Overview

URL dcy23.com/
IP156.255.162.190
ASNSun Network Hong Kong Limited - HongKong Backbone
Location Hong Kong
Report completed2022-09-18 20:48:09 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-18 2 xxootv.top Sinkholed


Files

No files detected



Passive DNS (38)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS mang.tiryakioyun.com (2) 0 2022-03-21 04:49:54 UTC 2022-09-18 14:24:07 UTC 20.205.43.35 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76
mnemonic passive DNS www.mgsmqs.xyz (8) 0 2022-05-28 03:55:58 UTC 2022-09-18 18:08:49 UTC 173.231.17.185 Unknown ranking
mnemonic passive DNS u0083.com (1) 0 2021-02-01 01:45:41 UTC 2022-09-18 14:13:09 UTC 20.24.204.162 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 16:02:06 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.35
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 52.38.146.2
mnemonic passive DNS kvtddd.top (1) 0 2022-05-22 12:14:43 UTC 2022-09-17 18:12:52 UTC 104.21.235.61 Unknown ranking
mnemonic passive DNS dcy23.com (1) 0 2021-02-01 07:21:20 UTC 2022-09-18 15:11:43 UTC 156.255.162.190 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-18 19:15:51 UTC 93.184.220.29
mnemonic passive DNS hm.baidu.com (9) 8254 2012-05-26 08:38:45 UTC 2022-09-18 09:41:13 UTC 103.235.46.191
mnemonic passive DNS fmlb.netlbtu.com (38) 187701 2021-09-14 11:57:06 UTC 2022-09-18 12:04:26 UTC 104.21.235.174
mnemonic passive DNS uu99k.com (1) 0 2021-02-04 07:26:26 UTC 2022-09-17 18:12:52 UTC 23.224.145.196 Unknown ranking
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-09-16 21:15:58 UTC 47.75.19.91 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-09-18 08:12:25 UTC 23.36.77.32
mnemonic passive DNS zhibo128x1.xyz (1) 0 2022-09-06 23:50:01 UTC 2022-09-18 11:49:25 UTC 154.83.25.141 Unknown ranking
mnemonic passive DNS vesdsp.com (1) 0 2022-07-06 03:53:54 UTC 2022-09-16 21:15:59 UTC 103.170.15.45 Unknown ranking
mnemonic passive DNS p3.douyinpic.com (1) 23536 2020-12-18 11:20:50 UTC 2022-09-18 15:24:51 UTC 47.246.44.226
mnemonic passive DNS taiwtp1.com (4) 0 2022-04-08 07:06:08 UTC 2022-09-18 12:04:26 UTC 220.128.218.220 Unknown ranking
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-09-18 09:41:13 UTC 182.61.201.93
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-18 05:19:30 UTC 104.18.21.226
mnemonic passive DNS kvemm.com (1) 222018 2021-10-18 01:51:02 UTC 2022-09-18 15:58:56 UTC 98.126.214.50
mnemonic passive DNS img.cuphf.xyz (1) 0 2022-07-12 16:14:16 UTC 2022-09-17 19:56:32 UTC 23.225.228.34 Unknown ranking
mnemonic passive DNS zerossl.ocsp.sectigo.com (2) 4049 2020-05-09 19:05:29 UTC 2022-09-18 06:43:16 UTC 104.18.32.68
mnemonic passive DNS 3p8801.co (4) 0 2022-07-05 12:28:12 UTC 2022-09-16 21:15:58 UTC 137.175.35.2 Unknown ranking
mnemonic passive DNS img.x967.xyz (1) 0 2022-07-18 13:04:45 UTC 2022-09-16 21:15:59 UTC 23.225.222.18 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-18 14:37:21 UTC 104.18.32.68
mnemonic passive DNS ocsp.digicert.cn (2) 37572 2020-03-20 17:45:56 UTC 2022-09-18 09:51:35 UTC 47.246.44.205
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-09-18 11:49:25 UTC 163.171.140.79
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-09-18 14:13:09 UTC 23.225.139.251 Unknown ranking
mnemonic passive DNS images.xxootv.top (1) 0 2022-06-09 20:47:47 UTC 2022-09-16 21:15:59 UTC 45.207.13.180 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
mnemonic passive DNS api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-09-18 09:41:15 UTC 112.34.113.148
mnemonic passive DNS p.qlogo.cn (8) 48578 2014-01-15 11:11:45 UTC 2022-09-18 11:49:25 UTC 43.154.254.32
mnemonic passive DNS www.dcy23.com (4) 0 No data No data 156.255.162.190 Unknown ranking
mnemonic passive DNS ocsp2.globalsign.com (3) 1544 2012-05-21 07:12:19 UTC 2022-09-18 05:51:54 UTC 104.18.20.226
mnemonic passive DNS n7181.com (1) 0 2022-07-03 12:37:11 UTC 2022-09-16 21:15:58 UTC 103.170.15.80 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 156.255.162.190

Date UQ / IDS / BL URL IP
2022-09-18 20:48:09 +0000
0 - 0 - 1 dcy23.com/ 156.255.162.190

Last 5 reports on ASN: Sun Network Hong Kong Limited - HongKong Backbone

Date UQ / IDS / BL URL IP
2022-12-09 02:15:05 +0000
0 - 0 - 2 yljh.iyhost.com/index.php/vod/detail/id/14924.html 154.222.97.198
2022-12-08 08:37:23 +0000
0 - 0 - 1 wly5.com/ 156.226.254.53
2022-12-08 02:07:39 +0000
0 - 0 - 10 3d41.com/ 156.226.220.185
2022-12-07 00:30:24 +0000
0 - 0 - 7 szjzwang.com/ 156.226.210.198
2022-12-06 23:59:33 +0000
0 - 0 - 1 www.geraihawa.com/index.php 156.255.158.185

Last 1 reports on domain: dcy23.com

Date UQ / IDS / BL URL IP
2022-09-18 20:48:09 +0000
0 - 0 - 1 dcy23.com/ 156.255.162.190

No other reports with similar screenshot



JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 103, repeated: 1) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e

                                        < meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
                                    

#2 JavaScript::Write (size: 77, repeated: 1) - SHA256: 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4

                                        < style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;clear: both;
} < /style>
                                    

#3 JavaScript::Write (size: 87, repeated: 1) - SHA256: 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9

                                        < div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;" >
                                    

#4 JavaScript::Write (size: 187, repeated: 1) - SHA256: b369455e1836b256f6870bf8ca5352feabe0f12957891834d3adcd1ca30fdf4b

                                        < iframe src = " https://mang.tiryakioyun.com/news/index.php"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
                                    

#5 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#6 JavaScript::Write (size: 201, repeated: 1) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

