firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rPKYmH0FT1fj13Iy3_EMVCwilO2dnJVJJginfNyfMx365sfNTeRSvA==
Age: 92894
nomadicsahil.com/
23.81.39.238301 Moved Permanently 0 B IP 23.81.39.238:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nomadicsahil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 17:35:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nomadicsahil.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9656
Expires: Thu, 06 Oct 2022 20:16:28 GMT
Date: Thu, 06 Oct 2022 17:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3983
Expires: Thu, 06 Oct 2022 18:41:56 GMT
Date: Thu, 06 Oct 2022 17:35:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Peyfm44MgfX+eZ2CKWqWe2pS1liHDirK9u8xEz59+NgBMJdthoFGHhPUBuhszHy5SEhxNKiORzs=
x-amz-request-id: 87DZ6X6VKAJ275ZC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 17:30:52 GMT
age: 281
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 17:29:41 GMT
Expires: Thu, 06 Oct 2022 17:53:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rwat5xRIyFTJH6wOXhPRZZCxUDIzTm5F9qsT1p5VwFGEwLxyG4ETDQ==
Age: 352
www.nomadicsahil.com/
23.81.39.238200 OK 777 B IP 23.81.39.238:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash cec0b0c48ceed2a7d229ae8490a5482e
f3f096806578c870b35bd163ef02b14261b7fbe7
e362ac92fc2b7308103b69baff5499c704642180ecd001b32ea4192a20ad3cff
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.nomadicsahil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 17:35:31 GMT
Content-Type: text/html
Content-Length: 777
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1556
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:33 GMT
Last-Modified: Thu, 06 Oct 2022 17:09:37 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.nomadicsahil.com/tj.js
23.81.39.238200 OK 520 B URL HTTP/1.1 www.nomadicsahil.com/tj.js
IP 23.81.39.238:0
ASN #7203 LEASEWEB-USA-SFO-12
File type ASCII text, with CRLF line terminators
Hash 5fbf279e6be6f60f62623e05a02c8249
d399e6ed7f90fc01236fc6c84d94eee2306c8a22
3ab86abf0ed9a6b38be2375208b4e2d1b22d1fd32e0888c9f3ecec75a6145423
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.nomadicsahil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 17:35:31 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.nomadicsahil.com/common.js
23.81.39.238200 OK 1.1 kB URL HTTP/1.1 www.nomadicsahil.com/common.js
IP 23.81.39.238:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 3b08372f4773c8e7854234aaef938077
b65315c1d4fc673034b770705bf00746f6028d72
da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.nomadicsahil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 17:35:32 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Wz58EMMOetD2o/zbkuuiGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g4k/IcJvYuOSvzVPkU7jPExn2f8=
www.nomadicsahil.com/favicon.ico
23.81.39.238200 OK 1.2 kB URL HTTP/1.1 www.nomadicsahil.com/favicon.ico
IP 23.81.39.238:0
ASN #7203 LEASEWEB-USA-SFO-12
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.nomadicsahil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 17:35:32 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 11 Oct 2022 17:35:32 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 057bca42db8b7a7937de745eb7775d2c
de2781cbca830d749cff3423b7ee642ab8113b4d
4b69509d84b51b883bc916356ed14c730db831ae72ee93381d8588e70cf8c1cc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:34 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 23:27:47 GMT
Expires: Tue, 11 Oct 2022 23:27:46 GMT
Etag: "de2781cbca830d749cff3423b7ee642ab8113b4d"
Cache-Control: max-age=452531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756027812e7eb4f4-OSL
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 06 Oct 2022 17:35:34 GMT
Etag: "4078521116"
Expires: Fri, 06 Oct 2023 17:35:34 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=02055FD4AF180D8A6F4085AE1A117911:FG=1; max-age=31536000; expires=Fri, 06-Oct-23 17:35:34 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.nomadicsahil.com/
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.nomadicsahil.com/
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.nomadicsahil.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 06 Oct 2022 17:35:34 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 17:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 17:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 17:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 17:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 17:35:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:56:07 GMT
age: 49168
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 71934
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 70968
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 71934
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 47272
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 70735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 7785267b6cea758b025eab5718a81bc1
55f0e0af3b08cbb14206a894cb7c78adc34bcc77
a4469544347b6d2189e063b4cf7a25f9ff8c07ddc6191ab911f996f3fe5a4235
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 10 Oct 2022 13:52:13 GMT
ETag: "55f0e0af3b08cbb14206a894cb7c78adc34bcc77"
Last-Modified: Thu, 06 Oct 2022 13:52:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2922
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756027867df6b4f4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 7785267b6cea758b025eab5718a81bc1
55f0e0af3b08cbb14206a894cb7c78adc34bcc77
a4469544347b6d2189e063b4cf7a25f9ff8c07ddc6191ab911f996f3fe5a4235
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 10 Oct 2022 13:52:13 GMT
ETag: "55f0e0af3b08cbb14206a894cb7c78adc34bcc77"
Last-Modified: Thu, 06 Oct 2022 13:52:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2922
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756027867e09b4f4-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70405b920d6b000e09a6d5bb2aee2b32
560e8f7d5e872fca7aea9cc82a7455f03ab6387b
015c9b8a3b647259e49b2c2ae8635e86d1e38e519b8ea1927cc6fbc555edb854
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "015C9B8A3B647259E49B2C2AE8635E86D1E38E519B8EA1927CC6FBC555EDB854"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 06 Oct 2022 23:35:36 GMT
Date: Thu, 06 Oct 2022 17:35:36 GMT
Connection: keep-alive
hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 1d1d6af2613118ce812f5c6e248c578f
8e5b5fa043bb29af0d5588f803456a0d1eacd2eb
5476bf3ec56f528ec92df6fd978dd3258bcc14ee75c4c5c85b37b5755b754bcd
GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 17:35:35 GMT
Etag: fc8eec2100642f9d3d76402e1f19dd58
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CC07013A3D095C3C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?77409543834ae4b82f3c7707c8d5b7cf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?77409543834ae4b82f3c7707c8d5b7cf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash d6c00c275228308500a9919fcc61b6e9
ad8610494167f180aeda70651a4c6d0dedf2e110
ac2f4e4daf0ea2c4007129a90259fec1242383ba31f911b33f7ecaccf030abd5
GET /hm.js?77409543834ae4b82f3c7707c8d5b7cf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 17:35:35 GMT
Etag: a7af8c693943cb40dc632e6a9ee35ffe
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=17CE7915E9C98264; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.mgcqnd.xyz/template/m1938pc/images/1.gif
173.231.17.185200 OK 254 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/1.gif
IP 173.231.17.185:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:36 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sat, 05 Nov 2022 17:35:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/html9/ad/zxf8.js
173.231.17.185200 OK 641 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/html9/ad/zxf8.js
IP 173.231.17.185:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash b840c26fe2ad5f5fed93a1422e810847
2e682ed0739aa6258b57deeb01e3b013edc0022d
e86ced398e2f16d4e3bc271378f9abc9961bbecc17d58ad9399733a61aa3f7b6
GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:36 GMT
content-type: application/javascript
content-length: 641
last-modified: Fri, 22 Jul 2022 08:35:23 GMT
etag: "62da614b-281"
