r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9546
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 14:37:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oAexbaCY0jcSbESDjgnhCTyn81SEoU2I7p0lKMn9NsmxRo0TnXnTSw==
Age: 1302
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5TyR6jC0CdsAsNdkkJlPrg9HCpN-R7e7wKCD9VoQx-KBwB4PuKX5nQ==
age: 18779
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
123141.com/
103.107.13.247301 Moved Permanently 0 B IP 103.107.13.247:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 123141.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 14:37:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.123141.com/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JVBIbSGi7AFTE8063EVG5T927DKrwX0XHmQSQulsrO8AjGEgRx7I6A==
Age: 1587
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6011
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:13 GMT
Last-Modified: Tue, 27 Sep 2022 12:57:02 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GB5tc5XWXyWm8uJmkwhL4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YbflBc0NR/ZtmtoFr3A+tH8lmus=
www.123141.com/
103.107.13.247200 OK 781 B IP 103.107.13.247:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 35b2df6155347eaf003ccd60f6221780
f15d765c964fbbfa1c4d8fbc0b74d88cfc10962f
c5fcf386dcf9ca4c41da2bc3278da7d8383592502adce54f3a0ac5c2f1a54fce
GET / HTTP/1.1
Host: www.123141.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 14:37:16 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive
www.123141.com/common.js
103.107.13.247200 OK 1.1 kB IP 103.107.13.247:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 3b08372f4773c8e7854234aaef938077
b65315c1d4fc673034b770705bf00746f6028d72
da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
GET /common.js HTTP/1.1
Host: www.123141.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.123141.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 14:37:16 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.123141.com/tj.js
103.107.13.247200 OK 520 B IP 103.107.13.247:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type ASCII text, with CRLF line terminators
Hash 5e3de1967cbe9a3652b84ac79dd63b78
173e49ae6682cfb7fbd6dce1db056310035dd9a2
8b0a20626fc367c0b4c785ddf5e209fcd75154796b3d72a768ea4d90cff81d02
GET /tj.js HTTP/1.1
Host: www.123141.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.123141.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 14:37:16 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
180.101.212.103200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.123141.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 27 Sep 2022 14:37:14 GMT
Etag: "4078521116"
Expires: Wed, 27 Sep 2023 14:37:14 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=A673FE93844041B90CE512A77ACB3994:FG=1; max-age=31536000; expires=Wed, 27-Sep-23 14:37:14 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.123141.com/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.123141.com/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.123141.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.123141.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 27 Sep 2022 14:37:14 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15872
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 14:37:14 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 28de27c6d8dd4c6212ab23ee4200f8a9
29fca9efe823d54695634a44b56b917647ae3249
ab5090eb3d8d45ea7766afbcc97f92f1d7d0ea688a46d0df8f17eba12c3161cb
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 01 Oct 2022 12:50:40 GMT
ETag: "29fca9efe823d54695634a44b56b917647ae3249"
Last-Modified: Tue, 27 Sep 2022 12:50:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 479
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7514f9e86e0b0af6-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 28de27c6d8dd4c6212ab23ee4200f8a9
29fca9efe823d54695634a44b56b917647ae3249
ab5090eb3d8d45ea7766afbcc97f92f1d7d0ea688a46d0df8f17eba12c3161cb
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 01 Oct 2022 12:50:40 GMT
ETag: "29fca9efe823d54695634a44b56b917647ae3249"
Last-Modified: Tue, 27 Sep 2022 12:50:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 479
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7514f9e86c2cb4fa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15872
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 14:37:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 48679
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2267eb0a20554688393db616344441ee
49546314082f2e4f4c4c2686cc0ca281ae6bae47
4e37955fb99beb25ceb9deb7c4398914af4192c2e3614e5d68cdafa8c85b256e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7146
x-amzn-requestid: 0470759c-7b3e-4e73-a4fa-15f9f3919834
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASNOGKzIAMFfaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd87-7856f7180fa1045a6092b335;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Kxa2h6hEjuAgCj3z9G2K1FzuWUMA3c5-9LM8KpjqmdP9Zm8RPoSxGg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:11:46 GMT
age: 26728
etag: "49546314082f2e4f4c4c2686cc0ca281ae6bae47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 60314
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 47482
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 60867
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 60476
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 76a8690ca3337cb225d05b084b246278
992786b37c8fef3ad96cb63fce3fcdba8bb73342
f9fcdf0cd384cfdf4e28b6ad8f45dd75fa4d8565bd13fab16125e3f74d11b191
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:15 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 11:27:46 GMT
Expires: Sat, 01 Oct 2022 11:27:45 GMT
Etag: "992786b37c8fef3ad96cb63fce3fcdba8bb73342"
Cache-Control: max-age=333630,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7514f9e7cf730b45-OSL
www.123141.com/favicon.ico
103.107.13.247200 OK 1.2 kB URL HTTP/1.1 www.123141.com/favicon.ico
IP 103.107.13.247:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.123141.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.123141.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 14:37:17 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 02 Oct 2022 14:37:17 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
hm.baidu.com/hm.js?09589783e5fb79233732eb96b7e37340
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09589783e5fb79233732eb96b7e37340
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 2a02ef1a84c60072e5d3e030e007aab5
8108ee0958301daad3dc98448583c3f0460e32da
70fed053f428c870ae996f9b2b8d64f0116ee3343b37fee79723bddf8bd3d0fb
GET /hm.js?09589783e5fb79233732eb96b7e37340 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.123141.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Tue, 27 Sep 2022 14:37:15 GMT
Etag: c2c5c65e95a66b0db70b54ae01693b24
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9B3F3658A15340AB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash a289790537a31367e8ea4c8aa6c44a19
5a7a1e2063085f768451b2e0f1836569ff48e644
787c99eba404795468e13a7afe7715fb04ecd7cc6c621baa4dbb0855570aeb6c
GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.123141.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Tue, 27 Sep 2022 14:37:15 GMT
Etag: 8b448111d4ba1f0078dd3cce600dfe43
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=991A99BF1D758624; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3c6530905aed412168811e009fd3fbe2
d50c4fb027636d94b1412d09c7d6d6d68dff43a7
a795e677105968615aa06f1c591d01802eeabd24acfedf77909101dcdce2f4dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A795E677105968615AA06F1C591D01802EEABD24ACFEDF77909101DCDCE2F4DC"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17907
Expires: Tue, 27 Sep 2022 19:35:43 GMT
