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wnsaukcorgn.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3339fb3bab8be4f20e4d5eb1afa89acf
5574d9e2d2c036681a679b9ebe19124f788fad98
5c19d2735e074d374f2c93c95dd7a63f0e56a37e1f4e64c92061d61c681d8a04
GET /upload/vod/2022/12/wnsaukcorgn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6236
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8966
content-disposition: inline; filename="wnsaukcorgn.webp"
etag: "638aaef2-2306"
last-modified: Sat, 03 Dec 2022 02:05:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eaffcb4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/i0rrchujbr4.jpg
172.67.28.138200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/i0rrchujbr4.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6236a99b55afe9cea83994ef4ed92d18
292c5857fd83946667f78ba89ecf1b039fbe4334
f88d3c6eb91ebc119b96256c364abba532c0398323d697ff67524f552172fb6b
GET /upload/vod/2022/12/i0rrchujbr4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 8332
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9254
content-disposition: inline; filename="i0rrchujbr4.webp"
etag: "638aae8e-2426"
last-modified: Sat, 03 Dec 2022 02:03:58 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea803b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/rgq4hialypi.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/rgq4hialypi.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash 814ecbbdbe5fa17bbab1634c5d41d9dd
13fc2e5977a6200d1604aa3a5be7a4e8d5ce890c
225ede255fc2d63e105c918eb1b7d91d3602f9d7d6f5bfcd42370e06394e82ae
GET /upload/vod/2022/12/rgq4hialypi.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/jpeg
content-length: 10064
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10743, status=webp_bigger
etag: "638aae93-29f7"
last-modified: Sat, 03 Dec 2022 02:04:03 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773d2c1ea806b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/olhuhhzpfr4.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/olhuhhzpfr4.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9de8c8477eec89a60ba2a1cbcad67801
6a937a27a2438ac1ff8d9f1f4cc0c63efbdba76d
515893c91e9bb7c28ee279a13d40830118f3134efd65aa07da855488aa99694a
GET /upload/vod/2022/12/olhuhhzpfr4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 10438
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11293
content-disposition: inline; filename="olhuhhzpfr4.webp"
etag: "638aaac1-2c1d"
last-modified: Sat, 03 Dec 2022 01:47:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb843b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/s1mdzf03kie.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/s1mdzf03kie.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc2df7dfee4287bdc44d0e7854c57e93
461cc63b001143e0b8b98c06556895e363577041
fea8afdc1cb099121e7cbf73c6dce94a78eff85da6cf0879c59e8b33feb493a7
GET /upload/vod/2022/12/s1mdzf03kie.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 11158
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11625
content-disposition: inline; filename="s1mdzf03kie.webp"
etag: "638aaad7-2d69"
last-modified: Sat, 03 Dec 2022 01:48:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb868b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/a55ifm1cq54.jpg
172.67.28.138200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/a55ifm1cq54.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1226b74bd87e26a84f864f383fd8d27
64efb61c823ec03ae0feb734fc1bee15762ec8a7
24e543ab53a488fadfbe35cce1f740ac6157f52493cb32841763eb09cebf7a6b
GET /upload/vod/2022/12/a55ifm1cq54.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 7822
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9084
content-disposition: inline; filename="a55ifm1cq54.webp"
etag: "638aae32-237c"
last-modified: Sat, 03 Dec 2022 02:02:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea82fb4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/zmqdiomyc21.jpg
172.67.28.138200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/zmqdiomyc21.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af33c68c5e993d5b7eecdc188fa7beb1
91c22d95e3ee8725162d9de2c865b8ed506ba19d
30a38d2487fc3d1a4e68e05805e58959e0c918afd5fd75fd832d70dc1475a09b
GET /upload/vod/2022/12/zmqdiomyc21.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6252
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8778
content-disposition: inline; filename="zmqdiomyc21.webp"
etag: "638aaf00-224a"
last-modified: Sat, 03 Dec 2022 02:05:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb866b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/teuoszqzr5h.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/teuoszqzr5h.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5758a721f471a96e813b426f7721cd2
23c610034872028bd71738ee5970d37acce97ed0
5af1acdcdd721a7be9e7bd15b7c1e6f4b3f1ac79e84dbd853448b14db8bc6414
GET /upload/vod/2022/12/teuoszqzr5h.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6882
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8074