                                        < style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
                                    

#7 JavaScript::Write (size: 322, repeated: 1) - SHA256: 2954b88fb53320801530057b59b7688e297b76a48aa3626bb5558dbdb1b77ec9

                                        < div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 52%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "https://zzvcljljfd222.com/85/mguo.html" > < img src = "https://taiwtp1.com/img/200200.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
                                    


HTTP Transactions (133)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 20:02:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JinPtdzfMpfwABR8nKGVWTcNsjQE1zOS23yBjUohPv2Am6fiz5oUEw==
Age: 2700


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11745
Expires: Mon, 19 Sep 2022 00:03:43 GMT
Date: Sun, 18 Sep 2022 20:47:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dxol-F2J34NPLVcgEvQ7fIeBOR3zl5IVaO8ioEgqoRrKnq-omZ2Apw==
age: 58365
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 20:47:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: dcy23.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         156.255.162.190
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:47:50 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.dcy23.com/index.php

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 20:03:22 GMT
Expires: Sun, 18 Sep 2022 20:13:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1pEErQ6SyzCYkOq-XOqHuC-hvrmcn9N8PA_j7X0hvpEAcIN_jY09tg==
Age: 2677


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5437
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:47:59 GMT
Last-Modified: Sun, 18 Sep 2022 19:17:22 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X7IHH4ciDzFzJO9job+Abg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T4I+h+qBd/jEZXqDBvPycXZSeQE=

                                        
                                            GET /index.php HTTP/1.1 
Host: www.dcy23.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         156.255.162.190
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:47:51 GMT
Content-Length: 781
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   781
Md5:    bbf772e1fe761cdd096be63772479c96
Sha1:   5384db30903dd5a4658785d0b6a927fa8a441ee7
Sha256: b33378a091d8cb32c6568889ef4471861a66b59dc1b3f03622fc51accff7260e
                                        
                                            GET /common.js HTTP/1.1 
Host: www.dcy23.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dcy23.com/index.php

                                         
                                         156.255.162.190
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:47:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size:   1104
Md5:    3b08372f4773c8e7854234aaef938077
Sha1:   b65315c1d4fc673034b770705bf00746f6028d72
Sha256: da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.dcy23.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dcy23.com/index.php

                                         
                                         156.255.162.190
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:47:51 GMT
Content-Length: 522
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   522
Md5:    2d633a4064915c958670ec4ad81851ed
Sha1:   9ceac5b459f084114107944fbc1793e1e08e2506
Sha256: 36f2dfbdee7fdff995db86bc70ec55a4f9df745d70e3ce9a7f3d589249fa29db
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dcy23.com/

                                         
                                         182.61.201.93
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Sun, 18 Sep 2022 20:48:00 GMT
Etag: "4078521116"
Expires: Mon, 18 Sep 2023 20:48:00 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F8094BE229C94FAF0FD92926375BF604:FG=1; max-age=31536000; expires=Mon, 18-Sep-23 20:48:00 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /s.gif?l=http://www.dcy23.com/index.php HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dcy23.com/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Sun, 18 Sep 2022 20:48:00 GMT

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:00 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 11:27:45 GMT
Expires: Sat, 24 Sep 2022 11:27:44 GMT
Etag: "f81f7f923526d6a735f7bda626ae251630c19422"
Cache-Control: max-age=484183,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf0a4b92e1c16-OSL

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.dcy23.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dcy23.com/index.php

                                         
                                         156.255.162.190
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:47:52 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 23 Sep 2022 20:47:52 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:00 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 18:56:57 GMT
ETag: "06b7cdbd9b46b0f8b2dba7cf4442859189cc77bc"
Last-Modified: Sun, 18 Sep 2022 18:56:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 880
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ccf0a59818b50f-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    ef903b2395f21c658b1b4c1f0c067ba8
Sha1:   06b7cdbd9b46b0f8b2dba7cf4442859189cc77bc
Sha256: 5eee98e4ed044288e9eddd0bcb5c7499019fb8d5a468913933ae5486fb290ba1
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:00 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 18:56:57 GMT
ETag: "06b7cdbd9b46b0f8b2dba7cf4442859189cc77bc"
Last-Modified: Sun, 18 Sep 2022 18:56:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 880
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ccf0a59d1dfab4-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    ef903b2395f21c658b1b4c1f0c067ba8
Sha1:   06b7cdbd9b46b0f8b2dba7cf4442859189cc77bc
Sha256: 5eee98e4ed044288e9eddd0bcb5c7499019fb8d5a468913933ae5486fb290ba1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9430
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 20:48:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9430
Expires: Sun, 18 Sep 2022 23:25:10 GMT
Date: Sun, 18 Sep 2022 20:48:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
age: 80305
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 48705
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 47387
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5133
Md5:    56ade9172e883c777dd974ca879bceba
Sha1:   b2aaf019e083443a6404c262206ee2e981d3165c
Sha256: c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ad9w48miLhhgUj5HjLWVi8MuMLErwtnog3r3Set_qdQH2FS9Q5Fj6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:10:23 GMT
age: 81457
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9093
Md5:    5ae5a7fc19cf9601753b147621cb9f8c
Sha1:   04063797f76518668fdd9a5d5a86c7637eac43b8
Sha256: b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:51:29 GMT
age: 82591
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7788
Md5:    7a22ab7dcdf50f4a297b8e117d336eae
Sha1:   e139a0974317212f094fdbe59e26ca5cf6b9e56d
Sha256: 9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 53935
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /hm.js?fe788d4f61a98887685966a4ffb2df24 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dcy23.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Date: Sun, 18 Sep 2022 20:48:01 GMT
Etag: 078c16ac07cf0504d60230847efa9a89
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=15C597A4B2B15D58; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11340
Md5:    5bb5d923a839487e4b497823a405d3ab
Sha1:   50f73c507ca6da8f8e60c1d524c1d3e7d3ad7186
Sha256: 067c39096554f4677a76b823c8765f7dbaf70c1fc4e8d3baef41b29403176e51
                                        
                                            GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dcy23.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Sun, 18 Sep 2022 20:48:01 GMT
Etag: 60ac4bc04e4101ceaef327f946e61444
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4AD26D4F970609CF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    1870519188c6055aa5f6b67f038567b6
Sha1:   5beaddd0140b40663ce39fa6d1868a9a321b977f
Sha256: de285e61b1a1c4bf4022a5e24fd131570ddc91a31901148cee2dd584caacd4cf
                                        