Date: Tue, 27 Sep 2022 14:37:16 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1808426197&si=09589783e5fb79233732eb96b7e37340&v=1.2.97&lv=1&sn=28109&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.123141.com%2F&tt=%E5%8F%B0%E5%B1%B1%E8%B0%A7%E8%B0%8E%E9%85%92%E5%BA%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1808426197&si=09589783e5fb79233732eb96b7e37340&v=1.2.97&lv=1&sn=28109&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.123141.com%2F&tt=%E5%8F%B0%E5%B1%B1%E8%B0%A7%E8%B0%8E%E9%85%92%E5%BA%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1808426197&si=09589783e5fb79233732eb96b7e37340&v=1.2.97&lv=1&sn=28109&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.123141.com%2F&tt=%E5%8F%B0%E5%B1%B1%E8%B0%A7%E8%B0%8E%E9%85%92%E5%BA%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.123141.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 27 Sep 2022 14:37:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D60051825FE9B095; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1261553772&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=28109&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.123141.com%2F&tt=%E5%8F%B0%E5%B1%B1%E8%B0%A7%E8%B0%8E%E9%85%92%E5%BA%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1261553772&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=28109&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.123141.com%2F&tt=%E5%8F%B0%E5%B1%B1%E8%B0%A7%E8%B0%8E%E9%85%92%E5%BA%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1261553772&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=28109&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.123141.com%2F&tt=%E5%8F%B0%E5%B1%B1%E8%B0%A7%E8%B0%8E%E9%85%92%E5%BA%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.123141.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 27 Sep 2022 14:37:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DC0F156A025DEF2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.mgcqnd.xyz/template/m1938pc/images/1.gif
173.231.17.185200 OK 254 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/1.gif
IP 173.231.17.185:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:17 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Thu, 27 Oct 2022 14:37:17 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/html9/ad/zxf8.js
173.231.17.185200 OK 641 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/html9/ad/zxf8.js
IP 173.231.17.185:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash b840c26fe2ad5f5fed93a1422e810847
2e682ed0739aa6258b57deeb01e3b013edc0022d
e86ced398e2f16d4e3bc271378f9abc9961bbecc17d58ad9399733a61aa3f7b6
GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:17 GMT
content-type: application/javascript
content-length: 641
last-modified: Fri, 22 Jul 2022 08:35:23 GMT
etag: "62da614b-281"
expires: Wed, 28 Sep 2022 02:37:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ce97b798f786099b2fc3de12cee4011
3e5ed9b4d465019ad24e571da007ad9bd7463eba
0d7849d836510783997d4a22f27cc5189eccbeae0f7d607a0285bf443e49fd27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D7849D836510783997D4A22F27CC5189ECCBEAE0F7D607A0285BF443E49FD27"
Last-Modified: Tue, 27 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19134
Expires: Tue, 27 Sep 2022 19:56:11 GMT
Date: Tue, 27 Sep 2022 14:37:17 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
104.110.17.24200 OK 446 kB URL HTTP/2 dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 446 kB (445879 bytes)
Hash dfbf81fb5d0c62a4890d1362f950c5d7
725b5307b3976bd29822d38f3a22d119086498da
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
GET /images/03964120009z0w8i44344.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 445879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14829392
expires: Sat, 18 Mar 2023 05:53:49 GMT
date: Tue, 27 Sep 2022 14:37:17 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/data.php
20.205.43.35200 OK 8.5 kB URL HTTP/2 mang.tiryakioyun.com/news/data.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 622af20bad2afb452daba163809b82d2
430729af0dc0b25a9de70ba17957033e8317a04b
a745ed118c50721b7a86a8c24a84ee2a5c16cbbec098d57cf87f3c9ef1e27733
GET /news/data.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Tue, 27 Sep 2022 14:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8863a5c73f303d32a8c648f705ef1e39
2de767478480cda359066d340e2781fd139f4d85
62871b9266a71cce7b9b30c2e2aed4d255cf7a371ce9fc730a05205fae6701ed
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 14:37:17 GMT
Ali-Swift-Global-Savetime: 1664289437
Via: cache12.l2de2[476,475,200-0,M], cache12.l2de2[477,0], cache5.se1[498,498,200-0,M], cache5.se1[499,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 27 Sep 2022 14:37:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916642894373981694e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Tue, 27 Sep 2022 14:18:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: c4sAAAC5QnxfvRgX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1664288280
Via: cache15.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache7.se1[0,0,200-0,H], cache8.se1[3,0]
Content-Encoding: gzip
Age: 1157
X-Cache: HIT TCP_MEM_HIT dirn:11:7404588
X-Swift-SaveTime: Tue, 27 Sep 2022 14:21:03 GMT
X-Swift-CacheTime: 86217
Timing-Allow-Origin: *
EagleId: 2ff62c9c16642894379055041e
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ecbdb0df97219bcafe7f8c15c67e6b02
992783ebcbb92aca01157a5a86a31308f0b4a2e7
22055a8b03ec298f1b6370c71171f5b13d717b6df1eb031540735fd7d0d66e4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:18 GMT
Last-Modified: Tue, 27 Sep 2022 13:42:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.234.202200 OK 902 kB URL HTTP/2 kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.234.202:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgcqnd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:17 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sun, 16 Oct 2022 11:10:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 962811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p4FAKUKbd1FhL0iRRdwSNO8VmTGuuZ5qyDAmhs4xAJJT6mRTyJJs4cepGntO15n1XBnmNE3ljIPJxdAURATp71C%2Bv9CdzkLU12zMgvhVbbXrQe2YzsqPp5Rl3xf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fafdde892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/index.php
20.205.43.35200 OK 9.2 kB URL HTTP/2 mang.tiryakioyun.com/news/index.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash be07d988919e25a97f2726ceee5cf63c
9b47540148a2c9defd9a055bdd0d10cbd3ece001
4b5b84d09edc6b0ec5bbffc6fa8ad97fad92d561fa028bba9901c45d119b94de
GET /news/index.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.123141.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Tue, 27 Sep 2022 14:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/2y3l04ep0nc16502y3l04ep0nc25175.jpg
172.64.140.29200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/2y3l04ep0nc16502y3l04ep0nc25175.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6423723cc97b1baae7d58090dbf17d7a
fc607ae6ee9999d967d98af9de3ef4757399f8e7
d47250216d19cfb0a454882cecfedeb0023bcb99e15ff8c154004e0b6ccb5d60
GET /upload/vod/2020/01-05/16/2y3l04ep0nc16502y3l04ep0nc25175.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 9885
cf-bgj: h2pri
etag: "57ad412ca5c3d51:0"
last-modified: Sun, 05 Jan 2020 08:50:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpkhHBam7AXqsZ46yDtDcSmE4HIJJ3R6VDEJkNbrEpmcVUad8m9aP9y3%2Fz8ONY%2B1iSQtIUkELyMzjh4KqrixEJHNMKF%2BpWKc2isRqhrO5jYg%2B%2BvJ8NzmeLWLaWr3vg%2BQfAMs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb42e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/am53vizpfsj1650am53vizpfsj26177.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/am53vizpfsj1650am53vizpfsj26177.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f1db5dad4a551ef3e6a766becd798035
64ea5610d6237e93009b0cb216232cf448c87844
59d9694011a7d1b3924eb913d326bc5883c6c49e1ea99f5f50fb9905767af535
GET /upload/vod/2020/01-05/16/am53vizpfsj1650am53vizpfsj26177.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 10826
cf-bgj: h2pri
etag: "3c43f92ca5c3d51:0"
last-modified: Sun, 05 Jan 2020 08:50:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oLnGVV5ZuIxHt9RCugVcQaYkkHXCc4ycGJy2V1un0IlRg0vJhiV9erCjCA9FV7OUYRD5UFVFFvM88ex7QIcJt5TFrvLC6GnnP5lxE1PLES3gW8BOlDHxM4ytklTQJL5aIN0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb43e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ecbdb0df97219bcafe7f8c15c67e6b02
992783ebcbb92aca01157a5a86a31308f0b4a2e7
22055a8b03ec298f1b6370c71171f5b13d717b6df1eb031540735fd7d0d66e4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:18 GMT
Last-Modified: Tue, 27 Sep 2022 13:42:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2020/01-05/16/krswguzpdhu1650krswguzpdhu28179.jpg