content-disposition: inline; filename="teuoszqzr5h.webp"
etag: "638aae2e-1f8a"
last-modified: Sat, 03 Dec 2022 02:02:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea82bb4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/sx5f0tllpog.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/sx5f0tllpog.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb304bdd20b1f19907644cfbb66d44d8
f74231c994d7457639e02cc7377088c0a115711d
2492fd4d709c75f8494de92c3de8c62508927480e368108e18bdb75b535c4a77
GET /upload/vod/2022/12/sx5f0tllpog.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 11208
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12087
content-disposition: inline; filename="sx5f0tllpog.webp"
etag: "638aaeee-2f37"
last-modified: Sat, 03 Dec 2022 02:05:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1e9ffab4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/jjjaiwr5pc4.jpg
172.67.28.138200 OK 5.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/jjjaiwr5pc4.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0fe89643788e14070a4af9bfe5baf811
2be751f949487002df4d6d7b63ff7bcda1fd9235
c67d2fd3a20da791585aee79587de7443995763485c5a26bf11b8097f5d8ca26
GET /upload/vod/2022/12/jjjaiwr5pc4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 5508
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8053
content-disposition: inline; filename="jjjaiwr5pc4.webp"
etag: "638aae20-1f75"
last-modified: Sat, 03 Dec 2022 02:02:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea80cb4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/g2c1tp14h5q.jpg
172.67.28.138200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/g2c1tp14h5q.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df9f3df81651ede3c48a9190ce3fc904
42971c754ca89c3dbc3402a63ffa760db9f88c5b
8c34b209973e3a9e2fccab8bfb6d72e221f2e235c35f52ec824137d6671a0920
GET /upload/vod/2022/12/g2c1tp14h5q.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6604
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8867
content-disposition: inline; filename="g2c1tp14h5q.webp"
etag: "638aaabd-22a3"
last-modified: Sat, 03 Dec 2022 01:47:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea839b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/c1ewvfpozhc.jpg
172.67.28.138200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/c1ewvfpozhc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6331fa442ad3f52a1576d420aca545f7
94d778383f0630c6c3a014a6c28042dd26653920
e35aec9e2716ff101ad5deac487848df2c6f1f6ddcf58f4e9ffdc61aa44128de
GET /upload/vod/2022/12/c1ewvfpozhc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 8724
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9557
content-disposition: inline; filename="c1ewvfpozhc.webp"
etag: "638aaaca-2555"
last-modified: Sat, 03 Dec 2022 01:47:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb864b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/hhz4a31jbvs.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/hhz4a31jbvs.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c8f84381eef5dd62a089a5424edf921
36b90f69ea1930c42064b339e4ffcd02da582dd0
d48c9ad7bae8bb697f1016914f8cd0d797bb5c0e71d6b131913f74f9ac2be4a0
GET /upload/vod/2022/12/hhz4a31jbvs.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 8246
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9391
content-disposition: inline; filename="hhz4a31jbvs.webp"
etag: "638aaadb-24af"
last-modified: Sat, 03 Dec 2022 01:48:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb860b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/pr2wodxhts3.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/pr2wodxhts3.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d94307031ceaff53706bc5519e4e197c
6bb971083c4e22c9b5a53245847fc2918159e25e
5035a72e94fd0467dd403c1f716f4da17e5382d90713cffb53a7fb92105ec995
GET /upload/vod/2022/12/pr2wodxhts3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 13044
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13331
content-disposition: inline; filename="pr2wodxhts3.webp"
etag: "638aaacf-3413"
last-modified: Sat, 03 Dec 2022 01:47:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1e9fecb4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/q4axihilgak.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/q4axihilgak.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b91a5d78377bfd93349603babb7c4bb
0e7a114b9919cfd8b0199bdef3df6d93f4166beb
334b6b27e1533a8e51c0b7290e0f47403eb86dd171ce474280a10a12b17b8016
GET /upload/vod/2022/12/q4axihilgak.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 6698
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7878
content-disposition: inline; filename="q4axihilgak.webp"
etag: "638aaad3-1ec6"
last-modified: Sat, 03 Dec 2022 01:48:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb865b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/14ux5fhmpck.jpg
172.67.28.138200 OK 5.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/14ux5fhmpck.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b96bdb97ce70d72896fc8e2bbe4921f2