expires: Fri, 07 Oct 2022 05:35:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=562201370&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=29992&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.nomadicsahil.com%2F&tt=%E6%AD%A6%E6%B1%89%E8%B0%95%E6%8B%A5%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=562201370&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=29992&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.nomadicsahil.com%2F&tt=%E6%AD%A6%E6%B1%89%E8%B0%95%E6%8B%A5%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=562201370&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=29992&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.nomadicsahil.com%2F&tt=%E6%AD%A6%E6%B1%89%E8%B0%95%E6%8B%A5%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 17:35:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=55B47DDB8C3DFCC6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1583077997&si=77409543834ae4b82f3c7707c8d5b7cf&v=1.2.97&lv=1&sn=29992&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.nomadicsahil.com%2F&tt=%E6%AD%A6%E6%B1%89%E8%B0%95%E6%8B%A5%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1583077997&si=77409543834ae4b82f3c7707c8d5b7cf&v=1.2.97&lv=1&sn=29992&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.nomadicsahil.com%2F&tt=%E6%AD%A6%E6%B1%89%E8%B0%95%E6%8B%A5%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1583077997&si=77409543834ae4b82f3c7707c8d5b7cf&v=1.2.97&lv=1&sn=29992&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.nomadicsahil.com%2F&tt=%E6%AD%A6%E6%B1%89%E8%B0%95%E6%8B%A5%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 17:35:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=505EE2E04C82384C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 587dee18b9db8c52e65c0f9457eb9431
574023b9784cd0a872dc5774065968e214683ae1
a9c782061b004518d950b2d49ad818d80d2f5a4c025b3bcb17d55dcfbde9d0e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9C782061B004518D950B2D49AD818D80D2F5A4C025B3BCB17D55DCFBDE9D0E0"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9160
Expires: Thu, 06 Oct 2022 20:08:17 GMT
Date: Thu, 06 Oct 2022 17:35:37 GMT
Connection: keep-alive
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
45.154.214.239301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 45.154.214.239:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: text/html
content-length: 162
location: https://acoossf.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c2845ce03f867f03e55309dbb0bd113e
7fec053a8e3f76af4f060d7491e7ef3335ce905d
fbe299339a0a569f07ce097438416ad4d90a98ff64b2ba5fb90b457fc60981b1
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 17:35:37 GMT
Ali-Swift-Global-Savetime: 1665077737
Via: cache17.l2de2[46,46,200-0,M], cache17.l2de2[48,0], cache1.se1[70,70,200-0,M], cache1.se1[71,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 06 Oct 2022 17:35:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516650777374968122e
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15432727
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Thu, 06 Oct 2022 17:35:37 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Thu, 06 Oct 2022 14:18:27 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: 3DAAAADkEQ6fgBsX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1665065907
Via: cache15.l2de2[0,0,304-0,H], cache23.l2de2[0,0], cache7.se1[0,0,200-0,H], cache4.se1[1,0]
Content-Encoding: gzip
Age: 11830
X-Cache: HIT TCP_MEM_HIT dirn:11:465481915
X-Swift-SaveTime: Thu, 06 Oct 2022 14:43:50 GMT
X-Swift-CacheTime: 84877
Timing-Allow-Origin: *
EagleId: 2ff62c9816650777375782854e
www.mgcqnd.xyz/template/m1938pc/css/ate.css
173.231.17.185200 OK 6.5 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/css/ate.css
IP 173.231.17.185:0
Hash fdbbc0ba24138c6d012dd38b9350eaec
4010f2268790af70d4b12e59378baedaad98457a
1d7ba7cbdbf37b2ff563af8f3fdb30d890df7341235a1f2469b92f0c9b6b0ffb
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:36 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Fri, 07 Oct 2022 05:35:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:37 GMT
Last-Modified: Thu, 06 Oct 2022 15:55:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:37 GMT
Last-Modified: Thu, 06 Oct 2022 15:55:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2022/10-06/11/zstb10mxxoc1149zstb10mxxoc095083.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/zstb10mxxoc1149zstb10mxxoc095083.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash d5d54b9d5793a000f3bcfa3087a6d8c6
642b1270db995cc64a537108edc4624ed506fb14
9d7d81ecf85ce37713b29faad44e1d0e67308e9042087025b3186e76ed62fee4
GET /upload/vod/2022/10-06/11/zstb10mxxoc1149zstb10mxxoc095083.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 10673
cf-bgj: h2pri
etag: "c545369736d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TudydcDlw%2F%2FJTYO%2BmAccWtVroyz6gR2vsCBUFbXec8k1LoJm103tL9OjYGXDWk82eAvK4%2BQ180f63tS%2Fqz5o9aLUuixi8ab7yO3tIKzUgFTDCmdngzNKFA5aOeI%2B35JnrYZv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950acf7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/fo0mpx55wu41149fo0mpx55wu4125089.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/fo0mpx55wu41149fo0mpx55wu4125089.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c68743ba0e2965a7ee1cdac06f796763
eeaf1156807944bcb447dbbb758fc0ee2b3fd0c4
c4f7aab69d0c4d47188238ba799c9bc018bc4dc5de24195eebebc7539b549006
GET /upload/vod/2022/10-06/11/fo0mpx55wu41149fo0mpx55wu4125089.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 11418
cf-bgj: h2pri
etag: "5f35c99836d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s1HOUCQ7hQsQIElY0TOSC%2BsbFBJ7scK2T0sFnDWduCPawNlzEJJvz0UwRh5m4kPqAoby2RRCIvLU2c0Sw26IfJg6fN8jEPGSzGcUWTD%2B3WhP9iR3xVXifq1n1D0gH3jLIVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ad27750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/ezy325bhff01149ezy325bhff0135093.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/ezy325bhff01149ezy325bhff0135093.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 166387519edc0b1cc67703f39faa8c08
e27e1df546b915ac7fdd58f742f64add10ad5907
2b84e2739d4fd5549363fb13f40ef0e51743540946424f9bd4a5f1fb469dfdc4
GET /upload/vod/2022/10-06/11/ezy325bhff01149ezy325bhff0135093.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 10671
cf-bgj: h2pri
etag: "b5a2cf9936d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4622
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BTw20jgnSkt%2FSzDxaW505OUnBQX7hKmnX9CoVWxWFOmZfo%2BptVw1Xt3n%2FRgU3qqwi3Wp8VYNM4OrUwVwjAfVEgRhcJ8guOk%2BQCRthfQU4RPcYnF6U3p23TBw8lsRVjHFcNk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ad57750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/wzetw0qkgp30512wzetw0qkgp34013878.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/wzetw0qkgp30512wzetw0qkgp34013878.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c7c84a6346f334eae0e19b76f17ca9b0
77b61a14f95266b3a5fd890f5bec8380618511ee
a4d58f20146edd5cb12d5249ec30659e52df671aa964b3dac1fb44094226e2bb
GET /upload/vod/2019/11-08/05/wzetw0qkgp30512wzetw0qkgp34013878.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 12312
cf-bgj: h2pri
etag: "ced016b095d51:0"
last-modified: Thu, 07 Nov 2019 21:12:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXxhX6uCm%2FjEzsFeYHLLjKsirKZgDeF1%2Fb4iF1x0OS0QjtU6QgsWj%2Bs4rZxZcrclC%2Blm%2F%2FAhCgnQaZG8HT8aQR74LYOL1KgvA8p%2FA7aeiy5lpnxUEHeWURy%2Bc6IVvV0D5IIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950acb7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:37 GMT
Last-Modified: Thu, 06 Oct 2022 15:55:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2019/11-08/05/gbvmxqamtxt0513gbvmxqamtxt2813920.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/gbvmxqamtxt0513gbvmxqamtxt2813920.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8b966b6187630314ce688447ef1ec4d8
550645449e2f9a06219cbdbc3de4266f3ce062eb
d1e2cc0a0b3cb54f40c2bfffecfc4073c540701c7b94a344134bf449907d63e0
GET /upload/vod/2019/11-08/05/gbvmxqamtxt0513gbvmxqamtxt2813920.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 12120
cf-bgj: h2pri
etag: "c6a7133b095d51:0"
last-modified: Thu, 07 Nov 2019 21:13:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2mjgHk68Rzxeh1JWSP43eNuDO5KYx%2FLEkmh4w1eCpggPd3yE3goUZhg1lCK3Ors6bE32zyWJ2Hvs9R%2Bb2Fd4PLAP0OSI0U7vIILy0QbQ005NY7iP60uhyGv20Wqr%2F7uEeHD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ace7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/r3mysynvouq0512r3mysynvouq0813850.jpg
172.64.140.29200 OK 9.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/r3mysynvouq0512r3mysynvouq0813850.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 36d2b000677533b05387c3f87d5de52b