172.64.140.29200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/krswguzpdhu1650krswguzpdhu28179.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 047e02b89bc1802cf7104105c14fd2da
1b56fceb7eb99ae8fdbe49b9a6e222748a69f3c0
98d7a91dd2a3b0c3fb0741f2996144836dd1ff5fbac797efa13fa1900ad9e58b
GET /upload/vod/2020/01-05/16/krswguzpdhu1650krswguzpdhu28179.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8580
cf-bgj: h2pri
etag: "540b82da5c3d51:0"
last-modified: Sun, 05 Jan 2020 08:50:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRYJ50zK8LkjZ7dvEsRB32f9zL6xnDFvcYTpfrYdSBRCAxOE3BKunWtLOu8%2FYn1Y2cnVLKBC1OIFk6bgpp7zoNBgXgcjfOhxKbFfjRAvqgsTKlN9xTQfhtqWwXi6JQE2pThE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb45e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/js/jquery.config.js
173.231.17.185200 OK 2.1 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.17.185:0
Hash b612f91f6240ede4f730fed8290273c1
af8b8eafff93ff7553fb88e175a0b5dc6b15bf16
9f15f699a3d1d435d68b6bd8f5b7ffdb72606017944d007b4fef6635208091cc
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:17 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Wed, 28 Sep 2022 02:37:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/s1r3wtrl2ep1758s1r3wtrl2ep132103.jpg
172.64.140.29200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/s1r3wtrl2ep1758s1r3wtrl2ep132103.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7e13687ff572ce40a57a7c4ae7223a14
89279cdb130bbc944a467db8bcb265be25a835d3
69d32ac9c70d5c2f2ca3e8d1b3e3124ae1d8f36ab4912f675478a5ceddf1a27e
GET /upload/vod/2022/09-27/17/s1r3wtrl2ep1758s1r3wtrl2ep132103.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8629
cf-bgj: h2pri
etag: "4f3e2ba857d2d81:0"
last-modified: Tue, 27 Sep 2022 09:58:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ji7vwcsgikq6zoasRIe38XkjR2tMO98lrz87Tvb1stRflQ7p1taZkoZ3jMpNN%2FRhQQIEOklscCFW5ILtdpp%2FAr4TsLhq%2BYQxka%2F8o3%2BmfkEwoWWMgZqY07KGmvZNENaSNje1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb48e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/r0x1czwbt1w1650r0x1czwbt1w18169.jpg
172.64.140.29200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/r0x1czwbt1w1650r0x1czwbt1w18169.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8692569b11390c2cf475ab357e9ea5b6
a0d9d11136b61786f60e1efb8a4893e22e6ce67f
229999cee12aa7fc50527b97ef73fb1f04cac1ed41c6d5ec756c1ad040f8c5d2
GET /upload/vod/2020/01-05/16/r0x1czwbt1w1650r0x1czwbt1w18169.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8941
cf-bgj: h2pri
etag: "3db93828a5c3d51:0"
last-modified: Sun, 05 Jan 2020 08:50:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhBvvSwULXxGfdpA0rTOYF00tutF1IDbb6Mj2kyUP0u3ulXc5zizCDBeqErdJ%2BloR5O7fXTYaRNusOF%2Boa0tZOvoyeqA%2BOwv%2FBpzMs1qzdmeSEgH62fL0kRs%2F0EP8Un6%2B94l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb3ee630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ecbdb0df97219bcafe7f8c15c67e6b02
992783ebcbb92aca01157a5a86a31308f0b4a2e7
22055a8b03ec298f1b6370c71171f5b13d717b6df1eb031540735fd7d0d66e4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3094
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:18 GMT
Last-Modified: Tue, 27 Sep 2022 13:45:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2022/09-27/17/zkmgqo25zl11757zkmgqo25zl1462057.jpg
172.64.140.29200 OK 7.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/zkmgqo25zl11757zkmgqo25zl1462057.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5e9093898e926895f27836d8e86e9b9f
d108e663b88a733ddfb3ac708b89f0d7dc5243f7
9ad7d1f7c62b7a07f7183f14b00455827e5df8d829cef873029a7feedbba36c0
GET /upload/vod/2022/09-27/17/zkmgqo25zl11757zkmgqo25zl1462057.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 7768
cf-bgj: h2pri
etag: "55542d9857d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 129
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72%2BKE%2Bp582L4l3uYfGYSAjtHWJDHk0Lk8j1InVBzvtRXcTiMdy3F9XiTiMMoS9CVCQ59GN2628SmysZ3GxA1KotDtaHzhiPKAl%2FskkpOinq1M88ttzSm%2Bu%2BwwY49NBJaEg1M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb3de630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/r3vefwai3gv1758r3vefwai3gv142105.jpg
172.64.140.29200 OK 9.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/r3vefwai3gv1758r3vefwai3gv142105.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 08432687810e180d12efc16d373b8b18
87d8f268e88ef4d9bb5695a847151edfac0dde7f
7a68609ba22f1536e6c653bb9a696b7bd87e81ff7c5c9e8a1ea9ccd1a9b86868
GET /upload/vod/2022/09-27/17/r3vefwai3gv1758r3vefwai3gv142105.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 9809
cf-bgj: h2pri
etag: "945faea857d2d81:0"
last-modified: Tue, 27 Sep 2022 09:58:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWDxnasN7Iz7IKR682ZPi0U5d%2BiaIAlIn3%2FlAj%2Fa2PTrRXFhZFjLRg8%2Bkm7oM1uYVFlaDS0wBYAPIKai2tr0bhMo9OYN5KRfKmB6GMsTWYUNH2wYLwehcjVRBkO%2FlhebnIkk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbdb4be630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/v3i0oucnqa11758v3i0oucnqa1142107.jpg
172.64.140.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/v3i0oucnqa11758v3i0oucnqa1142107.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash d3119edd9fa9e9169e1b2688e80a8cb6
f5acf498c563de545b4a1c1eee1b58124e875e10
30023a7f247157c70db98906fad723f04c4910a3993b94eb118289cf0e2688e2
GET /upload/vod/2022/09-27/17/v3i0oucnqa11758v3i0oucnqa1142107.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8836
cf-bgj: h2pri
etag: "a2a938a957d2d81:0"
last-modified: Tue, 27 Sep 2022 09:58:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhuH8Gd9UaRoEMb8%2FYXgIKt1C%2B%2BQdxK4PLzN25epNTS6psv8LIsnY1Pz7i09U3%2BkXXkBsQrH13XivU9Sa7v6qv2jV5Ui8RAncczH7rY2wTz9E2IwuitPj3%2BuBMpOspxcv6ki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb5de630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/w3t2vuml3cd1758w3t2vuml3cd152109.jpg
172.64.140.29200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/w3t2vuml3cd1758w3t2vuml3cd152109.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 2abd860737caa1d7c45012f059d83301
d3f20feb6a4402bb27712c17ce2b8d28ad9d55c5
8dfdc7b7e157793c4778820ffec8d4cba9d921c32d785cd96ea52e228a56887c
GET /upload/vod/2022/09-27/17/w3t2vuml3cd1758w3t2vuml3cd152109.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8637
cf-bgj: h2pri
etag: "1c2ebea957d2d81:0"
last-modified: Tue, 27 Sep 2022 09:58:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al6jq9c56SyKgq8f3MfLgVQVmW4jF0XkybsicRDdSW0KwbA4O3vVcnpDU4CrLZnPU%2FGEv1AjW9%2FJAXdKVf0tH6aAT815XFE%2Bf%2FV9WoKKvwdXoeOalUsUZy0zbrB7MW%2FJDzl%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb5fe630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/kaizjvq1z4r1758kaizjvq1z4r162111.jpg
172.64.140.29200 OK 5.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/kaizjvq1z4r1758kaizjvq1z4r162111.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash a048b068eecc7e976168ff66987acd57
05d04f16defc07388f2bbba481b5cd611c6ec97f
bfe7066ce47e46451194b0122e104f42620f1dfb523e5f519c0f36d9de25b582
GET /upload/vod/2022/09-27/17/kaizjvq1z4r1758kaizjvq1z4r162111.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 4995
cf-bgj: h2pri
etag: "24b243aa57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:58:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVg2gopnpXIFu%2FqXvuwxgTz5qNSKqh8tD%2BpRwm2GCj9wzP8QghHhQarOG%2BLdkRUcTRxCkAdjTa%2BMHag2h%2BZXN%2BI0qi7aQdmBDElLGondzgmIgSlCV93hh90kBEpCtX96QoQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb61e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/ctcrglplbjq1758ctcrglplbjq172113.jpg
172.64.140.29200 OK 6.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/ctcrglplbjq1758ctcrglplbjq172113.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c056ae370110173ab15f59151d82a900
d2b0b407be37fcc56db72451eef269e63c5916a6
d8755223a5140f21ae16e0ccdc3a8e909d4ce472be57e2f9c99886797e2091e2
GET /upload/vod/2022/09-27/17/ctcrglplbjq1758ctcrglplbjq172113.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 6396
cf-bgj: h2pri
etag: "bb99cbaa57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:58:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcvnX%2BujkUYotcse02gPeQZu6or0KMaIHvn2QUbQeQv9%2BRZPhugFfpHfHhIzjXoUGejAetzSP1Xb%2Bqm6EokOeRLEXcsudM570%2Bczisyg1wbZ8JbrwalN%2BR4QfGU7jkQqab%2Fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb63e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg
172.64.140.29200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 73a0a214ec3b4df5e434f78c0aa56261
e89c4665dab49613fda2290b61a27b81146f2adb
9bfe184966ddc75ba01de4d40d07fdc92e1f1ff6221a67d4193c1b1b6b273342
GET /upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8858
cf-bgj: h2pri
etag: "2e9a907a57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1NmE6GdCo%2BrUgLEbD%2F0fWK3iIhAJKl6%2FTYt9VB2TBOsNh9QGcpWzgCohhipeoUKeYx1FDdpG%2FUVaQNN6ztDGx6a9p2XoJX75vZMAeGOfOjLtprNFdsMZzf9OKlICEEMKRNP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb68e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg
172.64.140.29200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f4bab094ccb57f383d6851a27ceab44a
01d5919434ae4e454e9aa5ce18d37f78c6dbbc2b
2ca9b7b6c8ffc502d9444ec6bf1afa1b577953a20966a7233a01c573b9658cb2
GET /upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 6892
cf-bgj: h2pri
etag: "af451d7b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ny61nGpQ7XKR4CRAQBNhODMti4xQeqXm0ck7PZ1JVHgKnfFqCtPO1cnIFe920cnsrbqSStsHRQE4n7JDjMq9739OpuPl4Aa52pLsafHjC2IITzO5ZaiLwk2NBpzSkwwhxzc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb69e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/ka14vbykt0i1757ka14vbykt0i002017.jpg
172.64.140.29200 OK 7.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/ka14vbykt0i1757ka14vbykt0i002017.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2d273d2bf550f509bb6f7330e99e8805
7f416fb01791af6bb83647c5831997639c06ec3b
dd8d35f8982f021faa982befe6eb008c3f9c30345c9cfe18557fcf890c289693
GET /upload/vod/2022/09-27/17/ka14vbykt0i1757ka14vbykt0i002017.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 7162
cf-bgj: h2pri
etag: "8dade97c57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAnQRY%2BKweTXV%2B1m5bADdT9ydhe6qqaUAbifdsbYYorI73Q%2F4aGUv46RmwlDxU0LEPqzSfXvMbvp77YtAcDE95TJwP3NYNVhMssnwHEy6AfDAC05zWnsR0KFSfLrjU1UsVIX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc1b91e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 6a22b26a26543607faea37d417c19777
232455618f2486f1af0f41dee59adb8cc309d63b
86b49d779d7939c3c77b4182653628e6cf15a3c1583ef831863cfb23202e8782
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Oct 2022 13:11:14 GMT
ETag: "232455618f2486f1af0f41dee59adb8cc309d63b"
Last-Modified: Tue, 27 Sep 2022 13:11:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 692
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7514f9fc4b83b500-OSL
fmlb.netlbtu.com/upload/vod/2022/09-27/17/llsd5iis0em1757llsd5iis0em012019.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/llsd5iis0em1757llsd5iis0em012019.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7e0eff8a9e6c57afddf5cf30528e9e4a
e18d4fa87f65f687f2b7e8e9ad255780a7038af4
c10929ed59e8b47e83c2bd35e4c96fb339084344cdc6f1f2c1bfce5491003c0f
GET /upload/vod/2022/09-27/17/llsd5iis0em1757llsd5iis0em012019.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 10259
cf-bgj: h2pri
etag: "a629747d57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM92qu%2BbhiMQ4rG0Nd3OhVEyxCX7LA1EaX6bIZT2CeZx0bISqUDlP0eJua4HtP7azkwuVllJ3Doc1%2FkfbfQ3v2JDd6rWKnMGG834zHE6nI5aTnuqGITCyFf4G5V%2BnRd8CqzO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2b97e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ecbdb0df97219bcafe7f8c15c67e6b02
992783ebcbb92aca01157a5a86a31308f0b4a2e7
22055a8b03ec298f1b6370c71171f5b13d717b6df1eb031540735fd7d0d66e4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:18 GMT
Last-Modified: Tue, 27 Sep 2022 13:42:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2020/08-04/00/pkujrq1ffog0003pkujrq1ffog042239.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/pkujrq1ffog0003pkujrq1ffog042239.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5d72a4d0b77fa063d11a954c706d9796
af7156d075984173014ff8a178e25f7b42b0b853
d8ab8353602ee16db16aa7d3886377e4ef7549df287a853bdc86796028b96adf
GET /upload/vod/2020/08-04/00/pkujrq1ffog0003pkujrq1ffog042239.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 10531
cf-bgj: h2pri
etag: "87f5df91af69d61:0"
last-modified: Mon, 03 Aug 2020 16:03:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHI8VGvzOMS1%2FKUjdAeTCJAa0IRtXGoKXgg%2FvGlYDv4ajKBSO6MYQDJfl9ul5RU2hvT8fd23kL5SPgDotqbu9AW2CifvvRyBWWjHoxLvdk5Hr8fAwWWFujPQqaBHR8653DMv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2ba4e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/j3bydbx4r1r0003j3bydbx4r1r092275.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/j3bydbx4r1r0003j3bydbx4r1r092275.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b13156fb11b0e3e66fafc5fd27fb5951
8eaa37faabaa4e25037088e1131be263601d7803
528841b93d58635480d288a1a2878b82c5148275b172dadd8f86fa6a2f205c42
GET /upload/vod/2020/08-04/00/j3bydbx4r1r0003j3bydbx4r1r092275.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 12344
cf-bgj: h2pri
etag: "57745995af69d61:0"
last-modified: Mon, 03 Aug 2020 16:03:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhDdKse3Au5aruOBw3bpF0ypfp6sA2LAN9VEYP4Mt66LnJpBnGIBa3%2BWAEVXasufkeSMQyXVcU7Ud7N%2B3JL8YYdypwcsrrL1pWgswbfO2TX2TloW1hxYs1Rrc4w70S5b0sXf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2baae630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/gfn3upqg5kx0003gfn3upqg5kx092269.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/gfn3upqg5kx0003gfn3upqg5kx092269.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 785c27764afc97e11fe4f58ef24d029a
5fbc7ce7bc4a1e0cf8f8c83f041184474d82379e
b5f5236021fe51aa239ff11d956c2c78150d28165e280d43e9c37a862a0aaef7
GET /upload/vod/2020/08-04/00/gfn3upqg5kx0003gfn3upqg5kx092269.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 12089
cf-bgj: h2pri
etag: "d82bcf94af69d61:0"
last-modified: Mon, 03 Aug 2020 16:03:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AbbYjoCEKbfIATbt5Exrmjr9DaiGkzmhamhKD34HXhtM8ZmD%2F6YIVHfyM%2Fwwc6LhgvYAo0kKD1hBJrFgjCqfVSAOGr6IyXADusEtvUPnUyhY0MRHXKXqBJB4cC0HpsPOtOX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2ba8e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/3xoxqwipvnu17573xoxqwipvnu242023.jpg
172.64.140.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/3xoxqwipvnu17573xoxqwipvnu242023.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 578965ae5a48d304cc59eb5ee7d59d8a
eca74e06d97e3eabcf5ec629d28b24aea5d7a450
6b04427cbe4bdefd34955694afdf2b266156d56cbe06574729a02e83edb1d46c
GET /upload/vod/2022/09-27/17/3xoxqwipvnu17573xoxqwipvnu242023.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 9271
cf-bgj: h2pri
etag: "d6f0f8b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 13
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEWP28jLHneirVpcai0Ds7HnQ%2B8Ihfn%2BHUW9oMGamIaQBn7elhSNWXY2O3MtbPiZVo7wzc%2FiMxrbSN7NpUjoac8epg1perhYkd9NNYExnA15WhndMci0nVDTyBWOPYaVn5kp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2bb0e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/hzssucu23f21756hzssucu23f2582013.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/hzssucu23f21756hzssucu23f2582013.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b097b03221c466d38123bb39d20ea3cb
fb5d86fd8d42984ea4f75f997189b987461ff4d8
dfc2c59f118d8d5ab0aa517d7fe93d8429a5c6a335899046753c46a79e4db637
GET /upload/vod/2022/09-27/17/hzssucu23f21756hzssucu23f2582013.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 10120
cf-bgj: h2pri
etag: "68caa27b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBEpG4qmdPaKO%2Bi1%2F1c2s%2FLzLenKJvJwTEs4wNl3XQ8lMBBbQ14k7U4ACAc9%2BFO5f5cJlA6SIZ9qArGNwD5cT2sgCutdnqCY40Qb7R9G9DcB8R%2FmkOrda3SwZGGCAl5lghPU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc1b8ce630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/mdz21dzereh0003mdz21dzereh082263.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/mdz21dzereh0003mdz21dzereh082263.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c0d7665fb4786e9a76e94f07c1572dd4
9783d9cac483291678a8c57a25b41c33dd18f1f2
70a8a26a97cecda5f911e6d8c2e9187de0ea675dcd31648e05c1f3c69a1ceb9e
GET /upload/vod/2020/08-04/00/mdz21dzereh0003mdz21dzereh082263.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 11323
cf-bgj: h2pri
etag: "6bbb3d94af69d61:0"