846345a708dcb85a30c69bce461b6b0851189533
a35325518df8e9d73f166730e5cec294db5aa44186c3280ad88c35f942b5791c
GET /upload/vod/2022/12/14ux5fhmpck.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 5146
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7275
content-disposition: inline; filename="14ux5fhmpck.webp"
etag: "638aaea0-1c6b"
last-modified: Sat, 03 Dec 2022 02:04:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1ea809b4fa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/a5qwcfnikab.jpg
172.67.28.138200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/a5qwcfnikab.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29f29b9bd1010588d2084f587c14c777
25822234ef98992dc168bd5c01d64dab0150476d
661c057a25bb7ec7da515e0f6756b4dfe36df0ede1515ad1785ef29837deaf35
GET /upload/vod/2022/12/a5qwcfnikab.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/webp
content-length: 8882
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9839
content-disposition: inline; filename="a5qwcfnikab.webp"
etag: "638aaac6-266f"
last-modified: Sat, 03 Dec 2022 01:47:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 773d2c1eb85bb4fa-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash e761d833dbded63d941544f1385aa478
ff6f09e990f623242ea076d529bfd450ddc57581
73b1cafbe4eaae3122f6502f178b96eb833eb56e81db2a4bd868ebc94e57a066
GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 15:00:30 GMT
Etag: 00e256fe81d46c873f529b4452df0a99
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AA39D58FCA6C8BE2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1397183812&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51224&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1397183812&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51224&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1397183812&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51224&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 15:00:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6F50615027BF148E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872472926&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51224&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872472926&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51224&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872472926&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51224&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 15:00:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=61B8115D542F5798; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=178469250&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51225&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=178469250&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51225&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=178469250&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=51225&r=0&ww=1280&u=https%3A%2F%2Fwww.mgjcqg.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 15:00:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=56A79DCE17E7EE8B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8f09732969decf5f76f7cfac6a5f92e4
8d37212805cecf230e88b977894ffb73d7d815bd
3bbc9b226e280b35a137760ee3d538d9df94a524049a53143b5ce4cfcd89dcf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BBC9B226E280B35A137760EE3D538D9DF94A524049A53143B5CE4CFCD89DCF4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Sat, 03 Dec 2022 15:43:43 GMT
Date: Sat, 03 Dec 2022 15:00:32 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
45.89.208.114200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 34ff69ac005a1758f959b2e19def96ca
17413ac3a9fb102c5550118f38cb659effeeeb23
f72cf38f8da2e02865cd9be56d03b884d3dfe727ea06884ced64e38811329ac2
GET /upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 10559
Last-Modified: Wed, 09 Nov 2022 11:40:17 GMT
Connection: keep-alive
ETag: "636b91a1-293f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
45.89.208.114200 OK 9.3 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b567dbb6fb1db9f38bd0459ee707f4a9
a78cf16102114a17aef64addc6e1ca8db381600a
7c80046668ca43bae8a195d776c6afc2895a45869fa18e8dc239fa279f7102d3
GET /upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 9264
Last-Modified: Wed, 09 Nov 2022 11:40:16 GMT
Connection: keep-alive
ETag: "636b91a0-2430"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
45.89.208.114200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f2a8789ed6ea14341492d37fac4595f9
c88bf5860453ad667dc58c27deb31873acc61cd5
5b8460b19f3d79f29044eb4884447e61a5894d58d2dbb232eeb991313dabede4
GET /upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 12196
Last-Modified: Wed, 09 Nov 2022 11:40:16 GMT
Connection: keep-alive
ETag: "636b91a0-2fa4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
45.89.208.114200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c45eda38d46f5acd58867ef8b570bb2
26b02ebb1c069acd757c04f2ffcc81a085470907
a8a0ed14544bd1b8eca15c0faeaeb4cace07a7da700cc21ef7a0b47fa38daffd