                                            GET /news/data.php HTTP/1.1 
Host: mang.tiryakioyun.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         20.205.43.35
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Sun, 18 Sep 2022 20:48:01 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63342749&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=59158&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.dcy23.com%2Findex.php&tt=%E9%82%B5%E9%98%B3%E9%B8%A5%E7%9B%9F%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dcy23.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 20:48:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CDEB220C85BE52A4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B79DDA573F7A8D3048F6427E3A2B04DE565F21F44B342A1A4E94B21EBBC773AC"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19228
Expires: Mon, 19 Sep 2022 02:08:30 GMT
Date: Sun, 18 Sep 2022 20:48:02 GMT
Connection: keep-alive

                                        
                                            GET /template/m1938pc/images/1.gif HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:02 GMT
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Tue, 18 Oct 2022 20:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 17\012- data
Size:   254
Md5:    b013f8fa3ec997fe20dc80b82af0ad0a
Sha1:   e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
                                        
                                            GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:02 GMT
content-length: 641
last-modified: Fri, 22 Jul 2022 08:35:23 GMT
etag: "62da614b-281"
expires: Mon, 19 Sep 2022 08:48:02 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   641
Md5:    b840c26fe2ad5f5fed93a1422e810847
Sha1:   2e682ed0739aa6258b57deeb01e3b013edc0022d
Sha256: e86ced398e2f16d4e3bc271378f9abc9961bbecc17d58ad9399733a61aa3f7b6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9DB7570DAA89A1C9211C7FA48CE90CEE115B1C855598AFEF6F18B5F6CEA48BD0"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Mon, 19 Sep 2022 00:41:31 GMT
Date: Sun, 18 Sep 2022 20:48:03 GMT
Connection: keep-alive

                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         98.126.214.50
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 162
location: https://kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /template/m1938pc/js/jquery.config.js HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:02 GMT
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Mon, 19 Sep 2022 08:48:02 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2212
Md5:    4d8e329361e968aff2be9ef1b51120b2
Sha1:   1bae1f2d70407bf79384cbfeef72466df63f80e1
Sha256: 2fe166d4f0918be51e24b0cf1d1f470afe4e6676ec51da5f5ab52bc3ce19019e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 15:00:17 GMT
Expires: Sun, 25 Sep 2022 15:00:16 GMT
Etag: "abdcda1be4e69ca4bfcc830cb4482b0b88340200"
Cache-Control: max-age=583332,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf0b6cba70b49-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:48:03 GMT
Ali-Swift-Global-Savetime: 1663534083
Via: cache8.l2de2[470,470,200-0,M], cache8.l2de2[471,0], cache2.se1[495,495,200-0,M], cache2.se1[497,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 18 Sep 2022 20:48:03 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616635340831625697e

                                        
                                            GET / HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size:   88324
Md5:    ba3282a9673b3016b42d3df0091679a4
Sha1:   eb850f4239adfff69835799765614a80188d4dbe
Sha256: edbcc602aeb587d4b341886920e7b452921a64bd2acd36ed901581f9d4daa6ff
                                        
                                            GET /template/m1938pc/css/zui.css HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:02 GMT
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Mon, 19 Sep 2022 08:48:02 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20012
Md5:    da9f7365d24f17961883c845a140fe20
Sha1:   4d75e819b7df5654ce7fce00a8bfab3d711eecc9
Sha256: 2a88a55d55c1024142184d7f10fa84438248516e0ccf767e4234361277cb35ee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4140
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:48:03 GMT
Last-Modified: Sun, 18 Sep 2022 19:39:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /upload/vod/2019/11-08/04/lklc22wtyip0421lklc22wtyip1010164.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9704
cf-bgj: h2pri
etag: "3fb6e3e4a895d51:0"
last-modified: Thu, 07 Nov 2019 20:21:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYCgzjUasxp06FsijIJOeZfll3AFioyRrng3I2oM6KvLga5RsLF2FKnxLxJZ617EjXGxeV72dn9WiLyg82rnUja%2F4dF96R%2BLRUZwBDgQp0sOPghbxd9OEVcAfv8ekFw81rOB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d814f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9704
Md5:    6b9aea1c8871efb99537906e2dc0d684
Sha1:   cfa59de130d8d843b73eb8070a2760307bd96002
Sha256: 57dc1305f67f10ca2ee89887facc73581ca38eb64a247ee6d6ae57a31f5869f0
                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvtddd.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgsmqs.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.61
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sat, 15 Oct 2022 22:16:00 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 253923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDg2gkWJmSHpFmsw%2BjGMdU1OeelFGbNe%2BQIR2XOO1TK%2Fs92elOQMClTSNU%2BJwz5FvHhTo6v1nLsqdBtUfxkxMgjLUEwtZrpOmIKq7fto7ipom6V6xBcEszZ7OuRx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b71e497732-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   902313
Md5:    8b4a95ea7cfbb7fb4d2b18efca5145f3
Sha1:   d2966ecbeb7369620cce5dbcd15d0fe591d79648
Sha256: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
                                        
                                            GET /upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9267
cf-bgj: h2pri
etag: "2d1b6da81bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVJPefJnCcB8xgwHHZGrqPi8QP676EJz0Pc7M4W6WIO1Wb8QlyD%2Fa9%2Fk%2BaKKOklW4g5rBtwQLpvpqPVZbLYwxMe0rSkVL10gkn5MU%2FKgp%2BZti5SFO7353Cib0yBiP72XxCif"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d81bf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9267
Md5:    ad4517eff3f949a1e836b97324b70d2c
Sha1:   a726b6395801bc8260372ae1007043f659a54cee
Sha256: f91cb25c0c368bbd3e6c39911771b073b6a158d7d8a8ba950948ed6ac9e1115d
                                        
                                            GET /upload/vod/2022/09-18/13/3j25ivzmcx113023j25ivzmcx1206121.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 6108
cf-bgj: h2pri
etag: "34222dd51bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:02:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3278
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9JZqOKu5JNGHFfYjre9okxExjTiu24xHfs0T7GKTQEUsu9E4e07QIJ15ZTvJLE79l4qYHVeUwiL0ALPCkywruOSXubePoDgiAlN%2B%2FUO00whlP45pRo%2FNqeHEutzEfPXgzWx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d820f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   6108
Md5:    5f6ce35f8b0c0bbfe7e37f0b9f65404d
Sha1:   47834a5c6e32c7b1b6c23462f93282305bd6a49b
Sha256: 86b72355c4055cf5a42cefbab6b191e0f9aecc231e921cea989884c0fc37e428
                                        