last-modified: Mon, 03 Aug 2020 16:03:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Fui%2BxMDoo20lqE60d8eV9buXTlouIKbuCceRKnN3Up4J%2BxIsDeW%2FKgtqM795d4f4tLe6NeOvRb2VSj%2Fh%2Funpmshs498sYJzmAdaMz2W9Xz6cvBILIeNekuOBuXT7%2BJ9CLY0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2ba7e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/xrdvvbw5jws1650xrdvvbw5jws20171.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/xrdvvbw5jws1650xrdvvbw5jws20171.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4ab2c83a3662a5225eef55d6c87f711a
8311a4de850d9440a4bb0ee01bd2e09b5fbd8fe1
005cbaa747d4ce6350a925d677554d70785464d1c8051c0b01aa68dcbbe2dad6
GET /upload/vod/2020/01-05/16/xrdvvbw5jws1650xrdvvbw5jws20171.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 10741
cf-bgj: h2pri
etag: "e79bfe28a5c3d51:0"
last-modified: Sun, 05 Jan 2020 08:50:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcwZ4l%2F9gNLWr%2B7lpfsRkhhQzny%2FZN5ggTbSd6vxJQoMncwIfI5SKqpMjdf6o5CLpK5eRv%2B2YTokZtJLl%2FYn4ITuUWFlTjkmRoGNQR4fyH2%2F4K4aF4jcKT7WKrpBTtZiTqn%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc3bb8e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/33wdgav2eit175633wdgav2eit592015.jpg
172.64.140.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/33wdgav2eit175633wdgav2eit592015.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 36afe8412e9f8dc6635300f304c3b364
000b9d6cca67fac5fa5c89bb552006bbc6681a93
2f1ab21baf4187c8912899052afd668faed7e0f0a2a88e085bc3102335976942
GET /upload/vod/2022/09-27/17/33wdgav2eit175633wdgav2eit592015.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 9284
cf-bgj: h2pri
etag: "9926407c57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ypJ0CFPlTPa5NvPIT5EekxXSm8M7U4a84ENoJED32m1srDv0nOqjOhXDlzX%2Fzp3LkCsot0KtJZWOQAB8sHq7VSDDoOJyU44vd%2FZvNLcgZU0KYCbQRbMoKG9dXVbfxDBJfcB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc1b90e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/2xstx3eu3cw00032xstx3eu3cw102283.jpg
172.64.140.29200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/2xstx3eu3cw00032xstx3eu3cw102283.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5dd9f59250f0dcdae03910d4c0d10c98
220b5e892fcdf32a075171fa0f71e6e5e3cdbb4b
b887c174062752571d32e0386df0c78c4ec760ed1b20ffecd8410a61aac791e6
GET /upload/vod/2020/08-04/00/2xstx3eu3cw00032xstx3eu3cw102283.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8897
cf-bgj: h2pri
etag: "5978f495af69d61:0"
last-modified: Mon, 03 Aug 2020 16:03:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHx0Q5CChxmv1hywes6iscq8F09H33AwyHWJaKG2E%2FlxByOAHAj3a65eXijFXayl0e8OECQlgGoHANlH7US8xkPVMJSJPWNfxK5c5ucayJkxl59h%2FytR8MVfjx8cyvmSR6%2BV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2babe630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/z5w1q1e5taj0003z5w1q1e5taj112289.jpg
172.64.140.29200 OK 9.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/z5w1q1e5taj0003z5w1q1e5taj112289.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f1d9141c0fda9109d0e3db88bfe684d5
575ad2654c8475fbff09aeef6590da6dd7c09ea7
1509cb1d485fc4a69c854d5fd4428a165db5d77cd941e65858533db76efe9ca8
GET /upload/vod/2020/08-04/00/z5w1q1e5taj0003z5w1q1e5taj112289.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 9758
cf-bgj: h2pri
etag: "4e78596af69d61:0"
last-modified: Mon, 03 Aug 2020 16:03:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpsbt6oAnTnacvGugJdyB2ZFcjnlTTZgQLWSeVFp%2BQyc5wUKH7tNPNxh58o0IgcBgfe%2BILZXLOmNDWo%2FkSpxnPyqxUwbpMXLDj2y3raF%2F9BFnhoQiYO2t3iUDrYHOCnlKro1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc2baee630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ecbdb0df97219bcafe7f8c15c67e6b02
992783ebcbb92aca01157a5a86a31308f0b4a2e7
22055a8b03ec298f1b6370c71171f5b13d717b6df1eb031540735fd7d0d66e4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:18 GMT
Last-Modified: Tue, 27 Sep 2022 13:42:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
www.mgcqnd.xyz/template/m1938pc/images/video-mask.png
173.231.17.185200 OK 107 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/video-mask.png
IP 173.231.17.185:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Thu, 27 Oct 2022 14:37:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/images/video-play.png
173.231.17.185200 OK 1.6 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/video-play.png
IP 173.231.17.185:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Thu, 27 Oct 2022 14:37:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6ed85f500cdafbcae4cf8a43b7e4650f
23c5c1e3b6dabb2ee43ed61d09f4b51488f0f129
476f2cb7430ba35d5732cccc8f8f7c06d20eef8c6cc9749105ce6acd0d1ba18a
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 14:37:18 GMT
Ali-Swift-Global-Savetime: 1664289438
Via: cache10.l2de2[7,7,200-0,M], cache10.l2de2[8,0], cache5.se1[29,28,200-0,M], cache5.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 27 Sep 2022 14:37:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916642894381142357e
fmlb.netlbtu.com/upload/vod/2022/09-27/17/hnh2vcc4str1757hnh2vcc4str232021.jpg
172.64.140.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/hnh2vcc4str1757hnh2vcc4str232021.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b01e47660b37b4d8345f46152dfe13f0
6065d8e48a7647ff5289cdddb1f4d5785fce7b9a
679645af6293aef13604586bf14f1ec853cab2e40ce2fd572d37d7fc5fe1edd9
GET /upload/vod/2022/09-27/17/hnh2vcc4str1757hnh2vcc4str232021.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8536
cf-bgj: h2pri
etag: "71a7858a57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 13
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk7obmmEJuNfMaAgyPoU4xT5aJOye5OQNjqfGN8sBW1sW6%2BYbaguIGC%2F%2BRHrOjTBs%2Feh6kBoL%2B%2BQJikQ8LnjZARzN8O5EANAlwbTl5A1Pm7giUXHDaA%2FWwfzxB3QbarbbmJM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc8c49e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/vz33bnlzcap1757vz33bnlzcap492065.jpg
172.64.140.29200 OK 8.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/vz33bnlzcap1757vz33bnlzcap492065.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash f0b7391a63c8ece12958d1bd6109e043
02469ff6cd6e476d19cf88307da94600e0cd61b9
8885c070f26c9b7bfa67ea5beaf8553b9511bbeb8e20d648dfd762bb50aaa681
GET /upload/vod/2022/09-27/17/vz33bnlzcap1757vz33bnlzcap492065.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8266
cf-bgj: h2pri
etag: "1397439a57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:49 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PidcO4niPRJZG8KsEsftmscvIFZIUFDBXrqFi9K9wPB6MazzQFM2l2M%2FEOXRgTC4A5Bw8Ki1kg96R1wLFZec4Ox7%2FoXgrBe2pxMj8nhwihqOlZPuYKqF2QfeEYSVmXoSiIGS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb66e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0xmAGT9KS9C
163.171.140.79200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 63330a9e_PShlamstdAMS1se91_37548-1842
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2022927Tue%20Sep%2027%202022%2014:37:15%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.185200 OK 3.2 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2022927Tue%20Sep%2027%202022%2014:37:15%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.185:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 1a066fd84d0ede5d50bfe2658b8e8c17
738679429373f675b6f1d7ef8423badfbf1cd96e
e0eb1dc21ee88b243e86a975c4544cdfe5fa0627037e77ec29bde53847c0ab12
GET /template/m1938pc/html9/advertised/advertised.json?refresh=2022927Tue%20Sep%2027%202022%2014:37:15%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: application/json
content-length: 3215
last-modified: Sat, 24 Sep 2022 09:04:36 GMT
etag: "632ec824-c8f"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1d925d02c7d92489c3dde73c3d15bc0e
afb6c2b2381197cc236485b1a42ddee3d8190459
356e4ac834f67cde74a73cfff0bf5478ee037bf65bbe2ec46cacf9105885acd2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:55:49 GMT
Expires: Sun, 02 Oct 2022 03:55:48 GMT
Etag: "afb6c2b2381197cc236485b1a42ddee3d8190459"
Cache-Control: max-age=392909,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7514f9fc99f8b4e8-OSL
fmlb.netlbtu.com/upload/vod/2022/09-27/17/fvtbmh5h1mz1757fvtbmh5h1mz492063.jpg
172.64.140.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/fvtbmh5h1mz1757fvtbmh5h1mz492063.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3efca6fbefc93bfb6d9a60466727eda2