GET /upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 12006
Last-Modified: Wed, 09 Nov 2022 11:39:52 GMT
Connection: keep-alive
ETag: "636b9188-2ee6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
45.89.208.114200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4de69e86cac1b908c088cafd5a7b0b6e
cd030960d031bb1ce4e5d46a39bcda1ae56e0064
a9da837629b12da43d48dccbce14f1c401280a7d67afb0a58f556abf402122e6
GET /upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 13417
Last-Modified: Wed, 09 Nov 2022 11:41:17 GMT
Connection: keep-alive
ETag: "636b91dd-3469"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
45.89.208.114200 OK 6.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 58ea27a500bcb3f3d868101711779560
a162c0e988323069e6396902f2fabc9da1205eb3
583dda68ba080f07505f0ba01f8d5395ef9afaddff065cbff72906e9f61aecca
GET /upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 5954
Last-Modified: Wed, 09 Nov 2022 11:40:09 GMT
Connection: keep-alive
ETag: "636b9199-1742"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 2bcaad527413f54a9dc297cd0519fa9f
734fea644d3a6526fc14ecb147450bfa902258dd
e3e480deb8924e0f1093d0f7f8261bad9bc377aa688beb56f36c9c818290beb6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=597
Date: Sat, 03 Dec 2022 15:00:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 2bcaad527413f54a9dc297cd0519fa9f
734fea644d3a6526fc14ecb147450bfa902258dd
e3e480deb8924e0f1093d0f7f8261bad9bc377aa688beb56f36c9c818290beb6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=563
Date: Sat, 03 Dec 2022 15:00:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 2bcaad527413f54a9dc297cd0519fa9f
734fea644d3a6526fc14ecb147450bfa902258dd
e3e480deb8924e0f1093d0f7f8261bad9bc377aa688beb56f36c9c818290beb6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=612
Date: Sat, 03 Dec 2022 15:00:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 2bcaad527413f54a9dc297cd0519fa9f
734fea644d3a6526fc14ecb147450bfa902258dd
e3e480deb8924e0f1093d0f7f8261bad9bc377aa688beb56f36c9c818290beb6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=566
Date: Sat, 03 Dec 2022 15:00:32 GMT
Connection: keep-alive
X-N: S
img.1152555.com/images/637efec48d97bc67605fd88e.gif
185.239.226.87302 Found 1.6 kB URL HTTP/2 img.1152555.com/images/637efec48d97bc67605fd88e.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
Hash 2bcaad527413f54a9dc297cd0519fa9f
734fea644d3a6526fc14ecb147450bfa902258dd
e3e480deb8924e0f1093d0f7f8261bad9bc377aa688beb56f36c9c818290beb6
GET /images/637efec48d97bc67605fd88e.gif HTTP/1.1
Host: img.1152555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 311f1a1bf24baf02db91d1dca925d6a2
889371a1fbda2a575b3b00aef13c09ce1a1f66d1
e3cefb885b9aeae552b5c4046e302dc85601cd36aabc0d4ee58587cc63028255
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 07 Dec 2022 13:30:04 GMT
ETag: "889371a1fbda2a575b3b00aef13c09ce1a1f66d1"
Last-Modified: Sat, 03 Dec 2022 13:30:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3103
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773d2c294aebb4f7-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 58b0f0aade08ec16eaae39140aeb6ca5
aa5cfdae037fa795240866e5d1f6fe1aefa55aa0
c5c7754e37d37088a1a5447379ed0ffebeffc0a5ed574b80b4f9de8351bf5714
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 00:51:36 GMT
Expires: Sat, 10 Dec 2022 00:51:35 GMT
Etag: "aa5cfdae037fa795240866e5d1f6fe1aefa55aa0"
Cache-Control: max-age=553262,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d2c293c97b523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 098ece0599ba0d5cff61ecaa46dce09c
64c9e561bc46238fc9a53be3ffd8bd3ff3cd37f3
a9fda43e21d03ca5f11acf4224af819e5cd1f583fdd888f870f779ee4fdd5a6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 10:05:44 GMT
Expires: Sat, 10 Dec 2022 10:05:43 GMT
Etag: "64c9e561bc46238fc9a53be3ffd8bd3ff3cd37f3"
Cache-Control: max-age=586510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d2c293ecf0af6-OSL
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash c1795c44669d4cb27250ea3b09de424e
b9be6cf2c3e08ad7882aaf247e3337106559a099
9c9a9da231f9fcb0aee8d806f0f837cfb7fa6c671c28810b7f9e96eaa830d780
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 08:31:17 GMT
Expires: Sun, 04 Dec 2022 08:31:17 GMT
ETag: "b9be6cf2c3e08ad7882aaf247e3337106559a099"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
45.89.208.114200 OK 139 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 139 kB (138685 bytes)
Hash e9cefc544ae32631f400fb8b3ef0f6fe
4faf7d1b3d4c61774cb17b44b6283b1b14785601
0a5ac49f96a8234348f2acc182e5ab43d6cb5aa426d69a81e161e7181231248b
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 138685
Last-Modified: Wed, 09 Nov 2022 11:44:28 GMT
Connection: keep-alive
ETag: "636b929c-21dbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
45.89.208.114200 OK 122 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 122 kB (121778 bytes)
Hash 84d5b2b7d58b70cefc595589530fc731
b6369bb724b71a1c855b1569f36dc63438ba71c0
d1ed1b5c87ddb3e9a2aa3aa5cc4d6c038d87388e80af6a2058886d3f4703108d
GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 121778
Last-Modified: Wed, 09 Nov 2022 12:04:12 GMT
Connection: keep-alive
ETag: "636b973c-1dbb2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
45.89.208.114200 OK 134 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 134 kB (133978 bytes)
Hash 796a9665a4fbbdb3640a7750c6f07b90
7f07a9f7b1263ba79c6da5b504078c3484ec7c97
47b2c8af58f3213cc952170d1ac97e6de93346c3fa7e3710fc3d32311c833715
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 133978
Last-Modified: Wed, 09 Nov 2022 12:01:25 GMT
Connection: keep-alive
ETag: "636b9695-20b5a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash c1795c44669d4cb27250ea3b09de424e
b9be6cf2c3e08ad7882aaf247e3337106559a099
9c9a9da231f9fcb0aee8d806f0f837cfb7fa6c671c28810b7f9e96eaa830d780
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 08:31:17 GMT
Expires: Sun, 04 Dec 2022 08:31:17 GMT
ETag: "b9be6cf2c3e08ad7882aaf247e3337106559a099"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
45.89.208.114200 OK 120 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 120 kB (120184 bytes)
Hash b3eaf61f8b8ce3484176e881301ae333
08fa67d1e47e51b37446645ca964bea114eee747
cfababc46181a463817165a710bb510d86b53bb9cdbd94a19e7e706df3040e8c
GET /images/2021/7/24/dmm7516.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 120184
Last-Modified: Wed, 09 Nov 2022 12:03:13 GMT
Connection: keep-alive
ETag: "636b9701-1d578"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7962bc552b3d485028ddd37b6c85fecb
e898f002d9035b35bcc4d78405ee837e70d7a6ec
bcdb6cb5b05da049ca2bc069fcaa12bc576db1f0e437a254f261ca5228ad08fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:00:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 23:20:33 GMT
Expires: Fri, 09 Dec 2022 23:20:32 GMT
Etag: "e898f002d9035b35bcc4d78405ee837e70d7a6ec"
Cache-Control: max-age=547799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d2c293904b51b-OSL
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
45.89.208.114200 OK 162 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 162 kB (161782 bytes)
Hash 1e71477b4f330ca3b901b5d2e3948663
4fb5006efbdcff61a4f15edba423e488b40b63b0
33c443d0564af32013c9866375b08c588f952f32697ef24c5b82cc23140c8a85
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 161782
Last-Modified: Wed, 09 Nov 2022 12:00:24 GMT
Connection: keep-alive
ETag: "636b9658-277f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 764f1240f880ac5e74f57fff6c581c20
7391073a4a230cef6c5ae49c364ea15b712163dd
030eb47d5a8b2a6f030248e44583a7ce9545a845246ad87ab577e6284366386b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:00:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 20:52:34 GMT
Expires: Fri, 09 Dec 2022 20:52:33 GMT
Etag: "7391073a4a230cef6c5ae49c364ea15b712163dd"
Cache-Control: max-age=538919,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d2c29af1c0af6-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 385797edac1d836eff60d899f2c2bf50
66a002020f849693377673a3938435f77330d701
1a731e7e002981839b20fc7960f11abc3bf990f7c1a8022bd7d21449c820415c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:33 GMT
Etag: "638a7436-2d7"
Last-Modified: Sat, 03 Dec 2022 13:35:54 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 727
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:58:03 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Mon, 02 Jan 2023 14:58:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b4756b5f8458c6d532c629c6d7de4ba
f842ab481a29160a3085c92f520e1ed309066e6c
008fd54cf7b3a32a678a87ec994dbb0603df9dd3d423aacb25f8f5a12413900f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "008FD54CF7B3A32A678A87EC994DBB0603DF9DD3D423AACB25F8F5A12413900F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16975
Expires: Sat, 03 Dec 2022 19:43:28 GMT
Date: Sat, 03 Dec 2022 15:00:33 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 5765e3857d3ec568778e0a354dbcd2eb
16700c930330b3712a30cc3789bf7f6950f8d328
06dd010a1515e5d5ea52b287c43a612ff8d769e3c41c5f1f67a17aaf9d57eb63
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:00:33 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:09:40 GMT
Expires: Fri, 09 Dec 2022 11:09:39 GMT
Etag: "16700c930330b3712a30cc3789bf7f6950f8d328"
Cache-Control: max-age=503945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d2c2a08feb518-OSL
fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
45.89.208.114200 OK 129 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x539, components 3\012- data
Size 129 kB (129353 bytes)
Hash 38b52bfe66c8a71ab84ff80cca175f51
835e56833f9ea7352939ce508ab43c67bfd95e4f
89d0d125c3b7ecb375a9f413f4ad8c6c36b954f3ec6a64d0b7ba68b12616ad0a
GET /images/2021/7/24/dmm7521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 15:00:32 GMT
Content-Type: image/jpeg
Content-Length: 129353
Last-Modified: Wed, 09 Nov 2022 11:45:02 GMT
Connection: keep-alive
ETag: "636b92be-1f949"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
p3.douyinpic.com/obj/tos-cn-i-dy/3ade746bf66042c88358ca3cad45e428