                                            GET /upload/vod/2022/09-18/12/p4ohr0lfdsj1226p4ohr0lfdsj375851.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 2137
cf-bgj: h2pri
etag: "6013f6d716cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFPHhEh6i4jYaX%2BLh2wGA4In%2BDey5t4ePyGasESsjXSRqrZJMnNu9bekl2pNcbudoDrIM9Pm%2BRxCWjBYZqIa9PsxN29IjPbOG3tbnkUPEBKlGz8IblrORSTMAzioyOacnZA7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7c812f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   2137
Md5:    f60a2be3954157becbae17516ecf8b6a
Sha1:   84bcb66fd793a4a067d48b22d315a9346fbd037c
Sha256: bffd81f1242115693f3df34da9a8dbdba864d73d6186ca212a2189e0cd25cd67
                                        
                                            GET /upload/vod/2022/09-18/13/ko10sxaghbm1302ko10sxaghbm216123.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8025
cf-bgj: h2pri
etag: "9ea6b2d51bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:02:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3715
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq64%2BiYUtB4anbRitde4lq%2BXUqirmoSP25TlI2EvLqI1Ihe3ojb2yBuybXNXW08szZm2%2Bi4xTUn7z6Lm2AlrB9msQkmNOzxHuhReejjRVdTx2dmEiB7YbZStydInV%2BgPsWj7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d81ff407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   8025
Md5:    dcc1be4235a97b91e3fe66b55ef330b7
Sha1:   b388ec6bba9d3a67832b8056a50cdde9af10ce79
Sha256: 44dec2fa56349c4cd09c7b1f163e1713f567efd8df9a8517769685e2dd8a6769
                                        
                                            GET /upload/vod/2022/09-18/13/jyr1vvarqxo1302jyr1vvarqxo256131.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 12529
cf-bgj: h2pri
etag: "3818e1d71bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:02:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaGetBmFcgu2LRu3K7bgLcKJsn1kVwt2zHyq%2FRbK1NCeUgPtojr3edMfQy6morhKbjeRKqV%2BTwp4V1mTx3pwVx%2BhGAkfVoVNBaRPhEk%2BNUBLUMmJIXvZKAslLBd%2BkBYsNLGJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e836f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   12529
Md5:    a8bf5b5c05834772e34ea8a891710e23
Sha1:   32c22e9ccbce19e9dafb28fd4b20f8ed645679bc
Sha256: 1ae29d567c5f8ab90a76576d53f75efe1c69e2250eea137b7a3c5f1cdf00d119
                                        
                                            GET /upload/vod/2022/09-18/13/2wabyjrn1td13022wabyjrn1td246129.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 12173
cf-bgj: h2pri
etag: "45a84fd71bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:02:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F0yhhYA%2BPzGJh%2BI%2B63DAbycv9RUZv1cKVFbnHKiPfOl6RclNj7LXnqxqEZeLoOD5w4D7jiRW1RkFakWe%2BgLDYFM%2Fzf4JSsfJmnir0Hkd9p4zN8oYkeoK6wgCJJj3DzPspx1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e838f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   12173
Md5:    d9104bb097207a3cb42a9ba65c950f20
Sha1:   da59345fb86b0c4be55bf230e464f8cbe75055c9
Sha256: e65bf669799516786bc6586a5115113e5c9797267d6237d853b8e6c749851cdd
                                        
                                            GET /upload/vod/2019/11-08/04/aepla40gkd10420aepla40gkd15410140.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 6483
cf-bgj: h2pri
etag: "cdae7bdba895d51:0"
last-modified: Thu, 07 Nov 2019 20:20:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MpDPXYfHJ2%2BEericDP15eUfQEqi3n0EXtUatr5txa4YPODXgGZKk0qCR83nNDUBBciLPuxCu2EWpSzVbX6UDarJYm1SKSvA%2FqVFrxdBtLoufbz379%2FBaq2VjiNFeeSfTvS3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d817f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6483
Md5:    1c31c9c762cf066fafe0baaf590c6cce
Sha1:   09ad079788ec0478453913286d1abbb6421c7b51
Sha256: 207d0f098f3ff67c2e1e831c31b347c6b67cd49aa5c18a5be07a696c04b6fe76
                                        
                                            GET /upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 7843
cf-bgj: h2pri
etag: "4af8e9a71bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LW9LQWH69rIgdSyL8%2BTACHG5Sow4k8L90TCzAorqqiI3539hxXJ0cTl7Zu4%2FXOipqB67iZ1v3OmwMMBYpGibsWFCXCv1m2EUorIy0SmKVAmwNnseiCQ3b0FTqFLOESO0uFD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d81cf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7843
Md5:    bbffeb709423dc0ff2221628f182c020
Sha1:   a9f7ccae2b0127563cce0329cfff87b1120edc0a
Sha256: b0e80eecb3b184b358b75133c9026f98b0efea7c6e829c744b1dcca8a86b5b40
                                        
                                            GET /upload/vod/2019/11-08/04/3bifaihemqk04233bifaihemqk3410367.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8232
cf-bgj: h2pri
etag: "6d88813aa995d51:0"
last-modified: Thu, 07 Nov 2019 20:23:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4082
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sSpYgMjaMc3YVVMt9GIS%2FBzoG1nFY7u%2FACVJBN58rju5TrOCoee8%2FLtSAqdZFTkjOakGmA%2B762ACIT59q5NVo7nI5nFoW80z5A8pFJfKDq14UNve13c4lkrhGMtX%2Bx5t4Zr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7d824f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8232
Md5:    a73d451f434199bc32ac4e47adacd8b9
Sha1:   7b4511ba696b941fc53d7b57d6e7f9b7dec252b9
Sha256: 332ba1e012d64de5a52bb7aac59def04af52caf739c16ccdbc21624bd441944e
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:03 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 20:24:25 GMT
ETag: "4f22a3b6375ead3bb0359ebc093a359a51b9782d"
Last-Modified: Sun, 18 Sep 2022 20:24:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 795
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ccf0b84a8ab50f-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    c707d4a88c885e1316d2387a7599e132
Sha1:   4f22a3b6375ead3bb0359ebc093a359a51b9782d
Sha256: 9248ce2207a781d6e5d1c7989112787b65c4016375ecea99c4e24a7fff81804b
                                        
                                            GET /upload/vod/2020/08-03/18/yzo1jeyck5u1802yzo1jeyck5u53805.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 7907
cf-bgj: h2pri
etag: "35f1f7407d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGMKye9mGAUJT3ISbftb%2B9Q%2BHUaZCYIvvTyjxPzHbQ%2F2mFoF8eKk3Reb9FXwyBNy2lgLAB8zWe32UV8FVWdIXUpWTPs5Ohu%2FlArUUVpgdPgLERxlubEAyHgK0WFtAuG7icFG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e82ff407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7907
Md5:    13068738fb79cdaa0cb5cc5a289f6460
Sha1:   c35bc9fcf5866132235be45c0167fe40cbf3a009
Sha256: 79440cee1f391c9bbd2110e98ed30e15a5db405bf326a7f6d521eccd4f1f7bc1
                                        