2ebab76c6b80e106df0b3280e989ab6fc27b490e
27faf58eeb3c6749d90bf7ff342559ef2decb861e23b06d117895a4f069b1042
GET /upload/vod/2022/09-27/17/fvtbmh5h1mz1757fvtbmh5h1mz492063.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 7337
cf-bgj: h2pri
etag: "a4d7c29957d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:49 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3n0wEL2DVnefsGil9cLUeD13Nhbi8Tz7Ee%2FWnabrKTjv5gVbUo4Je7veqJ83BQKbBmB3SMJ%2Fr5n0f3rBYaEyz%2BHkOMjnVAQfenAQC9MMry5Kbznm5vRv9TMZOVrHOn4UuWAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb64e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/ywgytjbiuxt1757ywgytjbiuxt502067.jpg
172.64.140.29200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/ywgytjbiuxt1757ywgytjbiuxt502067.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9db1d5c90c870b11f061c7afaff084b4
6c4b6cada6e466ae6341da7808475155e926bece
94be71041908a8e24d44d7cefa79b22fe6cb1bded0a83abf39a3b97a670d602b
GET /upload/vod/2022/09-27/17/ywgytjbiuxt1757ywgytjbiuxt502067.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 8656
cf-bgj: h2pri
etag: "d27ecb9a57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:50 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlB040JdoFEglOHHKRA4Wi686VEmX%2F3kbWc0CaTW7zRaInmoTXIm3vTJt6s8giT5zCtbadc2jBHKiR13l8w3DHzCsqJS7Rq9boKLUoFWRhdCkKVMrUWSHcDYV4v58hx1qDaM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fbfb67e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e8efdaac31c72c6e981578600b8b4d5
c8a64b17f8d57ead1ba23b551a4c0de0f1621fbc
c3e2cc3800f08bc4c33c08b35e243f2558dbbc493c6f1bb16551b8a82f686bee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3E2CC3800F08BC4C33C08B35E243F2558DBBC493C6F1BB16551B8A82F686BEE"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20116
Expires: Tue, 27 Sep 2022 20:12:34 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e8efdaac31c72c6e981578600b8b4d5
c8a64b17f8d57ead1ba23b551a4c0de0f1621fbc
c3e2cc3800f08bc4c33c08b35e243f2558dbbc493c6f1bb16551b8a82f686bee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3E2CC3800F08BC4C33C08B35E243F2558DBBC493C6F1BB16551B8A82F686BEE"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19555
Expires: Tue, 27 Sep 2022 20:03:13 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be2f55c9c6085c28b56bfb7c5da1638b
409366bc251936b9caf69870d36069f6c2383532
2f54b82a1063a5b16cc3344b607b6fd9df504b29a0d9fd0110d540afe725a1ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F54B82A1063A5B16CC3344B607B6FD9DF504B29A0D9FD0110D540AFE725A1EF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 20:37:18 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-27/17/s5fnc4tjycs1757s5fnc4tjycs482061.jpg
172.64.140.29200 OK 9.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/s5fnc4tjycs1757s5fnc4tjycs482061.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 47bb212552801a1966a6b4584ed722a3
c6767cd4cca302f183fea1d67f285f5cdce83b27
bc94b6d1c170eaff78a0edbc88436bef665f8fb16989b33b9541a5e6f1e9fa55
GET /upload/vod/2022/09-27/17/s5fnc4tjycs1757s5fnc4tjycs482061.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 9613
cf-bgj: h2pri
etag: "8f963f9957d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:48 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9dRN%2Fe46wU0htGZwW%2FAH6i3C06b%2B73gFg43CfGIaHS3e4gIt9Rgz9SObsUVahRkFu%2FC02YzYUaEfFBtuUiUVsIfQ3l%2BJ7WsBQtnygdo9m%2FRA2K851q6a%2FvjoF6lGhkQMTyG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc5bf6e630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/twkvpg4ebv31757twkvpg4ebv3472059.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/twkvpg4ebv31757twkvpg4ebv3472059.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 843e434857cb1e9f16e2055965333523
5b7f8028a4a50c686120923c779b3b91e60f4f7a
c1ec0b1633800aadd57b690a1ffb8d6fadd597bfd7c5744eefd79823e2a6e05e
GET /upload/vod/2022/09-27/17/twkvpg4ebv31757twkvpg4ebv3472059.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/jpeg
content-length: 10463
cf-bgj: h2pri
etag: "f33ab59857d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6y87D9i%2FmGSvKJ9biPamXhrmuUBTNXF8FDYiQWVexif3chkBs0A7PpKYsuEjQi4aeiUHlGx7GXEt0hyti6x28%2FzSiNtOf5vPMFKH4Lt%2F%2B0ltzrDjvkqxnK3UjuwFQ4JSML6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514f9fc5bfbe630-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3db9be4573b4027c1190d1c79bf63f7d
1f3adc0d7005fd9a50531d3455934ccb50fcb797
72e6a46564f2e1568a844ee557e0566ab3f1fddfda056ddaa149ebd97688198e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Oct 2022 13:51:40 GMT
ETag: "1f3adc0d7005fd9a50531d3455934ccb50fcb797"
Last-Modified: Tue, 27 Sep 2022 13:51:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 620
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7514f9feaecdb500-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f7485aefacdaaef38be85a83de000bd3
3d90e1ef3f075eeb993521883001850a7c78f8d1
4eaeb8e8604635de481f7e8afe8277987d0fbb8be8f3fa35f4c1ba0c9adf01ca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 15:00:13 GMT
Expires: Sun, 02 Oct 2022 15:00:12 GMT
Etag: "3d90e1ef3f075eeb993521883001850a7c78f8d1"
Cache-Control: max-age=432773,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7514f9fd7c3f0b61-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13dfe9117da723a3ddefd9cc4f668d19
6002e609dcc27865d872d8e8039b50a60044ab01
f24f707ee97c929e318aab16ea25c56c1fd60c58a858b40c270c43ea2f5cd2a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F24F707EE97C929E318AAB16EA25C56C1FD60C58A858B40C270C43EA2F5CD2A8"
Last-Modified: Sun, 25 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7308
Expires: Tue, 27 Sep 2022 16:39:06 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 637318cdb6e0380ddd2c7ac649aaa9c2
649ec02ce71c72bbbddd4137eec8b40bfc726a5e
2e7c193445f06dd70d179d47b4a8e367d878616218bf6b263479425c7fe584a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E7C193445F06DD70D179D47B4A8E367D878616218BF6B263479425C7FE584A7"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Tue, 27 Sep 2022 16:02:10 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7f7e38e34dce6b061d880bbf0873f30
4806d0ef8199c3238ab2e25c4e5bb9796ec804f4
026b24acab3370950a102db4dae708d1ec0a8fd899e5ceb8aa7588ef0603f60c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "026B24ACAB3370950A102DB4DAE708D1EC0A8FD899E5CEB8AA7588EF0603F60C"
Last-Modified: Mon, 26 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7369
Expires: Tue, 27 Sep 2022 16:40:07 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
www.mgcqnd.xyz/template/m1938pc/css/zui.css
173.231.17.185200 OK 31 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/css/zui.css
IP 173.231.17.185:0
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9db711841a7a574c99531bd0b9336f82
73be4cffa06da80a44c1f7e5a3825c70e5363f93
f31f3feec0398557cce727fd816ebb8e87df6ee0366a294c553f7ed06b97910a
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:17 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Wed, 28 Sep 2022 02:37:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash b642a199a2e525e12c34cd6f2b50b8e2
90db5faf87c5e197c46229e101434da338766a85
9fdca52b4a4c56e052ed40e33419e4d2104952620f2d78e89b8df9c716eea03f
GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Tue, 27 Sep 2022 14:37:18 GMT
Etag: 03900f9e203581c1f0c9b53786c16eda
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3D55C92343568861; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.mgcqnd.xyz/template/m1938pc/css/ate.css
173.231.17.185200 OK 17 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/css/ate.css
IP 173.231.17.185:0
File type ASCII text, with CRLF line terminators
Hash b298913be3335760bfaef4485234b12e
fc52cb32b8a6f6545e6d0470651e284a91c0268b
292df67ecb96878da593c95cc96f8418c70008d6a30abe31553698e39ffd7e03
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:17 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Wed, 28 Sep 2022 02:37:17 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7b58d708b2bffa505b78f6f9d1cdd89
5fa79b283369f7d6f8d15d8e3e07e7d1a23a45bc
d1c482d190ab282a3d6dcfa4d18b849d8c87d9efcd70f33164f30f26d46b26b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1C482D190AB282A3D6DCFA4D18B849D8C87D9EFCD70F33164F30F26D46B26B4"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18723