47.246.44.230200 OK 258 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3ade746bf66042c88358ca3cad45e428
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 258 kB (257486 bytes)
Hash 55d735ced9e7e36a0041464bf44ba65f
aa4662f343a0d5a8151441554993aad71103637c
4c2cb0687f63d736e4557cbe65bdeb10f836ba8ac7503a322c40ebb2187fb851
GET /obj/tos-cn-i-dy/3ade746bf66042c88358ca3cad45e428 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 257486
date: Thu, 01 Dec 2022 08:47:19 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 01 Dec 2022 08:28:19 GMT
nw-session-id: 2022120116281901013516001446F211CEkcpxs03dy
nw-session-trace: 2022-12-01T16:28:19.379493498+08:00 31
x-bdcdn-cache-status: TCP_HIT
x-length: 257486
x-powered-by: ImageX
x-response-date: Thu, 01 Dec 2022 16:28:19 GMT
x-tt-logid: 2022120116281901013516001446F211CE
via: n150-057-099, cache16.l2de2[0,0,206-0,H], cache20.l2de2[1,0], cache20.l2de2[3,0], cache7.se1[0,0,200-0,H], cache5.se1[2,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce10811edba3308505baaa69b289701c26421912600aed7b13a21e40b526da72807dcedc8e26eea416a6474b3322860342a4f7ee565426765311793a24d4311b784d3188e0be02abe2994aa5d18c46b873f94d
x-response-lb: image
ali-swift-global-savetime: 1669884439
age: 195194
x-cache: HIT TCP_MEM_HIT dirn:11:172275728
x-swift-savetime: Thu, 01 Dec 2022 08:49:16 GMT
x-swift-cachetime: 31535883
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916700796331238002e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa
47.246.44.230200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 24 Nov 2022 05:28:46 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 05:28:46 GMT
nw-session-id: 2022112413284601013113602942A1054Fw7kx601dy
nw-session-trace: 2022-11-24T13:28:46.535254029+08:00 30
x-bdcdn-cache-status: TCP_MISS
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 13:28:46 GMT
x-tt-logid: 2022112413284601013113602942A1054F
via: n132-085-021, cache12.l2de2[0,0,206-0,H], cache8.l2de2[0,0], cache8.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01828e55a3aae08103c59996ea14c72a4acef299c9c635b1382396dc67e62f4c0c988aea7e1eec1fbf2f08e1f57844c3d30dd04503110c356e3ea29c7feec93bd951505abcae576081a7c27e080949a616da1edaceb258677fb32aae0eaeebdf78
x-response-lb: image
ali-swift-global-savetime: 1669267726
age: 811907
x-cache: HIT TCP_MEM_HIT dirn:1:170980726
x-swift-savetime: Thu, 24 Nov 2022 06:01:24 GMT
x-swift-cachetime: 31534042
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916700796331268004e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 008663294d406a23b984417b80e8d422
1363b1c00711ef3c13fc353e4546f9c2226a89ec
dc9b6ebb5f5d64e47cfad2a3cb65a7b9dc6a887ab6ab5fc01ca366b3788cd7b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:33 GMT
Etag: "638a5db8-116"
Server: ECS (amb/6BC6)
Content-Length: 278
kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.234.216200 OK 902 kB URL HTTP/2 kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.234.216:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgjcqg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:33 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 23 Dec 2022 09:32:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 883705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgAeiE3fsfHzcMe7ftSyFkt0Eu4tnMZH7KFi8xSpT88rvMZ1702R9bbzIsXenS0NmfHPEGNtXlqh0%2FHEkBK3nOg9uhNyJDYJOlSaLuucZmS27WrI8rPRFzZbq0Gh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773d2c2bac9c76de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 008663294d406a23b984417b80e8d422
1363b1c00711ef3c13fc353e4546f9c2226a89ec
dc9b6ebb5f5d64e47cfad2a3cb65a7b9dc6a887ab6ab5fc01ca366b3788cd7b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=105511
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:00:33 GMT
Etag: "638a5db8-116"
Expires: Sun, 04 Dec 2022 20:19:04 GMT
Last-Modified: Fri, 02 Dec 2022 20:19:04 GMT
Server: nginx
Content-Length: 278
597773zzr.com/467867bbdb2c416293d50691c3218d39.gif
45.61.212.219200 OK 359 kB URL HTTP/1.1 597773zzr.com/467867bbdb2c416293d50691c3218d39.gif
IP 45.61.212.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
GET /467867bbdb2c416293d50691c3218d39.gif HTTP/1.1
Host: 597773zzr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6368c2a4-57910"
Date: Fri, 18 Nov 2022 23:14:47 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 07 Nov 2022 08:32:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-19
Content-Length: 358672
p3.douyinpic.com/obj/tos-cn-i-dy/093846b7ff644193983478d40083cf94
47.246.44.230200 OK 409 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/093846b7ff644193983478d40083cf94
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 600 x 300\012- data
Size 409 kB (408780 bytes)
Hash 7948af520e94a790d8e1046883590d3a
be6209c742b34b19cf193f902527a18983a5d5d7
b75c697f0933a336145e263d5d0d9cc2358ff78db02655b31d710dc93839e078
GET /obj/tos-cn-i-dy/093846b7ff644193983478d40083cf94 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 408780