3e804c6b96bcbf35664619d135435fe227e40cbf
cbec712fe7e29bedf2347b3ed25d4c73c6153aa1158daa3bd765b8cdc2c18190
GET /upload/vod/2019/11-08/05/r3mysynvouq0512r3mysynvouq0813850.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 9552
cf-bgj: h2pri
etag: "868bea3b095d51:0"
last-modified: Thu, 07 Nov 2019 21:12:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6R5%2B6bPK6LtjzgIyyIX33RUf3PjK9esMqk1WHdk56ELrHn3Ce8AUYznJGIlBQh4T8RGBr8MlMmgTJAAU3N4exAVk2KsTrnUDB%2Bwv4YOJtOxv1dqJ7P%2B5eWxcSjtIAQ57ISaZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ac67750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/hf0d0ahhiuq0512hf0d0ahhiuq5613892.jpg
172.64.140.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/hf0d0ahhiuq0512hf0d0ahhiuq5613892.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1364d975d24e226a04bcc6e7fc708a13
ae133467fd5648141710d0e312ad87568aa12a54
5b47204e808e7d517d359e6ec06ff88da625c75b554f63f7a57dd4d09f3b31e4
GET /upload/vod/2019/11-08/05/hf0d0ahhiuq0512hf0d0ahhiuq5613892.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 8470
cf-bgj: h2pri
etag: "1e765920b095d51:0"
last-modified: Thu, 07 Nov 2019 21:12:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJdmbbEy8YybafJghhpyybD%2Fz1IQfQB5uyhhHfy9tH%2Bq0WnsG9aMV3J1piwP%2FNrTf9VNK1wfodb9yf0uLVQLVgBouqvRz1xkmQykh5e5Un%2B2EK%2FkrdS2snmLHNtz9S6AH8ly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ac27750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/xq3rl2rf1wh0816xq3rl2rf1wh4020856.jpg
172.64.140.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/xq3rl2rf1wh0816xq3rl2rf1wh4020856.jpg
IP 172.64.140.29:0
Hash e54f503c6bfda5ddc98aae3e2de63482
6b1f90b2bfd272a67cd8390fb0fb77692f6b55ec
7bc99b97abe1517b111d698147956f16302c7cbc0b9e8f4fa6f001053e33bb62
GET /upload/vod/2019/11-08/08/xq3rl2rf1wh0816xq3rl2rf1wh4020856.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 7250
cf-bgj: h2pri
etag: "a6d2eccac995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsNyK3GgHqqCKbX5Qc8uDT4MIcsKRNoj0scCBAS1Ng7yemRNCk76NAcHYYatbwfQeEZw4P87EqHYGoExxIv3HzULzC0zk5f%2FLFvUNV90w1h3z75usvOe%2B%2FMrUN9sTxUAHB6n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b277750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/caf2035qudn1149caf2035qudn115087.jpg
172.64.140.29200 OK 6.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/caf2035qudn1149caf2035qudn115087.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b219240033fe75a80a0e08c52492331e
34fcea7e2e38ae9244d1323f17337f8f45afb567
a36b41c44ff943659b3183bb5bab1c1f9c10ab3551d8529d461d41deaf319e9b
GET /upload/vod/2022/10-06/11/caf2035qudn1149caf2035qudn115087.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 6022
cf-bgj: h2pri
etag: "a6b0439836d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRLFaCyDzM7xw97rvPEK500edLq1%2FaPGAI%2F7P5AWrMSj6yUn4mt0MUBJ90px%2FcvPr1X%2BjyRpAyIUClU4cLcYufUD1Dqg7cZQWjAZq6JpZikS5KXPM%2Fiyu3bw6iL8j2OtmkI2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ad17750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/index.php
20.205.43.35200 OK 12 kB URL HTTP/2 mang.tiryakioyun.com/news/index.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash fc85fc6d31869bc34aa510f7bf8ade1c
24f44dc6571a6b88e75841b865133827fdc36875
b67aa44b538e9364c4d6c12cfe9f806cd11fefdab918a0287a7a6e40f81289d0
GET /news/index.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nomadicsahil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 06 Oct 2022 17:35:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/uedvmmfxfg31149uedvmmfxfg3105085.jpg
172.64.140.29200 OK 8.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/uedvmmfxfg31149uedvmmfxfg3105085.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash a899d85a9f1bf0c68f6e5dd6cd7b3409
e938653d460ea8ae753490cae325704eea883486
405745298dbd91069753d00db1802c248d6596f9c99f6b8fcdfd834f806d5375
GET /upload/vod/2022/10-06/11/uedvmmfxfg31149uedvmmfxfg3105085.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 8046
cf-bgj: h2pri
etag: "af2cbe9736d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsk6aISlh%2Bia8Gi4wPVfZCqGoDj8MtvEtjaVVNVQhqvISFFbKsywveczabvGVwFYf4laNAHZ%2Barq%2B%2Biw4PLPezDirmru1UKaXjsT4lyzHynakwgGpjcGUEWbNZihSl6b1nF0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ad07750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/n2s044zknp41149n2s044zknp4135091.jpg
172.64.140.29200 OK 9.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/n2s044zknp41149n2s044zknp4135091.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ee25cb2e9f67c0849cfc09841129ce82
04931af30b90035e64d97289d3dc2b1313b5af65
7c1806a0aff067f0535adc088a9820c6ccb6fcce40fc32fb54092a8787fc7fd5
GET /upload/vod/2022/10-06/11/n2s044zknp41149n2s044zknp4135091.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 9023
cf-bgj: h2pri
etag: "68e24e9936d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P67f45WdSQGLwdJrSMP7lKuzrjOtHqscpp8bIbaCX7Vqe4nK0i7ay7WiOavkrUcxIt2COmMwfLUZFRaS8MdSBRu9xgDpSm8m87raIi%2FueHGZTSZGUtE98OSL6IFXPkqNmXMc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027950ad47750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/qa2hewmek0e1148qa2hewmek0e495047.jpg
172.64.140.29200 OK 8.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/qa2hewmek0e1148qa2hewmek0e495047.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9d9cdfd3456c8423829957dd3bed46f1
30e1d8c5c4831abfdcf48bacf29394da27c144c9
a6fe37a00ddc6e500b6b1b2e3d9485364dd06688f360c82d64a8c8cc2b50bea9
GET /upload/vod/2022/10-06/11/qa2hewmek0e1148qa2hewmek0e495047.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 8314
cf-bgj: h2pri
etag: "63a7708b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9VxtsHNe%2BxyeCzH3phly2RqyyNzifTGvTgqjo3obVmulpMYKb6Vzk%2FAx49fjb9sTowiWECa44MtOCRimSuK2paeGLRnsXx6DZDKegYMfT6byLiwMuAUwAsr%2BjnCJ4ZzQRxA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027951ad87750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/x3aclsfqyb21148x3aclsfqyb2505049.jpg
172.64.140.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/x3aclsfqyb21148x3aclsfqyb2505049.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash fb47ec1f2438d30756cf2588b542aa2c
8af422efcae1e4be2242b3f9fdfe47e5fe7036d8
63d2ea56218f5699a9040cce92ad2fe719caa535f30d2ed585a06c5b2428c6f4
GET /upload/vod/2022/10-06/11/x3aclsfqyb21148x3aclsfqyb2505049.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 12712
cf-bgj: h2pri
etag: "cb8ef88b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6VR854JT6w9bARZfqCTqFNdzzcjKgWyqR2TuX3OCtQ7Ountdvi80SPj9xm8PaSGTZRBITqk%2BcmLAL0ZkExUyEmN8w5ucxLg9KoRkrCLMBP2EGgUINq4LXPWNzX3wwZxa8hd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b077750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/4vwveuo5ysv11484vwveuo5ysv515051.jpg
172.64.140.29200 OK 5.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/4vwveuo5ysv11484vwveuo5ysv515051.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 2c969ce722428fb4dcde69228d94dc33
92b7207712cf9a10c78aafebc3dac04c2e1019f3
8a979f098eb04419c067a4f80ca4f7a68dc7b93a9490fda40aae5e91639543c4
GET /upload/vod/2022/10-06/11/4vwveuo5ysv11484vwveuo5ysv515051.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 5425
cf-bgj: h2pri
etag: "53bd808c36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zcm4PM%2BJfaTvd50EKZUvNeB%2Bw3IC51wIbY6XJWpUvRdv9no967Eep0FiZYUkmnfChC3%2FnbZWhRf94uTl1oF1BIpqPUG5b2IzlLjoiRAnjCWKogrlWE1eI3Tn1C%2F5%2BvGWDeov"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b097750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/shl0wqixzca1148shl0wqixzca525053.jpg
172.64.140.29200 OK 6.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/shl0wqixzca1148shl0wqixzca525053.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 286f3540a23958ed0166e1508a7cf88e
a2f554ee0333ca7bdb480f1482a347620cf58ebc
da38c2325069ce44959cd13ee154b6f2c08acd083b8660a132e6c0cfa3cdded4
GET /upload/vod/2022/10-06/11/shl0wqixzca1148shl0wqixzca525053.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 6152
cf-bgj: h2pri
etag: "27cf88d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq2eP1kDt%2FZsMLBny9PNPcNsz9ohdFviNoeQ%2F%2FsbrggEh0BJGpqLkHqTVH7TqfQ%2BYYpsCFGJiDbG7aVYLJS1X9p%2B2HUAE%2FYfHtUakrKqsvX3ND9gMdvmgZZ65GW2GeKRctug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b0c7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg
172.64.140.29200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 6515b428812ee0938a3bd77f6f2a17f2
f9babb54d289c90562d6541315d39da09cf76919