                                            GET /upload/vod/2020/08-03/18/52dkakaggmq180252dkakaggmq50787.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9074
cf-bgj: h2pri
etag: "571653f7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6782
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZOaOuI4WsGsct3zjLouurhm6fEI7HI9MgXv6s1UB7sqpxod5uYVMCyoxh5BicbXR1J6VyIGexn2s%2BfR%2BozEyseYSKKMUgzbCwstWYNMxVHgnGfMfCjvQ2tMzRVwQi3KWMjX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e83bf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9074
Md5:    c5945ef92abd18b533613e810d1e34d8
Sha1:   95f60993099b34bf35095c9e7309b4028f8ccf56
Sha256: fbb395c763f92dffc1828c4a32136a6e40247b8e7d25a098598eee2df7afe048
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:03 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 20:24:25 GMT
ETag: "4f22a3b6375ead3bb0359ebc093a359a51b9782d"
Last-Modified: Sun, 18 Sep 2022 20:24:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 795
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ccf0b84cbeb4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    c707d4a88c885e1316d2387a7599e132
Sha1:   4f22a3b6375ead3bb0359ebc093a359a51b9782d
Sha256: 9248ce2207a781d6e5d1c7989112787b65c4016375ecea99c4e24a7fff81804b
                                        
                                            GET /upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 7181
cf-bgj: h2pri
etag: "980a0aa1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVYDDVnhxHkeAA%2Fgzbp3ottlquurqTxaIUses7cjKdfY%2FTaqAiNjB2ZnL%2BOWk5jKi%2BvpvdYLoyfBmu9277jm3BcdLmlpnUaS8r6hWDqecU%2Fql0BJzfZhZqhtYsBEEEgxnpM1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e832f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7181
Md5:    36be1f2b24491b56fd8d6e7ea5f9715c
Sha1:   1be456f0ef06e94e25394a48468f444770a89b05
Sha256: 6cbb7388287d11c3c14be43ecde3588a3639edb0642c1646dbbce0a6283efba1
                                        
                                            GET /upload/vod/2022/09-18/13/hvo5vfuucr11301hvo5vfuucr1356081.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9846
cf-bgj: h2pri
etag: "c66242ba1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT9cSEqLY0bJz3M77dGGQckiOWi%2FEY%2BsgFH50y1lbTwzIbnHRAR5elHRkkkc5trC8bjzPcQ0jJRTo0Xn3QUyOB%2BpW%2B%2FMoymesLtZ1Ac4FahZarbP%2BikGf5G5Mv6jo441h%2FuE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e834f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   9846
Md5:    046eb55bcd7430bb48848758976dc109
Sha1:   cb049ad6242e54f42016a199e513ba490dcbbd11
Sha256: ed31050af6cc4157726cf7b80a94f97c20d5e47257b5532f46d8d0e15ea49cdd
                                        
                                            GET /upload/vod/2020/08-03/18/hksmeuisbki1802hksmeuisbki51793.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 10637
cf-bgj: h2pri
etag: "c34aef3f7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6605
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BJEbscM8%2BfFGV9PaftwEUgC3V%2BK0Ulgo8b6UqpiGaS5UeazI1%2FWoPz4qMPVtx8pN%2BPrDqbNkc%2Bv78ZcWXjSnyi2HohF9o96FSATMoZeseDclwmr%2BQVc2fAzGPwluFqWR7V0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e839f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10637
Md5:    a529e5de3144c4baf514924de49e8e79
Sha1:   cff295edf40edbd1b738a47bcb5b71f7783ccf50
Sha256: 9aff5423ad93bd4361f4a2141dc7f848d3da58577881e288672b66a87eeaf860
                                        
                                            GET /upload/vod/2022/09-18/13/0q2ql2cdblx13010q2ql2cdblx406091.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 10478
cf-bgj: h2pri
etag: "9ef2f3bc1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYb0K2gU7RvGGm1Oz5zyWKz7qJQm37Lbg7UFeq2UBepTDBs4xoHNzAqMZJ8DsUSyWQuwMboIJvl3qzg12ld2t0xCPDfC1p%2BFDDsxIZC2nQuwyL7IvSCnbDlgAszexz9XKbBE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e83cf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   10478
Md5:    29ebbfa0db3e37b074b99b1814b173a5
Sha1:   32c8e880f84fbcda68dacd93c8b77e1075d620ee
Sha256: e5087b5bb3c29723aad7d49e6f1549350de6d656422fff312cc921da83ba1d96
                                        
                                            GET /upload/vod/2022/09-18/13/iefqazvnahr1301iefqazvnahr396089.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 11017
cf-bgj: h2pri
etag: "41a969bc1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bdax%2BkGoVF29Cx0jAkKwn2ttKhz0vzlzYHABOII0F5K1Ur6OaczKQm%2Fydg%2BMcrOGTOJhuiODuqTgYQICgJ0%2FgBj3vnbQo9VHPZ3pc3hO9QGvDJieiFSPRhnHSfwF%2Fw6oqS9O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e83df407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   11017
Md5:    adaf5c869a9bded192711d1020e47aaf
Sha1:   8eb2801da9a4581c67d02874dfc0608b34da2f83
Sha256: fb0608cbf445de3bb6ba94698243583501315f17f017461bcafb0da99a16b8cc
                                        
                                            GET /upload/vod/2022/09-18/13/0jg31xtcc0m13010jg31xtcc0m386087.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 11046
cf-bgj: h2pri
etag: "d0f0debb1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tt8cygmoc12Zmks%2Fj3acjbpdvmItsIXkpv3p6P7Ej1ExHHmMsWCNGgpfrrVe9WZBMKxtYrYunPLAmizAVJwU%2BxwxIehS9XryeERyDKR0a16spjw73QDcJOqol6A3gobr3zKg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e83ff407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   11046
Md5:    991849838856226a056b06b3eb702e3e
Sha1:   344b30c7dd3157bc128e133f331c3fe5a67b72c4
Sha256: e5a6ac53b461c9311bea993fd6077712bb3f463a797175497ba06148fd50b4d1
                                        
                                            GET /upload/vod/2022/09-18/12/hoqhlkzueqf1226hoqhlkzueqf365849.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9994
cf-bgj: h2pri
etag: "d37b5dd716cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm6msVOzDnLsLx2mXCaf1ABmEwm9vsnEaNY2PEIqgvixAqbq6mzRnI2Db5vv%2BQMBDAw3C2jthVkqD23Us4Gsl%2FFCSfMGx%2B9MREgnU4rg61miZbMKAZdNeyy9zH8REJuSrSlr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e842f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9994
Md5:    e1f597c22c84ba3a12f6c3c12d3df077
Sha1:   926f7efa8ca7250f344b8ec8f1c4cac055a53723
Sha256: 4314f523206a90f2c3923a768adae7fa34351cc04c132f4f0e60f25a7d69dfff
                                        