date: Thu, 01 Dec 2022 08:48:39 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 01 Dec 2022 08:29:26 GMT
nw-session-id: 2022120116292601017509420901F50B84vbsht03dy
nw-session-trace: 2022-12-01T16:29:26.338976599+08:00 33
x-bdcdn-cache-status: TCP_HIT
x-length: 408780
x-powered-by: ImageX
x-response-date: Thu, 01 Dec 2022 16:29:26 GMT
x-tt-logid: 2022120116292601017509420901F50B84
via: n150-056-012, cache19.l2de2[0,0,206-0,H], cache16.l2de2[0,0], cache16.l2de2[1,0], cache7.se1[0,0,200-0,H], cache5.se1[2,0]
x-request-ip: fdbd:dc02:19:485::47
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 019e587f2e8583926b6082f398e50c460c76e0984f2aa2f1bad892358e168b29958e29a1bf92ddb8e56e7de5d488048d7afb6ac78189501d84d0ec18d5833d80cff1bad27106aa4341b09ebc99e6a938e8765d23a688704b964369485a307d44fd
x-response-lb: image
ali-swift-global-savetime: 1669884519
age: 195114
x-cache: HIT TCP_MEM_HIT dirn:5:171106203
x-swift-savetime: Thu, 01 Dec 2022 08:51:54 GMT
x-swift-cachetime: 31535805
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916700796336508464e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00
47.246.44.230200 OK 66 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Hash 9d629444f249b855a94e8a882d5ec47d
c06f98e56cf9977aaa7addb0e0acee4d982f6248
a81c159959e121cf31b8fb9fff87a139cb549a928b07ff43306ac65a2dcb6a0c
GET /obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 65638
date: Thu, 24 Nov 2022 19:00:03 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 06:02:02 GMT
nw-session-id: 2022112414020201021018603626A5209F2zl4v01dy
nw-session-trace: 2022-11-24T14:02:02.286422791+08:00 43
x-bdcdn-cache-status: TCP_HIT
x-length: 65638
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 14:02:02 GMT
x-tt-logid: 2022112414020201021018603626A5209F
via: n132-078-079, cache25.l2de2[0,0,206-0,H], cache2.l2de2[1,0], cache2.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:15:316::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0151a443870e91434d560d3d4c20eeab16d7ad6ce39f6dd297a24c3bc28c8b8af98997ea9bcd143561836ad6fe1a965a47779f97b21929a6e57f6f285661c053cd4af09e4819b6c6a15cf81e70e718feac
x-response-lb: image
ali-swift-global-savetime: 1669316403
age: 763230
x-cache: HIT TCP_MEM_HIT dirn:11:37275704
x-swift-savetime: Fri, 25 Nov 2022 12:31:42 GMT
x-swift-cachetime: 31472901
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916700796337498524e
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200.gif
220.128.218.220200 OK 66 kB URL HTTP/2 taiwtp1.com/xin/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:58:03 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Mon, 02 Jan 2023 14:58:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
uu99k.com/image/1-640X200.gif
23.224.145.198200 OK 118 kB URL HTTP/2 uu99k.com/image/1-640X200.gif
IP 23.224.145.198:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117717 bytes)
Hash 90a809e02687e4f28872e33f66cd33b1
e878a5b152fd19e45108395805b9f3176b5fbfd1
3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
GET /image/1-640X200.gif HTTP/1.1
Host: uu99k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:33 GMT
content-type: image/gif
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Wed, 07 Dec 2022 01:10:13 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
339282bdb.com/d35467f31a1e415dbf061087c8c283d5.gif
45.61.212.127200 OK 684 kB URL HTTP/1.1 339282bdb.com/d35467f31a1e415dbf061087c8c283d5.gif
IP 45.61.212.127:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Wed, 30 Nov 2022 09:51:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-27
Content-Length: 683474
328858prw.com/3c55f52a106a47ff98d4bf61a17901a5.gif
45.61.212.116200 OK 562 kB URL HTTP/1.1 328858prw.com/3c55f52a106a47ff98d4bf61a17901a5.gif
IP 45.61.212.116:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 562 kB (561845 bytes)
Hash 4552f51ed05e3f4ed4ffc73bbaf77df3
3f5aab58a8565d2c4c5c4f23477e64c72ce4e61e
3c64bea31f55f50536ea73aee6e1e40ac050a2108379d55765bf774dc483d7d1
Analyzer Verdict Alert quad9 Sinkholed
GET /3c55f52a106a47ff98d4bf61a17901a5.gif HTTP/1.1
Host: 328858prw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633c1d2d-892b5"
Date: Tue, 29 Nov 2022 01:48:09 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 04 Oct 2022 11:46:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-16
Content-Length: 561845
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 40a84aa55d1e9b1d30328d6c92c27366
b05b4169a2d8567c5a428087a66bdf266c0fb826
8ce4068692df8c88b25f35d3b37b35afd67239537147fd1ded28b541698b8a86
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=852
Date: Sat, 03 Dec 2022 15:00:33 GMT
Connection: keep-alive
X-N: S
www.mgjcqg.xyz/
173.231.17.185200 OK 546 kB IP 173.231.17.185:0
Size 546 kB (545664 bytes)
Hash 2209361f006aa33e8294cd83b026bb33
a4d46b290e350771e27863b0de541c3f31a8f5ec
d0e37287ea7a2d0482d27d30f67a785f3303b257f6654430f3ceff66a1f2b837
GET / HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
8499483.com/8499/960x60.gif