086a58422c77df96f57f2ca4c0773c63ab07f8ac492ef7f63aeb8b8641774247
GET /upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 8644
cf-bgj: h2pri
etag: "e6bd908d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n74tlBVPWtJlYTbO6PBcu2Xg%2FmiB2O7gCipJ%2FEl4yFMYvX2c8ja8Zs%2F3jTKODZttKa79L6Tp71lIhq54MC7Pc89E5RGn4KoUfgIEZcypd3y9gzddp2%2Fz5ZKM5ABzTXM4kk10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b0d7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg
172.64.140.29200 OK 9.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 41b481766a540b769f7315663aa97b38
f568219dacca45dc8e23fc4dd56a4a4e25bf2b59
b7c6bb271a51a48f7e669b901e2f9e4a7d5bf02eaac5cf03b6100491e74f44a8
GET /upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 9594
cf-bgj: h2pri
etag: "1d4188e36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uShjsgZoM21Er4fllVhk1ye%2FUoYOhDiO07bo5XE%2BZ1snB4n2mELXiFeAmCNFgWv9SJ8iYJohJ5Q9o0eSeqiR129alkni4Rgpc6rmuOJ3bHfj6%2FxPkY65xmPn0PK4BQ37fu9M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b0e7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/ptsd1gtc0rn1148ptsd1gtc0rn225013.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/ptsd1gtc0rn1148ptsd1gtc0rn225013.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3b2b7e98fa3e256b760c78c5b5e4013d
a96d4ed404f6e1409a53739fdd397e6b1151aec9
ae12e419fd964abb6bfce9feed86e3e4827d7a21afb70c548d94d3584c1b5578
GET /upload/vod/2022/10-06/11/ptsd1gtc0rn1148ptsd1gtc0rn225013.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 11848
cf-bgj: h2pri
etag: "3fbae37a36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3URJOT7s%2Bc2czrJmRGlJVcDfHRdc4fYGtTGb0KpFkNbuKNW%2FFnBV73%2BMuYVtIiYp8kzFSpbSp0nMqOzLb%2FG5V49SWJ8kKP9z1T6EOl3lZYXM9jMR0ocQdt%2FFh%2F9tlfrEQ%2B59"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b127750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/xawopxuvekq1148xawopxuvekq225015.jpg
172.64.140.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/xawopxuvekq1148xawopxuvekq225015.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0d989bb823e83e3307c1217f80ca9504
67359ba5dfd8d158f0d4d167ac66d02c7200ee4e
e0f4999bdecfc95861a8469bc16bd088838174ba658ee178f80b47ef4f0c61d2
GET /upload/vod/2022/10-06/11/xawopxuvekq1148xawopxuvekq225015.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 13203
cf-bgj: h2pri
etag: "963f697b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1WnjRgrneez8mGitP1CwF2fux2PNCFjSPYO05v9zY8whFXVctbqWl8ktYwwW4d2aXJ0IC0QbTmx20XMi12x9v%2FDP8jVgqI51h4eb1hFLxDQyKrgoes%2FgCVFEbSHOX55Xw7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b137750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/3hzaknuwf3i11483hzaknuwf3i245019.jpg
172.64.140.29200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/3hzaknuwf3i11483hzaknuwf3i245019.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 807134232e869db5ad8c4bc5e32ee550
c150155459b5d9e88c283450ae7799312c4a51a9
1f1c327e0d0cbe61364f53fb6f2b8a8ca4b2ed90330fecca9ae0a7aa3b8dbe32
GET /upload/vod/2022/10-06/11/3hzaknuwf3i11483hzaknuwf3i245019.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 9930
cf-bgj: h2pri
etag: "57df9c7c36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGJOHENGwxV3F3AlvEvuZCGp4DBDU8S306b3DE3%2Fp%2FkjYPnv5j3%2FMX1XYTwQjEfpI4zu%2BeWnsXhDbXOHFKtm98A1pZVqR%2BRaqCkzWZ446W8rcLJq8LgfBRXGQyGVg%2F%2FYoDlC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b157750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/arikpgw1ap41148arikpgw1ap4255021.jpg
172.64.140.29200 OK 7.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/arikpgw1ap41148arikpgw1ap4255021.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bb7197d04e797e2f9947eb8980e64c25
89fd901800e155f7e5f17b78403de024376227db
206cbde9191e61a479eb8045db830cfa2bf965661906bddd62b9be0aed8c2c39
GET /upload/vod/2022/10-06/11/arikpgw1ap41148arikpgw1ap4255021.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 7913
cf-bgj: h2pri
etag: "63d7247d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ol2QnGHHJH%2Bd%2BgBmohJp5dSKpKKaEKHiw7t48cYUQnk3ejTEgNdT9qkbOzgxAwwXWqZLUVtFgnowCxaX%2Fl7652Q4%2FplxgOxCt5ZinDD3SkcYAUGnMiV73a0HOn6ssMexE4NM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b167750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/43t22p522kk114843t22p522kk235017.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/43t22p522kk114843t22p522kk235017.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 87225eaeddc35e246a3d8fe596c916b5
b24ead2dcbf436a79c4cb968bc605211ac4b9ec5
07dcebf7366489dbce2b8ad6723c9eef17d3b5fd35b49e8103e368233205b427
GET /upload/vod/2022/10-06/11/43t22p522kk114843t22p522kk235017.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 11735
cf-bgj: h2pri
etag: "5426f17b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3465
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MN1HhR%2F2p9hAioMqDfSE5ypBUcN%2BjXiGIsOVg%2F49GzqKukpiuGJi%2BEBqyY57tVkBI195hSWzvfOM6w9Qql2Kladg8iRAGONYUoxZtQGhk1QRPySVYkiqstGcCcKfuabiOeEF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b147750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/42s2zrmf5yr114842s2zrmf5yr265023.jpg
172.64.140.29200 OK 7.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/42s2zrmf5yr114842s2zrmf5yr265023.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7f1d7ec30b7cb8b041de0e080e53286d
91ae641ced066fc3a24170a393226170cc8f2a24
63bcfdb5e2d05fd4bcb3aa388b11621ec5c42df5a060180e69db8c11d2cffda8
GET /upload/vod/2022/10-06/11/42s2zrmf5yr114842s2zrmf5yr265023.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 7056
cf-bgj: h2pri
etag: "1afaa77d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpamimHe2cWzA6jtnl%2FN18o%2FDfIo0D8xbswvrmtu8Z8eqhhpXJ0XACM7%2FbWnHU9%2BoEY1l5GzF3hufzyJTj2ktcjrBD%2FbhzUWpx0pb45%2BUsvwu4UWwdufQF4caVHKLFBp0zhK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b1a7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f2a8789ed6ea14341492d37fac4595f9
c88bf5860453ad667dc58c27deb31873acc61cd5
5b8460b19f3d79f29044eb4884447e61a5894d58d2dbb232eeb991313dabede4
GET /upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 12196
cf-bgj: h2pri
etag: "72f0c1dde169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3uqh4HZYsxw0D7X%2F9GL1Vlg6t1nZpWLgxae8EUe8WZ%2BGtyqmOulZrFzUkK5bcP6aOKZH6pcZyTb2D1BsCKNOOYTXYAcEga9Zv%2FZh1ew%2Bai3DDj9kO9in3YIiFhJZDWEQq2r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b1d7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c45eda38d46f5acd58867ef8b570bb2
26b02ebb1c069acd757c04f2ffcc81a085470907
a8a0ed14544bd1b8eca15c0faeaeb4cace07a7da700cc21ef7a0b47fa38daffd
GET /upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 12006
cf-bgj: h2pri
etag: "c23253e1e169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3381
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7bAqiRMQJov12XpaDMMhi6n3nGHczHzw2ohIi5C1Qcka6BnaLnjUU1WnhyJCrxkjVlmqJQ59cUPSf43kexa4D%2FKZJjG7OnirQG1CbJDuIu2FgwaIesQZWCsIPgmS5bqgLPA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b1e7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
172.64.140.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b567dbb6fb1db9f38bd0459ee707f4a9
a78cf16102114a17aef64addc6e1ca8db381600a
7c80046668ca43bae8a195d776c6afc2895a45869fa18e8dc239fa279f7102d3
GET /upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 9264
cf-bgj: h2pri
etag: "9a84eee1e169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6304
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnThlN65ZA1CCsm0IA%2Futv1YkIn9RTjuB0%2BfqSQnot5jVCvZAldipdYL%2Fxha1mogxc6w0j1Y0a1u0nzEChod2vZFmmSSIqyFm%2FcHIlAuMnsADrr7is8HE7d%2FWL4UO7wttTQF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b207750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/0vqz41nki2p08150vqz41nki2p5220832.jpg
172.64.140.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/0vqz41nki2p08150vqz41nki2p5220832.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7ce45f499100503a339d765138fc5d5f
7a992e9153945d18f927db4d83ec6ae04452064e
6cd4125c07b22c0ec9f8ac5cf7038dbac931e1f29924b1e9e57751ac0bd7cffe
GET /upload/vod/2019/11-08/08/0vqz41nki2p08150vqz41nki2p5220832.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 9337
cf-bgj: h2pri
etag: "54358caec995d51:0"
last-modified: Fri, 08 Nov 2019 00:15:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=np6V7DyINkK87FMUvBvSCOPHCXgSry3Yt1LEvNVJUxPqf%2FaXKoN%2FVQsN0wQhPT%2BjRb9VWbG9KN9kHq5zFsgo%2F6sZAYYqjRwqt9UjW%2FjC45T5%2BtM42evKt9TC3NPJBiNjNICa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b227750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/epwrez5wcjl0816epwrez5wcjl2420848.jpg