                                            GET /upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9122
cf-bgj: h2pri
etag: "457b1aaa1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlKmNnFAQr9nvHlWgoB5%2FchKpZ3UAmTguWF4Lr1O%2F2B7MXzdWVJbgNlFREMgvpm8dTS54cvyKNHR6QP1phkCOyDdhsJMX1ve8CXo6hAeWixyVGm%2BHgoQJDhCYPNQYueujA1s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e844f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9122
Md5:    f6d65c635c33ed84c3d20b9fe8e0ba73
Sha1:   53322f675b9d5fed33727ce5c7ca563a26580cea
Sha256: cba331a8de5f714ca097aeb155e14d6dbbfc53b314bc793ed0e000d4eae2aa9a
                                        
                                            GET /upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8721
cf-bgj: h2pri
etag: "edbf94a91bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieT%2F1jltA9iJ%2BLQWeMoNPHh9drTAnDNe3KG0U7Rj1AIgy5gng7yVVeuR5HuibpEOwh%2B%2B9FTrK2eeCQ%2BFDmWLxLEedFbOWeGeCNpzBZyF%2B8I%2FUkFtjFGg%2BpdSMp44lP8MZUI1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e846f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8721
Md5:    c0b4deef3b7b6e455c3dabd4373e971b
Sha1:   01b2e03544228cc38144e88fd75b8de31e8e6bcc
Sha256: 4e254e0452b7b1d02f74c05bb5e3b84d7190632e76098d01339c72e2da9e2678
                                        
                                            GET /upload/vod/2022/09-18/12/vevuc1gdwfu1226vevuc1gdwfu365847.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 10348
cf-bgj: h2pri
etag: "d959dad616cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHsmfJCKERYDyq87VF66HzEKWwWme6k7OZzHEogyaG2RW70H3Iw5wIp0WPyTGgXuODn6GRCA8YGJwTrJimPtQM%2BcfM%2B71HNWWNBbz3uXIjBpur5MgS3GSWB4deD%2B2QTE7KyI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e843f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10348
Md5:    d16379ca1ebfc0e17916dde0a9302507
Sha1:   f2b4016eef05b226e763d3f26017e1e5a810d1d1
Sha256: f499a23fec8ee10af245c774d54580431dc234bf4df9564a0b41c5551a817943
                                        
                                            GET /upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8870
cf-bgj: h2pri
etag: "783bfa91bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7gUSjbKlX%2Bd6Tp5crndQaHNMDmEm3SUN3iraX%2FwvB%2BELgJgxUOFRGJs0U3Dn7wimnRDUDpT2BMyuszPycF0RrgVeshM1pKDNJKNfn6jJ6Uj5bxeFwhREnhPKqwhb4tzFdFV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e849f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8870
Md5:    02bb2f03e004c58f8c131222a3d327d4
Sha1:   5549899e0365038ac5bacca9672e3a5892f01aa3
Sha256: 5cb5f8f1fef1ede1eb32cedf5963bc402b0c869721ab39fc691bc8449d66c82c
                                        
                                            GET /upload/vod/2019/11-08/04/3353ni35jsd04223353ni35jsd3010279.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 7354
cf-bgj: h2pri
etag: "5c44da14a995d51:0"
last-modified: Thu, 07 Nov 2019 20:22:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxvClzy0EIbkxLevX%2BalBAHeG1%2FE4LonX8z224LDqrdkV7L%2FrkVX7THVkmk4s0RYp47KExex9R50lJ1KOrSuncSyYo6xA1lSb8wBbuUXOynd4s7NPkWuhuS%2BNrZ1fb1gn8K4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e84bf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7354
Md5:    4aa087c8a82c33464362511e4f06765d
Sha1:   8b3428602fcba175b460924954e182599d595a8f
Sha256: bfe09a6b8960ca520d3ed4f4f2b8fa647be772f1d8bd99d78fed019ce3a36caa
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "530246824DB8C89A102345110CC85B3CFAD85FD65F61B8D4A26979BAF11DE419"
Last-Modified: Sat, 17 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10826
Expires: Sun, 18 Sep 2022 23:48:29 GMT
Date: Sun, 18 Sep 2022 20:48:03 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2019/11-08/04/bcp1f4w2lf00422bcp1f4w2lf04610301.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 12443
cf-bgj: h2pri
etag: "ba863d1ea995d51:0"
last-modified: Thu, 07 Nov 2019 20:22:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzTnARvbVXF0HSfuS9kimynsE0cyShaZCp0r8Y7Bh5VyxQAdMj44De0seQq9IX6zyke2ljmDwiNjOnndSas%2FhjIbPF31yplar8tcWNSysQ4%2F2y2veEedrX0wGQZdq309Uxzn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e84ef407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12443
Md5:    9c76c1097d6f21497a1a6a6714df1152
Sha1:   054d48a0acb17226d72b58b4dbef3439a9007cc6
Sha256: be97aa9f12fe839126f0249a7838517a68e4069040c25afdb88bf8d5c9f71190
                                        
                                            GET /upload/vod/2020/08-03/18/ey5y1dqdsuu1802ey5y1dqdsuu50781.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 11695
cf-bgj: h2pri
etag: "c52df03e7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7Gk8tUMCqWe5Lf4hZ5gVfMguayXPF3BK%2BsnL3NqUEUh5Q2XP62zmCorjSXWjJwydLsaXHvFWUfRRz4mRNkFMVI%2BbVsNf3CszPuPeg%2BiiR%2BqBzJx3diGZ%2BuoVzRdG9fB1KDK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e84ff407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11695
Md5:    d66dc58bc61e355110670d05fddb0ba7
Sha1:   813c8306b21d29d3600316bd7421e1c903705675
Sha256: 2a88141257a76b777d9145c48ff65f1d5e7bb47a88a8684da52624337564ac3a
                                        
                                            GET /upload/vod/2020/08-03/18/ctsk51eiqw51802ctsk51eiqw555817.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9273
cf-bgj: h2pri
etag: "c283c427d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dsp0xL%2BDCNN9fohWaptYMiOI%2FKA7OS6H%2FFP5JhETdvX1rsWKRZ0ll5PHx0Frr%2BPdPhGNtFPxJHqwkdA2ZSxH4MhR5eSk9SifsMd4VKC56xrPn8kl1MUZXyHN5dJx2BLg%2FRc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e852f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9273
Md5:    7d1ef202d21da87056dd6e67184cc899
Sha1:   f9c2aec87aba914ca18856bf24630bb2ad76d2a9
Sha256: e9401a0afbbbce49556ee62164156ba1fc42ab8bd1ce4541c42b33b5a5efb989
                                        