172.247.50.227200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 172.247.50.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:00:33 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgjcqg.xyz/template/m1938pc/css/ate.css
173.231.17.185200 OK 0 B URL HTTP/2 www.mgjcqg.xyz/template/m1938pc/css/ate.css
IP 173.231.17.185:0
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Sun, 04 Dec 2022 03:00:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.u2765.com/images/638865a03c506bd585978abc.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.u2765.com/images/638865a03c506bd585978abc.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638865a03c506bd585978abc.gif HTTP/1.1
Host: img.u2765.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3ade746bf66042c88358ca3cad45e428
X-Firefox-Spdy: h2
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
47.75.19.34200 OK 0 B URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
IP 47.75.19.34:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /gg/960X60.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Dec 2022 15:00:33 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 638B6491D14BBC3433C65835
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1
img.9399x.com/images/638865e33c506bd585978abd.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.9399x.com/images/638865e33c506bd585978abd.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638865e33c506bd585978abd.gif HTTP/1.1
Host: img.9399x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/093846b7ff644193983478d40083cf94
X-Firefox-Spdy: h2
img.1158555.com/images/637eff228d97bc67605fd890.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1158555.com/images/637eff228d97bc67605fd890.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/637eff228d97bc67605fd890.gif HTTP/1.1
Host: img.1158555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00
X-Firefox-Spdy: h2
www.mgjcqg.xyz/template/m1938pc/css/zui.css
173.231.17.185200 OK 0 B URL HTTP/2 www.mgjcqg.xyz/template/m1938pc/css/zui.css
IP 173.231.17.185:0
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.mgjcqg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:29 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Sun, 04 Dec 2022 03:00:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
tpkj2222.com/img/k80m/oJEYuCWao.gif
66.203.157.175200 OK 0 B URL HTTP/1.1 tpkj2222.com/img/k80m/oJEYuCWao.gif
IP 66.203.157.175:0
ASN #59371 Dimension Network & Communication Limited
GET /img/k80m/oJEYuCWao.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 15:00:33 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"782768-1669665926000"
Last-Modified: Mon, 28 Nov 2022 20:05:26 GMT
Expires: Sun, 18 Dec 2022 15:00:33 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
3p8801.co/11-960x60.gif
107.148.202.17200 OK 0 B IP 107.148.202.17:0
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Mon, 02 Jan 2023 15:00:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 0 B URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:58:03 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Mon, 02 Jan 2023 14:58:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/77-250x250.gif
107.148.202.17200 OK 0 B IP 107.148.202.17:0
GET /77-250x250.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:00:32 GMT
content-type: image/gif
content-length: 32809
last-modified: Sun, 20 Nov 2022 13:03:15 GMT
etag: "637a2593-8029"
expires: Mon, 02 Jan 2023 15:00:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tpkj2222.com/img/k80m/oJ8rVeomP.gif
66.203.157.175200 OK 0 B URL HTTP/1.1 tpkj2222.com/img/k80m/oJ8rVeomP.gif
IP 66.203.157.175:0
ASN #59371 Dimension Network & Communication Limited
GET /img/k80m/oJ8rVeomP.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 15:00:33 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"423944-1669660103000"
Last-Modified: Mon, 28 Nov 2022 18:28:23 GMT
Expires: Sun, 18 Dec 2022 15:00:33 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
mang.tiryakioyun.com/news/index.php
20.187.123.222200 OK 0 B URL HTTP/2 mang.tiryakioyun.com/news/index.php
IP 20.187.123.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /news/index.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.roseridgeperformancehorses.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 03 Dec 2022 15:00:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.2.157403 Forbidden 0 B URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.2.157:0
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgjcqg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 15:00:31 GMT
content-type: application/xml
x-amz-request-id: 7PXDDBCP49JM4V9F
x-amz-id-2: Jsaq0HfhPhvf7lUIchklKzc5leeRlhNjBLzia0KKl4c1FZ1Kwo1UzDj/QEHllR7txl44vYLuP5U=
cf-cache-status: MISS
set-cookie: __cf_bm=utNrtYJQ7MiMa6HdEafdo1_LFB9AfFEQ.Rv99egzf9E-1670079631-0-AXS1JnOzFXTf2NoNPKGGMp/2sFuT8jCEfLuaOkQVfdKN71Nezkhpwwk8DzJzB5Ve1YORMlIHbK3Gp44Pz5CJCxw=; path=/; expires=Sat, 03-Dec-22 15:30:31 GMT; domain=.pngtree.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 773d2c1ebbdd0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2