172.64.140.29200 OK 7.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/epwrez5wcjl0816epwrez5wcjl2420848.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 59b8c65d0f5e6cb0567e089128a6e6af
5ca0e660761e9548a99cb83c7503334e3322f9d4
c8672b3bb2bbaa7ddf1579355033858c389fe580f9e45c098bcfa4340ac63229
GET /upload/vod/2019/11-08/08/epwrez5wcjl0816epwrez5wcjl2420848.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 7688
cf-bgj: h2pri
etag: "8fb871c1c995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q76ZPkvBeAx7HTa7ju4GN3XtHsngRL4v%2FlJQhkcbgeTo8QZJ1HndVZfjCrgmee7DL3aGeL5uFrX7XdKFloNcvk5qpxYl7qVYS89ebXirafnLLw2UUog2HoBUyJCurXFWLJHa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b267750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/pxoee4k4yna0816pxoee4k4yna5620864.jpg
172.64.140.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/pxoee4k4yna0816pxoee4k4yna5620864.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 73e0ea1b063ea1d7a794d51f114f4b0f
3e4596e4da86d64487bf98dd5bcf1e97e0fef7f4
eac9fb79c5823cce24a86107a4f92cbf3c5b9bed645259637e726869001d17fe
GET /upload/vod/2019/11-08/08/pxoee4k4yna0816pxoee4k4yna5620864.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 8471
cf-bgj: h2pri
etag: "a705cd4c995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUrb2ggVTqU1VGoEJxs7Ot27eGKJSvJPS9RKmENXpJe%2FJeIzUHDQW6Yj8XyVijwZb7r8bTrcDW7b0PQUDYysbHNDBaROJ%2BLSxhNbB0HNfn3cysdk5siTQyNuBtJNCD18zV8A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b287750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/psmbryelsga0817psmbryelsga2720880.jpg
172.64.140.29200 OK 7.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/psmbryelsga0817psmbryelsga2720880.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a6cb7987e81b4a2b0719e29858ced95d
b499f90e4477cd7b56777b185e705d2f05f364de
9a65d275d6d2843ec463944bc822bfdd4c769f2a5292e3abbc89d03e4907ccbf
GET /upload/vod/2019/11-08/08/psmbryelsga0817psmbryelsga2720880.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 7931
cf-bgj: h2pri
etag: "518441e7c995d51:0"
last-modified: Fri, 08 Nov 2019 00:17:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7fKaRWUrq5trhbZWerFL6aDhyjoLwgYeOJ%2BJc7ziRiVYhRgp1lNeQkDbVyz3GOhDiFm8cbQiHb35rrsplPaTmRJ2rsUcSS9r4I1kidjJgwUsfQe6gXcBKlPodB5X%2B8u8eNa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b307750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/dgcmivcvjvb0513dgcmivcvjvb1213906.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/dgcmivcvjvb0513dgcmivcvjvb1213906.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 42e3b3b8101bb93ca10eebbfcc9f8afe
512a11a692d347997a2885aee727574d2ae9ffe7
865e1aa73ca1abfabacf3ceff1e521de63c75f972b52df9cbdeaea6e991ffde6
GET /upload/vod/2019/11-08/05/dgcmivcvjvb0513dgcmivcvjvb1213906.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 10011
cf-bgj: h2pri
etag: "318fd29b095d51:0"
last-modified: Thu, 07 Nov 2019 21:13:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSU4TSYeDV3DFzjE6H%2FPcdWa7Nw09EvoONVnKzox%2F%2B3s7dB1ySwiDuabusiFvzXbEBO0o0BIcboV8V6wIgSYTxjxTCfIYpB6YxovmEw9MOdwm8BlqoCzaCP6TNBN4Vy7dYL0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b327750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
172.64.140.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4de69e86cac1b908c088cafd5a7b0b6e
cd030960d031bb1ce4e5d46a39bcda1ae56e0064
a9da837629b12da43d48dccbce14f1c401280a7d67afb0a58f556abf402122e6
GET /upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 13417
cf-bgj: h2pri
etag: "78394cdee169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j9mMJfTARVQcnKQ4D8K5pkhmKNTYC%2BhPOAnQX5M20CsBJx9Y9FAyQiJahNrRl6P0iI2vzqZ1CtBUS9V4F%2FjWe0upzJqHkCS0uaTIVTeutuJxsYvHY9E2QJzTSuhnQjTC%2FfJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b337750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:37 GMT
Last-Modified: Thu, 06 Oct 2022 15:55:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:37 GMT
Last-Modified: Thu, 06 Oct 2022 15:55:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2019/11-08/08/pz12fkksoe20815pz12fkksoe23620824.jpg
172.64.140.29200 OK 7.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/pz12fkksoe20815pz12fkksoe23620824.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8560d66deef18411fb3aca68c04bab55
87f2fc793928b5aeffc2678c7fabf9d63569b5b5
4045fd5662c56d2034b09e9aff8e4897d2f7fb3cb59cde3264d39d1991a87084
GET /upload/vod/2019/11-08/08/pz12fkksoe20815pz12fkksoe23620824.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 6984
cf-bgj: h2pri
etag: "5a1b11a5c995d51:0"
last-modified: Fri, 08 Nov 2019 00:15:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8IFBIpQ7S2MWwpxrVBCIWWMK9flTY7rUZypZZrAL3FV3i2Z3FSa4O1TuZPTgyFifaKSCTcsTVFWOGLmclF2I%2F9rvxcBjrigKRox4nwv5sGV2LNwHWuO13Mso8SRFr%2F6sX7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027959c367750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a0741d329cee994f16daea3773a715b
ed94076cdef01486c2303b7083cbeb549ec9e3ad
3f3cf3e7a4c07a79bc65585c43f253fe91fab319c4b45d0c8e3de7f164752c6e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3F3CF3E7A4C07A79BC65585C43F253FE91FAB319C4B45D0C8E3DE7F164752C6E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Thu, 06 Oct 2022 18:25:38 GMT
Date: Thu, 06 Oct 2022 17:35:37 GMT
Connection: keep-alive
www.mgcqnd.xyz/template/m1938pc/images/video-mask.png
173.231.17.185200 OK 107 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/video-mask.png
IP 173.231.17.185:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sat, 05 Nov 2022 17:35:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/images/video-play.png
173.231.17.185200 OK 1.6 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/video-play.png
IP 173.231.17.185:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sat, 05 Nov 2022 17:35:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash def55585c795c2ef7e0083281584e220
0240eb34eb640c07108239b67fcd967a47641d1e
c6e63b76d7a003612600bc8e962b2b3334db0052dd12ede065cd86b3c3dbc746
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 10 Oct 2022 14:11:18 GMT
ETag: "0240eb34eb640c07108239b67fcd967a47641d1e"
Last-Modified: Thu, 06 Oct 2022 14:11:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1215
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75602795ba94b500-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5c7f2a55e2087cf7be0d440d443b0972
980e1566381cea4e5cd292257306f1685dd51628
f5695c52d227ddb080bb5c623680d8d565dbeaeabec9eae0dba1c5e76b9e737b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 15:55:50 GMT
Expires: Wed, 12 Oct 2022 15:55:49 GMT
Etag: "980e1566381cea4e5cd292257306f1685dd51628"
Cache-Control: max-age=511811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756027958d761c12-OSL
fmlb.netlbtu.com/upload/vod/2019/11-08/08/c1mv4k1vfkd0817c1mv4k1vfkd1120872.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/c1mv4k1vfkd0817c1mv4k1vfkd1120872.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash be7a2c4b4b443d5ec35114b35afefbd5
a6828d96ab76bbb5bfbd6760641f8e911e3c48e3
321e756361b3485771951e966f8063ee60c37e1646817461bf098329e789da3f
GET /upload/vod/2019/11-08/08/c1mv4k1vfkd0817c1mv4k1vfkd1120872.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/jpeg
content-length: 10129
cf-bgj: h2pri
etag: "b9f3cfddc995d51:0"
last-modified: Fri, 08 Nov 2019 00:17:11 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Qf%2FG5oh2p5tWtTnkffb5AUlMh1n7RjxhCjcugkvEc5YM4W4tBpJ2%2BRsBXxVG0wzCQybFUtxa7bFEdkVK4Y7ogaLxJWLNBnXAkwqS0LFtDlVfLbYCmbt50L8qMOn6H631xX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b2a7750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a0741d329cee994f16daea3773a715b
ed94076cdef01486c2303b7083cbeb549ec9e3ad
3f3cf3e7a4c07a79bc65585c43f253fe91fab319c4b45d0c8e3de7f164752c6e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3F3CF3E7A4C07A79BC65585C43F253FE91FAB319C4B45D0C8E3DE7F164752C6E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Thu, 06 Oct 2022 18:25:38 GMT
Date: Thu, 06 Oct 2022 17:35:37 GMT
Connection: keep-alive
www.mgcqnd.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2022106Thu%20Oct%2006%202022%2017:35:37%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.185200 OK 3.2 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2022106Thu%20Oct%2006%202022%2017:35:37%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.185:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 5a90a5bfd1d37161c221ad71bc32c07f