                                            GET /upload/vod/2020/08-03/18/1qfhxu45q2l18021qfhxu45q2l54811.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8097
cf-bgj: h2pri
etag: "ca757d417d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WvGeOY68mzC3fkbwDoh5MzIJd7nRlfEyWMTl%2FNpPVtuboukKLAC2TRnQZOrqwxghZ7kpQ0fgbZZJqMLS0z78gPB%2BEg1PVN9GC0eClsyv5pcgncXZFYjjo9yCyWO7tL7%2FWOS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e853f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8097
Md5:    282eef133d233c5824c845090cf33aea
Sha1:   db514d552cfd09de887edaa8fb20245ba9367192
Sha256: 8237e039d7c42850cfb4e7351c2449a536da02657b59a368bdc040557f99887d
                                        
                                            GET /upload/vod/2022/09-18/13/xbyc1w3nfss1302xbyc1w3nfss226125.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9691
cf-bgj: h2pri
etag: "508d3ad61bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:02:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3714
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PP5D781ii3LRrrvrjlVnGN2k5QOidZxvS82SCqOq8q8HKOohEZkwazQ2QqiKKKX2I7cOX2zcAp6H6aXlkHoP9Qs71AngHbCgWrOghohCzSeIT6l3C3rwCxPqWNtnIWnZkQf%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e856f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9691
Md5:    e4a9fc8d5e33f022738488fc221a038e
Sha1:   33ebb2835a52affea89d47b1555527701795676e
Sha256: 0d5efba9a02db56071ab6485c323e8083ef5212baa171a51da4dda13b40e3a79
                                        
                                            GET /template/m1938pc/images/video-mask.png HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Tue, 18 Oct 2022 20:48:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size:   107
Md5:    6a5ee87ff75437cb480df839f36004fd
Sha1:   eac66370f99601cb7febef320c9540d4593cd856
Sha256: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
                                        
                                            GET /template/m1938pc/images/video-play.png HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Tue, 18 Oct 2022 20:48:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size:   1567
Md5:    be7ca0a4a7c0317398a11162b1e09b75
Sha1:   5dbe6a02524cfbf5f5111478a71f91a9259056b5
Sha256: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
                                        
                                            GET /upload/vod/2022/09-18/13/evxhwc52xd51302evxhwc52xd5236127.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 9071
cf-bgj: h2pri
etag: "a7c1c7d61bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:02:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SUc5qLI9xWM2SjtmkpxYAzSByznttPL49WSJpTSeSkwDcn%2BsrUzai6%2Fuzp%2BG%2FHvskX19crnd02lX%2F9MbhZHf38FQwZ%2FwPFM4lRKgriuBSEw0CSQ%2FHE8bOzYhOopTJnw3gsV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e858f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9071
Md5:    d5e047ec6be444bc33bf45efbebe4867
Sha1:   f44c625da5e903a547f77bef34c3b2457652c8ac
Sha256: feb648be4f5a841ef5b36eb012f4fd1019cd676f334d416e52a92d0967f02cb2
                                        
                                            GET /upload/vod/2022/09-18/12/14amajvkzy3122614amajvkzy3355845.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8187
cf-bgj: h2pri
etag: "b41050d616cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9glB0LaamlznxiwnGosO%2Fvnbocx%2F4Ekbmqtgd6mEmsaMtaUIp4CvE79%2B0Yly3JFCfd2glUcUYb0%2BLSoCxEwdhxeJTJztyG26qdbx4jAiuoHpXgnd0%2B0nN5ctlK7xkxjXVVW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e85af407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8187
Md5:    aa60bfc4b8b851ad2d839526b1a42a32
Sha1:   7f3fc08751aa6454deb53b2ea35955fbff88e026
Sha256: ebd59b8e74aab6e64b96d98426816042364e2c44fb712e3f903a68975b1bc73a
                                        
                                            GET /upload/vod/2022/09-18/12/zdhgtozmfgw1226zdhgtozmfgw345843.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 10734
cf-bgj: h2pri
etag: "a2ac8d516cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDse4PR5PK5Vu4XzseTV9PQhYWUSToo0yvRzUmj5wJhCQ7r%2F78Khem6gLmu8juktNgKqiS3AaZoK9wz9p7tIdCVuznFzN4aX3%2Bhb%2Fbt7534Z%2FNkCX4tSZZEut9OFplH13gU%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e85cf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10734
Md5:    24f7146b16579faf73280a2599383807
Sha1:   5c7506c0e44672811872780f542f0c107f8d45cb
Sha256: f006decd71b946fb558f7444a9a86f75f05a86fe2019450c763e8572f864c76c
                                        
                                            GET /upload/vod/2022/09-18/12/wb3l3jeb4qb1226wb3l3jeb4qb335841.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 8078
cf-bgj: h2pri
etag: "46783bd516cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmB%2F6kPSiEd1VrxZDOmyHH%2Bx%2FqTGI7ZIZUwjyRn2A1gI6GOlAqFgsPlq4rYdilKtoaqBAdt1Ke1og2BXwp5sxRW0KWaXEFnwoGylopiVvz4e3UHFAht45zh6zCJqapFEfylH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7e85ef407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8078
Md5:    69d98b6f06e7818e0b912b1c2b35e49d
Sha1:   75224d0107b88e5f8b5f51aa3f4284455260c08f
Sha256: 032a7d21d4a88008e144e5134d2830c7fdf86898c8db9855e5104e2149d19482
                                        
                                            GET /upload/vod/2022/09-18/12/phxd4hruldx1226phxd4hruldx385853.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 11367
cf-bgj: h2pri
etag: "d7277ed816cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9E8glWa5RW1PymdATJ8r02u4SYaZoVbUV1Xbent56i3%2FHOiusPiGVDxJRCp8D4ps%2BerLF3EA6C7j617L1gyLSg2XmAIPhgGFGe%2B0SjxRnwK2VnCMFRg%2FJ5fGy%2BvWv56Ig%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7f85ff407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11367
Md5:    a4cbbcdd4ec1e677fd0433177e84de31
Sha1:   b3e7b2ca50af1f8abc46aafa9c22dc04e99c3d4a
Sha256: f7eb5b9a99c295989a9dcef75576bf649630f1de62ebc1137218d940dfb7a502
                                        