Expires: Tue, 27 Sep 2022 19:49:21 GMT
Date: Tue, 27 Sep 2022 14:37:18 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 358b40e1dfdb7c077f31c1b3b1d355d8
b93b9a11847085b448443c621025aca14bbf10f7
5dcbf8dc1d64af0ad31dba1f1d4c721a6622259b134560edd78a4ed14e028199
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:19 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 09:58:03 GMT
Expires: Mon, 03 Oct 2022 09:58:02 GMT
Etag: "b93b9a11847085b448443c621025aca14bbf10f7"
Cache-Control: max-age=501042,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7514fa016b470b45-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=315755081&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=315755081&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=315755081&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 27 Sep 2022 14:37:18 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C4F84F4654CDA8AF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
uu99k.com/image/1-640X200.gif
23.224.145.199200 OK 118 kB URL HTTP/2 uu99k.com/image/1-640X200.gif
IP 23.224.145.199:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117717 bytes)
Hash 90a809e02687e4f28872e33f66cd33b1
e878a5b152fd19e45108395805b9f3176b5fbfd1
3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
GET /image/1-640X200.gif HTTP/1.1
Host: uu99k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Thu, 27 Oct 2022 06:59:24 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:39:50 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Thu, 27 Oct 2022 14:39:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
vesdsp.com/73baa2446a9d453aa94fdaf9e9494fc2.gif
45.61.212.134200 OK 445 kB URL HTTP/2 vesdsp.com/73baa2446a9d453aa94fdaf9e9494fc2.gif
IP 45.61.212.134:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /73baa2446a9d453aa94fdaf9e9494fc2.gif HTTP/1.1
Host: vesdsp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63188936-6cad4"
server: nginx
date: Sat, 17 Sep 2022 11:41:22 GMT
content-type: image/gif
last-modified: Wed, 07 Sep 2022 12:06:14 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-04
content-length: 445140
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=204743771&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=204743771&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=204743771&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 27 Sep 2022 14:37:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6D4F5F2E8E7745CA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
s1.xptou.com/2022/09/12/631ecde9582f0.gif
23.224.179.149200 OK 246 kB URL HTTP/2 s1.xptou.com/2022/09/12/631ecde9582f0.gif
IP 23.224.179.149:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 246 kB (245730 bytes)
Hash e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
GET /2022/09/12/631ecde9582f0.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 245730
cache-control: max-age=43200
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
etag: W/"c1d4d25db2f2cab675108d7961d2a3357d05fdd0ee5c5a0f1ced27da2977d6f9"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: C49E:3B3F:1F8D1:6EDC3:6332CE05
via: 1.1 varnish
x-served-by: cache-lax10623-LGB
x-cache-hits: 1
x-timer: S1664288339.801587,VS0,VE182
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 220c68f3715a8c66112862232c99f35f02da6b07
expires: Wed, 28 Sep 2022 02:37:18 GMT
source-age: 0
x-cache: HIT, HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=482917442&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=482917442&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=482917442&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=28112&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 27 Sep 2022 14:37:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=29AC8AF4903374A6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
u0083.com/f6bf20b8c7c04cdf8a46c12e407354c2.gif
20.239.191.67200 OK 106 kB URL HTTP/1.1 u0083.com/f6bf20b8c7c04cdf8a46c12e407354c2.gif
IP 20.239.191.67:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105623 bytes)
Hash d8672cb6c77971420eaad2e23cb983f9
6879e309a3a4f5aa253be7d548c7ead34ff50a3b
3c1f6314f621b3defac9f81ff04a387b41aa4213357eb15bbc3fe4c29c271c7c
GET /f6bf20b8c7c04cdf8a46c12e407354c2.gif HTTP/1.1
Host: u0083.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 07 Sep 2022 12:06:34 GMT
ETag: W/"6318894a-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
3p8801.co/%E7%9A%87%E5%86%A0240x240.gif
137.175.35.2200 OK 114 kB URL HTTP/2 3p8801.co/%E7%9A%87%E5%86%A0240x240.gif
IP 137.175.35.2:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 114 kB (113483 bytes)
Hash 06e653b16b8380bd8ff599d09204f83b
02c928506c30bda05419ed0220617770c435dc7a
afb56e7d5879a7ba5561a8b3d3e7454241e51ed81aab742826b418932720ef89
GET /%E7%9A%87%E5%86%A0240x240.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:39:50 GMT
content-type: image/gif
content-length: 113483
last-modified: Sun, 24 Jul 2022 09:37:56 GMT
etag: "62dd12f4-1bb4b"
expires: Thu, 27 Oct 2022 14:39:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:39:50 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Thu, 27 Oct 2022 14:39:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/3P-240x240.gif
137.175.35.2200 OK 322 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 322 kB (322371 bytes)
Hash 10b590fb68b248b758ae345f3cc33961
9e13b8044dc3e6bfcf6156977a32403f672b71c3
ee081d5613e4bafe5733342028b1518f676b9572319146f2197463836993391e
GET /3P-240x240.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:39:50 GMT
content-type: image/gif
content-length: 322371
last-modified: Sun, 24 Jul 2022 09:37:58 GMT
etag: "62dd12f6-4eb43"
expires: Thu, 27 Oct 2022 14:39:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash bffbd9373e1b10c6033b3375a26b2fac
0061226b45fc6cc89b29547479575711a0a97875
13e4522fe1118785f12261e2ab790f422b2010c5ec820e7716bfcc456a1e066b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3006
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:37:19 GMT
Last-Modified: Tue, 27 Sep 2022 13:47:13 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d4a074e13a88eeb4403d4957d8b6b001
561088772c9f3416a47ce137fc67cca8aaedec3d
5dab0a279f37dbefa985a48836bf0686c42f7d1a0695c65ee85148e190c16438
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:37:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 13:06:38 GMT
Expires: Mon, 03 Oct 2022 13:06:37 GMT
Etag: "561088772c9f3416a47ce137fc67cca8aaedec3d"
Cache-Control: max-age=512357,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7514fa040b7cb4e8-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
47.246.44.224200 OK 455 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 455 kB (454806 bytes)
Hash a2adfb182a1e1629ab484d90b72f23c8
0301a7d9e60d54dd13e1cb528a0b22546790c026
7bcc06c7b13d9e1ffbff6e5b627b209b91556b3dcd39c8181f99548f150fc89b
GET /obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 454806
date: Sat, 27 Aug 2022 14:42:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:26:45 GMT
nw-session-id: 202208272126450102080352140A7068A2j6fpx01dy
nw-session-trace: 2022-08-27T21:26:45.540738746+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 454806
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:26:45 GMT
x-tt-logid: 202208272126450102080352140A7068A2
via: n204-097-238, cache16.l2de2[0,13,206-0,H], cache4.l2de2[14,0], cache4.l2de2[15,0], cache2.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015f385d3fc56128f1a4291cfc24ba5beb6bb050174f8a4bde30a2f8504ba2b81d1af23526cac1a55c0544ba65e9a8f06af049aa6fb10d31566b09af1a690e91ed58ef22652af931b4a5db136e17599b70de2d2d794a56a990b6237e8c4a9c7dfc
x-response-lb: image
ali-swift-global-savetime: 1661611346
age: 2678093
x-cache: HIT TCP_MEM_HIT dirn:11:454561679
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31190969
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916642894393803444e
X-Firefox-Spdy: h2
zhibo128x1.xyz/128/960X60A.gif
154.83.25.141200 OK 539 kB URL HTTP/1.1 zhibo128x1.xyz/128/960X60A.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 539 kB (538695 bytes)
Hash 79a6bd621e989d305866cf3da25f3ead
43ff7c41e2e6fd4a9944bb5a6ad62673c1c079ba
f0a59f510fc36a5570a8af24e87662bca9e0dd4225f39f72f0d94881505fa4f8