7635144e053c0631efc9d519a0de431c818eebaf
f480ece6fd338c502e706eb5d81f14363e07c958534b8aa853aeac861b3c84fb
GET /template/m1938pc/html9/advertised/advertised.json?refresh=2022106Thu%20Oct%2006%202022%2017:35:37%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: application/json
content-length: 3226
last-modified: Fri, 30 Sep 2022 11:54:15 GMT
etag: "6336d8e7-c9a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8acc86d58e7b307879dcad9861a4a39
83dd51394490831a509aaa76e2c0304d678dd389
785a0ad083abec6efe43ce5141904f8720a379c29fb4619632c71752ea1cfd0a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "785A0AD083ABEC6EFE43CE5141904F8720A379C29FB4619632C71752EA1CFD0A"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13920
Expires: Thu, 06 Oct 2022 21:27:37 GMT
Date: Thu, 06 Oct 2022 17:35:37 GMT
Connection: keep-alive
acoossf.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.235.170200 OK 902 kB URL HTTP/2 acoossf.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.235.170:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: acoossf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgcqnd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:37 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Tue, 01 Nov 2022 16:24:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 349871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJB5jFdAyqI5dlgbABaEd7Ga41wB8p4JXzD3QPwgl3UfGx2YVV5VPMUvohw4be6u1yT4OnO9kuu7NDXMYTJm17qqWiidwsCaYiVnvopGOSYuNeSYzpykjrSwvhgy9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75602795dbd1768f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
172.64.140.29200 OK 6.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 58ea27a500bcb3f3d868101711779560
a162c0e988323069e6396902f2fabc9da1205eb3
583dda68ba080f07505f0ba01f8d5395ef9afaddff065cbff72906e9f61aecca
GET /upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/jpeg
content-length: 5954
cf-bgj: h2pri
etag: "23f7adfe169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:08 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0XSH%2FMUQ8QPUb0ywJ93BdaRl89cClji99QKEtEGIAsMCSW4PZgAk2yM98ODkoWhWeGIRlhN0F2o0TXGcrcPgIvS1mP00SmB%2BM36XBNZGyihsuOLkm%2F1g3O4zWWJvjjd46Sv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b317750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/lnrzxizv5sj0816lnrzxizv5sj0820840.jpg
172.64.140.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/lnrzxizv5sj0816lnrzxizv5sj0820840.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0c538b8efdc2b603ec6645db5fd2a829
4d7fdb9a4e88c013b93c01011b1332df9d3e48de
8e08d63e0b25c007ce718a9a793bf460520c93ac0b66adbbc32dc26e77b2096d
GET /upload/vod/2019/11-08/08/lnrzxizv5sj0816lnrzxizv5sj0820840.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/jpeg
content-length: 8804
cf-bgj: h2pri
etag: "d0c5fdb7c995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:08 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIrNup3YQzL9IEhla4Ep3a4oxgtXz5be5mzmkmw3EhUi4uKoj6u4%2FzwHYvxjqaWRjYs0KT0Q%2FT%2FUkvfnjEgGgI2E1xeDiJ%2BK7ymP7NppLAdMvPOopg6JhPRaDbHcg5EaCvKc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756027952b247750-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70030cba6c30033e07b062c87105c88b
0796a5cdbeb98ef43dfd78690dea5e34bdfe1923
a40126434beae342bbc5e42645a39329cdfd1c68b0909493601ea2b99f224eef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A40126434BEAE342BBC5E42645A39329CDFD1C68B0909493601EA2B99F224EEF"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4183
Expires: Thu, 06 Oct 2022 18:45:21 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 0a03261812fafc49e8f2b5c4603b92cc
10b6c92404854717d5c4fd62e4669b4a1d8e6f2b
08a88140ec1ecfe35c902877a64bef457c255b19f44690e48f65ef35ae51d1ee
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 10 Oct 2022 15:38:06 GMT
ETag: "10b6c92404854717d5c4fd62e4669b4a1d8e6f2b"
Last-Modified: Thu, 06 Oct 2022 15:38:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1219
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75602797bd3eb500-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5da4c86fef9a8138c473e6da3b20506f
f46ec2f66bdcf04da9c426e590488929ab68358c
e9e105af705a4c06e554f025213026a92d7a7edea9028e6278f356199670d19c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E105AF705A4C06E554F025213026A92D7A7EDEA9028E6278F356199670D19C"
Last-Modified: Thu, 06 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19254
Expires: Thu, 06 Oct 2022 22:56:32 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5da4c86fef9a8138c473e6da3b20506f
f46ec2f66bdcf04da9c426e590488929ab68358c
e9e105af705a4c06e554f025213026a92d7a7edea9028e6278f356199670d19c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E105AF705A4C06E554F025213026A92D7A7EDEA9028E6278F356199670D19C"
Last-Modified: Thu, 06 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2235
Expires: Thu, 06 Oct 2022 18:12:53 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5da4c86fef9a8138c473e6da3b20506f
f46ec2f66bdcf04da9c426e590488929ab68358c
e9e105af705a4c06e554f025213026a92d7a7edea9028e6278f356199670d19c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E105AF705A4C06E554F025213026A92D7A7EDEA9028E6278F356199670D19C"
Last-Modified: Thu, 06 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2286
Expires: Thu, 06 Oct 2022 18:13:44 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f847bf05d93ad18459124d8fb6bbdd7
64f0d5e0109ba2be796a735426b0ed551e6b2f0d
b7e2dae1b169e85f38ac4a93e6629700dd7793f360a1680753d076320765e4e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7E2DAE1B169E85F38AC4A93E6629700DD7793F360A1680753D076320765E4E9"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21512
Expires: Thu, 06 Oct 2022 23:34:10 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15d304dcd148fbbf5e0149569224667e
ea47c50c311324cc6c3fe9ee80163e49e1655fe3
fdbfa8256f7ed2d1d50a07d2fef7d4ffcdaadaeaf7a71f1b53a67012a8dd6e2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FDBFA8256F7ED2D1D50A07D2FEF7D4FFCDAADAEAF7A71F1B53A67012A8DD6E2C"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2425
Expires: Thu, 06 Oct 2022 18:16:03 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash f3c66cbc2531aec9c980b87d4c5c1003
0a13ec20df316b33f024917bc0c9c0bad4fc07a3
bd76dce3b3c6d7bfc48a2afee182b4c17667d21f1d0688036eb4f3e578d3e0be
GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 17:35:37 GMT
Etag: f7f7adf89fd96e085dd311273ea495bb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F2ABC27E43E6C405; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (630)
Hash cb95ba0f6a77dff2d175b5bd3afae9a5
a8121c01655ad12456d68da3d598fc4b41ecfdb9
6e85b9301cd0fc8d34001fe169ea8ea33aaa1486419632f85c9f8758ffdc9b56
GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 17:35:37 GMT
Etag: ef2e476ded3a1f4d86fb7ee559eb10ae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1E438BFC76FD42E8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 277caf26ced6e6b5da49249692ae8fdd
03ea544f5214edd81d23d3d056eaf583b848c584
9d537e65265695c2480b4553edc9fddc56fef72306e8b6ea84f8bcbcbe8947d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D537E65265695C2480B4553EDC9FDDC56FEF72306E8B6EA84F8BCBCBE8947D8"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Thu, 06 Oct 2022 18:12:32 GMT
Date: Thu, 06 Oct 2022 17:35:38 GMT
Connection: keep-alive
u0083.com/f6bf20b8c7c04cdf8a46c12e407354c2.gif
20.239.174.151200 OK 106 kB URL HTTP/1.1 u0083.com/f6bf20b8c7c04cdf8a46c12e407354c2.gif
IP 20.239.174.151:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105623 bytes)
Hash d8672cb6c77971420eaad2e23cb983f9
6879e309a3a4f5aa253be7d548c7ead34ff50a3b
3c1f6314f621b3defac9f81ff04a387b41aa4213357eb15bbc3fe4c29c271c7c
GET /f6bf20b8c7c04cdf8a46c12e407354c2.gif HTTP/1.1
Host: u0083.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:37 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 07 Sep 2022 12:06:34 GMT
ETag: W/"6318894a-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1de6eb5125e0cc4072c9e152e3515eec
91923ec5dea97257914b66502304c2575c05c65d
2d804f23c197acb5631d3458e90dbbe4c96d2f96ccb48ba8f84b13151e8ca7d7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 05:22:47 GMT
Expires: Wed, 12 Oct 2022 05:22:46 GMT
Etag: "91923ec5dea97257914b66502304c2575c05c65d"
Cache-Control: max-age=473827,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75602799b9501c12-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 0f6bea71495c40b0ee44e9cfa0143221
1a4aeb03ec13239de8796b23059a5e6f4f00ee50
edcd16ca97f838cec296142f3c53b817fbef15e0bccd33af6f8961478ad0d71b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 09:58:05 GMT
Expires: Mon, 10 Oct 2022 09:58:04 GMT
Etag: "1a4aeb03ec13239de8796b23059a5e6f4f00ee50"
Cache-Control: max-age=317545,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7560279a7ae0b4f4-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5044c94151b182f62630925d204d9b71
59b6172570f3861b354ac77d1bcb8ac68dd6efe4
c409b58d7815aaf3f6468bf0b3090fdaba8d106e4df25b48abe45c3433176093
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 03:02:50 GMT
Expires: Tue, 11 Oct 2022 03:02:49 GMT
Etag: "59b6172570f3861b354ac77d1bcb8ac68dd6efe4"
Cache-Control: max-age=379030,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75602799b95a1c12-OSL
s1.xptou.com/2022/09/12/631ecde9582f0.gif
23.224.179.149200 OK 246 kB URL HTTP/2 s1.xptou.com/2022/09/12/631ecde9582f0.gif
IP 23.224.179.149:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 246 kB (245730 bytes)
Hash e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
GET /2022/09/12/631ecde9582f0.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 245730
cache-control: max-age=43200
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
etag: W/"c1d4d25db2f2cab675108d7961d2a3357d05fdd0ee5c5a0f1ced27da2977d6f9"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 0806:85A3:57FE7:7088E:633F090B
via: 1.1 varnish
x-served-by: cache-bur-kbur8200143-BUR
x-cache-hits: 1
x-timer: S1665077531.674281,VS0,VE177
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 71f59ac4430666c2104a5710397f73e3ae884652
expires: Fri, 07 Oct 2022 05:35:38 GMT
source-age: 0
x-cache: HIT, HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
vesdsp.com/73baa2446a9d453aa94fdaf9e9494fc2.gif
103.170.15.58200 OK 445 kB URL HTTP/2 vesdsp.com/73baa2446a9d453aa94fdaf9e9494fc2.gif
IP 103.170.15.58:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /73baa2446a9d453aa94fdaf9e9494fc2.gif HTTP/1.1
Host: vesdsp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63188936-6cad4"
server: nginx
date: Wed, 07 Sep 2022 12:40:33 GMT
content-type: image/gif
last-modified: Wed, 07 Sep 2022 12:06:14 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-48
content-length: 445140
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (630)
Hash 48535a8cb120a530debb2a53c62b9457
a60f53b9787a5632a0c163575da19d48bc92dc50
4baa028ed17eeac45a22225cdc9244e8301bc970014f8c868fc43ba8902cb46c
GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 17:35:37 GMT
Etag: 736ffe552bd95bd5bb9fd931f600a312
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5D67445F32F2C73A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=557473129&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29993&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=557473129&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29993&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=557473129&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29993&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 17:35:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F567377AD5B52CEC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=173729740&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29993&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=173729740&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29993&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=173729740&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29993&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 17:35:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0D6FB570BC54F9E7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3bdfb8019938439578985e97863907e7
320cd456c599e2529c8e1c6dc470ce4a0ed54cac
7827d3efb50a573f0b996e785a2f01c95db49c28c8edcfdb04494d77789f047f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 17:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 20:32:16 GMT
Expires: Tue, 11 Oct 2022 20:32:15 GMT
Etag: "320cd456c599e2529c8e1c6dc470ce4a0ed54cac"
Cache-Control: max-age=441996,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75602799bed5b4f3-OSL
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:38:31 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Sat, 05 Nov 2022 17:38:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/%E7%9A%87%E5%86%A0240x240.gif
137.175.35.2200 OK 114 kB URL HTTP/2 3p8801.co/%E7%9A%87%E5%86%A0240x240.gif
IP 137.175.35.2:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 114 kB (113483 bytes)
Hash 06e653b16b8380bd8ff599d09204f83b
02c928506c30bda05419ed0220617770c435dc7a
afb56e7d5879a7ba5561a8b3d3e7454241e51ed81aab742826b418932720ef89
GET /%E7%9A%87%E5%86%A0240x240.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:38:30 GMT
content-type: image/gif
content-length: 113483
last-modified: Sun, 24 Jul 2022 09:37:56 GMT
etag: "62dd12f4-1bb4b"
expires: Sat, 05 Nov 2022 17:38:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:33:46 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sat, 05 Nov 2022 17:33:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 915e9e0cd44c35da182dabb23013a85e
3907d3ed772f33af11678356dc5263f2273ed05a
bf8af1b891e24140ea8b6343b7ed98b2506f9c1ca00b493bdc8db9c86aaf5b56
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2107
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:39 GMT
Last-Modified: Thu, 06 Oct 2022 17:00:32 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 915e9e0cd44c35da182dabb23013a85e
3907d3ed772f33af11678356dc5263f2273ed05a
bf8af1b891e24140ea8b6343b7ed98b2506f9c1ca00b493bdc8db9c86aaf5b56
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 17:35:39 GMT
Last-Modified: Thu, 06 Oct 2022 16:08:53 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 727
uu99k.com/image/1-640X200.gif
23.224.145.194200 OK 118 kB URL HTTP/2 uu99k.com/image/1-640X200.gif
IP 23.224.145.194:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117717 bytes)
Hash 90a809e02687e4f28872e33f66cd33b1
e878a5b152fd19e45108395805b9f3176b5fbfd1
3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
GET /image/1-640X200.gif HTTP/1.1
Host: uu99k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Wed, 02 Nov 2022 05:38:03 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-pic/240-140.gif
23.225.139.251200 OK 150 kB URL HTTP/2 pic.picnewsss.com/tu-pic/240-140.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 150 kB (149597 bytes)
Hash f2d3e1a6f8899994610ab814f64bf078
9523d6eba5dd1ab466b5b2968d5d6231161e6ae6
06e958cd3720c7f7afb07142bc76c2b531df3aab1a58ef6d5f3a789f3cad0177
GET /tu-pic/240-140.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Thu, 06 Oct 2022 12:03:15 GMT
etag: "1665057795"
expires: Sat, 05 Nov 2022 12:03:15 GMT
last-modified: Thu, 06 Oct 2022 12:03:15 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 149597
X-Firefox-Spdy: h2
img.x967.xyz/images/62fbb66bab3ecbe918ac81f1.gif
23.225.228.58302 Found 671 kB URL HTTP/2 img.x967.xyz/images/62fbb66bab3ecbe918ac81f1.gif
IP 23.225.228.58:0
File type GIF image data, version 89a, 640 x 480\012- data
Size 671 kB (670683 bytes)
Hash 61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
GET /images/62fbb66bab3ecbe918ac81f1.gif HTTP/1.1
Host: img.x967.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
cache-control: max-age=86400
X-Firefox-Spdy: h2
images.xxootv.top/admin/202208/630634f18a75e.jpg
45.207.13.180200 OK 26 kB URL HTTP/2 images.xxootv.top/admin/202208/630634f18a75e.jpg
IP 45.207.13.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Hash 003320de6bd2223be46a8d7e078a0a45
fc08ff33a5d7080674882770038a92384a1bc366
7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880
Analyzer Verdict Alert quad9 Sinkholed
GET /admin/202208/630634f18a75e.jpg HTTP/1.1
Host: images.xxootv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/jpeg
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Sat, 05 Nov 2022 17:35:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.cuphf.xyz/images/62f786e81cd529cdb973c2b0.gif
23.225.222.18302 Found 455 kB URL HTTP/2 img.cuphf.xyz/images/62f786e81cd529cdb973c2b0.gif
IP 23.225.222.18:0
File type GIF image data, version 89a, 640 x 480\012- data
Size 455 kB (454806 bytes)
Hash a2adfb182a1e1629ab484d90b72f23c8
0301a7d9e60d54dd13e1cb528a0b22546790c026
7bcc06c7b13d9e1ffbff6e5b627b209b91556b3dcd39c8181f99548f150fc89b