GET /128/960X60A.gif HTTP/1.1
Host: zhibo128x1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: image/gif
Content-Length: 538695
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 05:47:13 GMT
ETag: "6316dee1-83847"
Expires: Mon, 17 Oct 2022 09:08:31 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
pic.picnewsss.com/tu-pic/240-140.gif
23.225.139.251200 OK 150 kB URL HTTP/2 pic.picnewsss.com/tu-pic/240-140.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 150 kB (149597 bytes)
Hash f2d3e1a6f8899994610ab814f64bf078
9523d6eba5dd1ab466b5b2968d5d6231161e6ae6
06e958cd3720c7f7afb07142bc76c2b531df3aab1a58ef6d5f3a789f3cad0177
GET /tu-pic/240-140.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Tue, 27 Sep 2022 06:36:33 GMT
etag: "1664288365"
expires: Thu, 27 Oct 2022 06:36:33 GMT
last-modified: Tue, 27 Sep 2022 14:19:25 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 149597
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
47.246.44.224200 OK 671 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 671 kB (670683 bytes)
Hash 61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
GET /obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Mon, 26 Sep 2022 15:23:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 25 Sep 2022 16:01:46 GMT
nw-session-id: 202209260001460102090820253BE3DB93vwq8p02dy
nw-session-trace: 2022-09-26T00:01:46.280578559+08:00 56
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Mon, 26 Sep 2022 00:01:46 GMT
x-tt-logid: 202209260001460102090820253BE3DB93
via: n150-055-204, cache23.l2de2[0,0,206-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:20:362::84
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0171cc5f3bfc9d12bb2d8548112589f6b225a5e504e010ee168f0507c8e25c40339f0e075576e760fe4ff8ca4e4779e61e4a8e184bbfd69f9d53d71958668e55b704b94064f2b0f940b2abf2823000a697451f87e75c0bac1d0126c1a787a7ea82
x-response-lb: image
ali-swift-global-savetime: 1664205786
age: 83653
x-cache: HIT TCP_MEM_HIT dirn:1:431343774 mlen:0
x-swift-savetime: Mon, 26 Sep 2022 23:49:04 GMT
x-swift-cachetime: 31505642
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916642894396553689e
X-Firefox-Spdy: h2
images.xxootv.top/admin/202208/630634f18a75e.jpg
45.207.13.180200 OK 26 kB URL HTTP/2 images.xxootv.top/admin/202208/630634f18a75e.jpg
IP 45.207.13.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Hash 003320de6bd2223be46a8d7e078a0a45
fc08ff33a5d7080674882770038a92384a1bc366
7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880
Analyzer Verdict Alert quad9 Sinkholed
GET /admin/202208/630634f18a75e.jpg HTTP/1.1
Host: images.xxootv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:37:19 GMT
content-type: image/jpeg
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Thu, 27 Oct 2022 14:37:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
47.75.19.91200 OK 96 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
IP 47.75.19.91:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash 57557d6b489d522d480d9b82ce29db65
da2d3b35f0c9534e84e50310aeafe73173037315
4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
GET /gg/960X60.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 27 Sep 2022 14:37:18 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 63330A9EDA8A7933390ED8BA
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 2
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:35:32 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Thu, 27 Oct 2022 14:35:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:35:32 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Thu, 27 Oct 2022 14:35:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/960160.gif
220.128.218.220200 OK 166 kB URL HTTP/2 taiwtp1.com/img/960160.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 160\012- data
Size 166 kB (165614 bytes)
Hash 499d402cf727956bcdb1a229ff10c05e
95bbdda00299532dab6ca13cec744d21c0f7ae26
20be363fb9c4cc867e6d5467daff447c1e9aa10feabda9fd943672b6672aeff9
GET /img/960160.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:35:32 GMT
content-type: image/gif
content-length: 165614
last-modified: Mon, 02 May 2022 05:20:34 GMT
etag: "626f6a22-286ee"
expires: Thu, 27 Oct 2022 14:35:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/600400.gif
220.128.218.220200 OK 304 kB URL HTTP/2 taiwtp1.com/img/600400.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 600 x 400\012- data
Size 304 kB (304522 bytes)
Hash e0a34183ace6e0dff373311780daecf4
48e4233e415d464e22ac1ff3d2135d20e4c31eb8
eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
GET /img/600400.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:35:32 GMT
content-type: image/gif
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Thu, 27 Oct 2022 14:35:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n7181.com/d35467f31a1e415dbf061087c8c283d5.gif
45.61.212.219200 OK 684 kB URL HTTP/1.1 n7181.com/d35467f31a1e415dbf061087c8c283d5.gif
IP 45.61.212.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1
Host: n7181.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Thu, 22 Sep 2022 09:00:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-19
Content-Length: 683474
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.129.255.47200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:19 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 35623 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 9b99e669-3260-46e1-9ef6-14fb7f8fefb6
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png
43.129.255.47200 OK 121 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 350\012- data
Size 121 kB (121197 bytes)
Hash c333d9318beb5b59bc7fd1dbe71ed7f3
7f59fbc05d4302bc5768755ed10aa58932bf8c7a
58ae8f93dc8f4805de239cc27796b1a97bd67acd9ef72cd7f0ed73119175d4f5
GET /hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 121197
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:24:44 GMT
cache-control: max-age=2592000
x-delay: 17580 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 121197
chid: 0
fid: 0
x-nws-log-uuid: 68c403da-0fb4-4f8a-b69d-affb6f39996c
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
43.129.255.47200 OK 456 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 350\012- data
Size 456 kB (456390 bytes)
Hash 24f8d711ff99c1b9e8eda597e520496d
0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 54539 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: bb197d33-ec5d-4eb4-aad4-66d906c1f3c3
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.129.255.47200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 347 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: ebc3b222-6a7d-4bb2-816d-da087dcc5daf
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.129.255.47200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:19 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 445 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 21c1d8c7-f322-42c3-aa58-5e1a0a133755
X-Firefox-Spdy: h2
img.x967.xyz/images/62fbb66bab3ecbe918ac81f1.gif
38.47.102.246302 Found 0 B URL HTTP/2 img.x967.xyz/images/62fbb66bab3ecbe918ac81f1.gif
IP 38.47.102.246:0
GET /images/62fbb66bab3ecbe918ac81f1.gif HTTP/1.1
Host: img.x967.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.cuphf.xyz/images/62f786e81cd529cdb973c2b0.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.cuphf.xyz/images/62f786e81cd529cdb973c2b0.gif
IP 23.225.222.2:0
GET /images/62f786e81cd529cdb973c2b0.gif HTTP/1.1
Host: img.cuphf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
cache-control: max-age=3600
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png
43.129.255.47200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:18 GMT
content-type: image/gif
content-length: 2668995
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:04:56 GMT
cache-control: max-age=2592000
x-delay: 184864 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 2668995
chid: 0
fid: 0
x-nws-log-uuid: 1b05d18b-9df3-426e-bdc0-35b1b0ef1167
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.129.255.47200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 27 Sep 2022 14:37:19 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 635 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 23b1f275-96c1-4ce8-90d7-4f8c5139c8be
X-Firefox-Spdy: h2