GET /images/62f786e81cd529cdb973c2b0.gif HTTP/1.1
Host: img.cuphf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
cache-control: max-age=86400
X-Firefox-Spdy: h2
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:38:30 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Sat, 05 Nov 2022 17:38:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/3P-240x240.gif
137.175.35.2200 OK 322 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 322 kB (322371 bytes)
Hash 10b590fb68b248b758ae345f3cc33961
9e13b8044dc3e6bfcf6156977a32403f672b71c3
ee081d5613e4bafe5733342028b1518f676b9572319146f2197463836993391e
GET /3P-240x240.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:38:30 GMT
content-type: image/gif
content-length: 322371
last-modified: Sun, 24 Jul 2022 09:37:58 GMT
etag: "62dd12f6-4eb43"
expires: Sat, 05 Nov 2022 17:38:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1576368627&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29994&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1576368627&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29994&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1576368627&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=29994&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 17:35:39 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A656B2FA360460C0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
86827156167.com/4252df566c97401d9291195db384eb1b.gif
45.61.212.224200 OK 537 kB URL HTTP/1.1 86827156167.com/4252df566c97401d9291195db384eb1b.gif
IP 45.61.212.224:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 537 kB (537194 bytes)
Hash 7860cc5d81b01a5668648017780bfcb5
3ade10fdc9362db9940c5b39a862d8cf54f6a164
dde6c494a75d84f42abd494fbcbaacd0a073e536f8a543c1aa2a486fab36fa9a
GET /4252df566c97401d9291195db384eb1b.gif HTTP/1.1
Host: 86827156167.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633c1d4f-8326a"
Date: Wed, 05 Oct 2022 09:29:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 04 Oct 2022 11:47:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-24
Content-Length: 537194
si1.go2yd.com/get-image/0xmAGT9KS9C
163.171.140.79200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 17:35:39 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 633f11eb_PShlamstdAMS1vj92_21965-1244
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
47.75.19.177200 OK 96 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
IP 47.75.19.177:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash 57557d6b489d522d480d9b82ce29db65
da2d3b35f0c9534e84e50310aeafe73173037315
4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
GET /gg/960X60.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 06 Oct 2022 17:35:38 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 633F11EAFDBA0C30359AE8AD
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 2
79181531227.com/3c55f52a106a47ff98d4bf61a17901a5.gif
103.170.15.99200 OK 562 kB URL HTTP/1.1 79181531227.com/3c55f52a106a47ff98d4bf61a17901a5.gif
IP 103.170.15.99:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 562 kB (561845 bytes)
Hash 4552f51ed05e3f4ed4ffc73bbaf77df3
3f5aab58a8565d2c4c5c4f23477e64c72ce4e61e
3c64bea31f55f50536ea73aee6e1e40ac050a2108379d55765bf774dc483d7d1
Analyzer Verdict Alert quad9 Sinkholed
GET /3c55f52a106a47ff98d4bf61a17901a5.gif HTTP/1.1
Host: 79181531227.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633c1d2d-892b5"
Date: Thu, 06 Oct 2022 02:45:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 04 Oct 2022 11:46:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-29
Content-Length: 561845
www.mgcqnd.xyz/template/m1938pc/css/zui.css
173.231.17.185200 OK 20 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/css/zui.css
IP 173.231.17.185:0
Hash dae6e6dc9b8fbb29ee29e910810359ba
b41d33d617ef42d8f854c64226be5da3904cc99e
365d6390d030582e35e7aec0c7f136bedef831433973ab561bb88dbcec02ebd4
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:36 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Fri, 07 Oct 2022 05:35:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:33:46 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sat, 05 Nov 2022 17:33:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/
173.231.17.185200 OK 692 kB IP 173.231.17.185:0
Size 692 kB (691911 bytes)
Hash a452c8225dfa79231127513aa46698f5
dda88c21d95eb9fdd656f6e459a345efd9300af7
cae4d108026e614f67b32f13357defdbfcaacd30b003446ffeaa0e6891f90330
GET / HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
taiwtp1.com/img/960160.gif
220.128.218.220200 OK 166 kB URL HTTP/2 taiwtp1.com/img/960160.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 160\012- data
Size 166 kB (165614 bytes)
Hash 499d402cf727956bcdb1a229ff10c05e
95bbdda00299532dab6ca13cec744d21c0f7ae26
20be363fb9c4cc867e6d5467daff447c1e9aa10feabda9fd943672b6672aeff9
GET /img/960160.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:33:46 GMT
content-type: image/gif
content-length: 165614
last-modified: Mon, 02 May 2022 05:20:34 GMT
etag: "626f6a22-286ee"
expires: Sat, 05 Nov 2022 17:33:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/600400.gif
220.128.218.220200 OK 304 kB URL HTTP/2 taiwtp1.com/img/600400.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 600 x 400\012- data
Size 304 kB (304522 bytes)
Hash e0a34183ace6e0dff373311780daecf4
48e4233e415d464e22ac1ff3d2135d20e4c31eb8
eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
GET /img/600400.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:33:46 GMT
content-type: image/gif
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Sat, 05 Nov 2022 17:33:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.129.255.47200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 30849 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: bb8a197c-5dc9-4c68-89ad-738bbdd85ede
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png
43.129.255.47200 OK 121 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 350\012- data
Size 121 kB (121197 bytes)
Hash c333d9318beb5b59bc7fd1dbe71ed7f3
7f59fbc05d4302bc5768755ed10aa58932bf8c7a
58ae8f93dc8f4805de239cc27796b1a97bd67acd9ef72cd7f0ed73119175d4f5
GET /hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 121197
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:24:44 GMT
cache-control: max-age=2592000
x-delay: 25029 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 121197
chid: 0
fid: 0
x-nws-log-uuid: 5c86f6b1-e3e6-40cb-afed-54af74b23e24
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.129.255.47200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 304 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 9df58248-363e-45c2-9503-0b0a36250103
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.129.255.47200 OK 1.4 MB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 640 x 200\012- data
Size 1.4 MB (1362871 bytes)
Hash b43c54ced7fcd33ebd9405eb26d533b7
05e5eb23ef5a79364bc8f8fd778d54a9fa335174
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 785 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: d47539a2-661b-4813-b391-1ec46929a83d
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.129.255.47200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 456 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 204c527a-127a-4d30-837a-a7c505b3063a
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
43.129.255.47200 OK 456 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 350\012- data
Size 456 kB (456390 bytes)
Hash 24f8d711ff99c1b9e8eda597e520496d
0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 53983 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: 43a0c8d8-5f7d-4a97-8cd7-8c19e3023afc
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png
43.129.255.47200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 17:35:38 GMT
content-type: image/gif
content-length: 2668995
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:04:56 GMT
cache-control: max-age=2592000
x-delay: 128418 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 2668995
chid: 0
fid: 0
x-nws-log-uuid: 4d2b71ae-4717-40b4-b8d7-da35072523f4
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/js/jquery.config.js
173.231.17.185200 OK 0 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.17.185:0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 17:35:36 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Fri, 07 Oct 2022 05:35:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2