                                            GET /upload/vod/2022/09-18/13/2sgshvngsgg13012sgshvngsgg376085.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 10998
cf-bgj: h2pri
etag: "fcf356bb1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3y%2F92n449cmqR8tSVhw%2BY8pYQfawl8sdLMUPj6tHrrk8kszHtl2SL2CYBi4OLcqLlQrPO25nFjZ0D1i8HKddqgG77bJeSLUOKGjekXRSUtjcwtq8cp2ngHD%2F%2BU1ryYm%2FMG%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b7f860f407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   10998
Md5:    14d53539e3f371796565b0cdd05445c0
Sha1:   bc0e7c8f2e64a5c51b7b7afe4d29d39f82be67af
Sha256: eb2c97e99fb4c6d1396432f5c9f97c77dfa91bdf024b844b7e35da3dda26360f
                                        
                                            GET /news/index.php HTTP/1.1 
Host: mang.tiryakioyun.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dcy23.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         20.205.43.35
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Sun, 18 Sep 2022 20:48:01 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6370
Md5:    d42ea1b0cb3d7c16d1973607c207e5b8
Sha1:   c9d661869b684c29c08f78e96af1e6beda13e643
Sha256: b51bb897cd67565344a8feeb71dc3707d51d91b21b99bc07591741e0a2f1ccd3
                                        
                                            GET /upload/vod/2019/11-08/04/e0adlpy1ggn0422e0adlpy1ggn1510257.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:03 GMT
content-length: 11893
cf-bgj: h2pri
etag: "aa5166ba995d51:0"
last-modified: Thu, 07 Nov 2019 20:22:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9Ruhe7cxMaAcCLu%2BPexQXMpOZqdK9Vbh8wcqDeCyDEwKYgIAEe%2BH1hJCWnGhLJOOpxmozflVEhpKpPzJYci2m%2BgSms%2Fzzomwb7MgAHQpxTrmMxdKFQGBsXRSjh6OnHBknT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b8a8fbf407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11893
Md5:    7b1186c5b83abf23aa1554194f6ad4fa
Sha1:   429ee1d15f6fae40d705374461e3837e5dd7143a
Sha256: dac03612c4ed9b01a8e6c28653e094328ccfcf3c8ab42df03755fa80effb658c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4140
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:48:03 GMT
Last-Modified: Sun, 18 Sep 2022 19:39:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4141
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:48:04 GMT
Last-Modified: Sun, 18 Sep 2022 19:39:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /upload/vod/2022/09-18/13/4uiavexse1e13014uiavexse1e366083.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 11173
cf-bgj: h2pri
etag: "2d70d1ba1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpxK%2FekSMAfpHB09ORgk7IrfPANb1aQ0BFK3npZ7p2U2opOJV4A6%2FFGPLQGS8HOw1BVgIaCH4WwO%2F%2FeFISeWaMOYCSovsn4Fndu1nBp9fw1HQGdbOpiNPV1poSi1jgwupn1s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b9095df407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   11173
Md5:    c6c2740b98e24a084d2c0e3a1f6aa5a6
Sha1:   bb196ef8c9cfbf510c9619f19352b7344e4cd1cf
Sha256: 3293b06bd92b3faa45f43d3bb815dde713371b2c7b18acedeb7633de22439305
                                        
                                            GET /upload/vod/2022/09-18/12/2c1vunkmmgw12262c1vunkmmgw395855.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 11979
cf-bgj: h2pri
etag: "c94a1d916cbd81:0"
last-modified: Sun, 18 Sep 2022 04:26:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJXPYLlpuJ%2FLy%2FGtOxQHcgkUac6p4UGcY64C7r021ejoGWxzjEiSlqR%2FO8IZAUqUO58UGnfuiwwcNwyy7oy9ObyWwyNu7qaE14M8ch6gz9b06FNke%2FVE4ZIy9h9GmqhCACdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf0b8f93ef407-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11979
Md5:    81e0a87673f8ab33229951140a58b1eb
Sha1:   b8a3ed0e359e02b33fa80135d3e0a340365947f4
Sha256: 017961c2ac85bb30a3262ae2e1c0bb950e2e501e9fc255a239aba9d252355302
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B7645E554AB0D3561939B51FBFE1DD16E953A2C3ED90DC142E142DDACC97303"
Last-Modified: Fri, 16 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Mon, 19 Sep 2022 00:56:33 GMT
Date: Sun, 18 Sep 2022 20:48:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "29BCDC85B935C3E50ED429776048A5078A3312BA7B8F5B84A9E127BF974FB5EB"
Last-Modified: Fri, 16 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8076
Expires: Sun, 18 Sep 2022 23:02:40 GMT
Date: Sun, 18 Sep 2022 20:48:04 GMT
Connection: keep-alive

                                        
                                            GET /template/m1938pc/html9/advertised/advertised.json?refresh=2022918Sun%20Sep%2018%202022%2020:47:45%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1 
Host: www.mgsmqs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 3218
last-modified: Tue, 30 Aug 2022 09:27:10 GMT
etag: "630dd7ee-c92"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size:   3218
Md5:    82824af6b9b6b5f4af4c324cbaee3af1
Sha1:   6749c6b517225d41ff1d611fce32e157d2829bd3
Sha256: 8861a70718411bed741d32f7e6fcf43eec49f7df095ba2f3bffb77fbb634338b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F5D1896A8CE4D72B47A97C9A9EEE775E2718322431D99570F702E3FA15840575"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Sun, 18 Sep 2022 21:57:11 GMT
Date: Sun, 18 Sep 2022 20:48:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:04 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 01:06:42 GMT
Expires: Fri, 23 Sep 2022 01:06:41 GMT
Etag: "5c2b7e48584cedd28dbd37152e3189daeca72458"
Cache-Control: max-age=360516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf0b8ee070b49-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95F1A7756EA6013BF074D60CFC5D5D5A6C735ABD76CE6BBE31D3A5015108DCB5"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19850
Expires: Mon, 19 Sep 2022 02:18:54 GMT
Date: Sun, 18 Sep 2022 20:48:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:04 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:55:48 GMT
Expires: Sun, 25 Sep 2022 03:55:47 GMT
Etag: "f15f202dca24527d3476d6a0c9cd5ef5799a3ee1"
Cache-Control: max-age=543462,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf0b94bceb4f9-OSL

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:04 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 17:35:25 GMT
ETag: "30d773a389d01ec5638785fb9d843e2480b65393"
Last-Modified: Sun, 18 Sep 2022 17:35:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2638
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ccf0ba8ebab50f-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    0f9bf0f8f9e7d8d231ace960803470df
Sha1:   30d773a389d01ec5638785fb9d843e2480b65393
Sha256: 71824923b4922e933a61e8992868c36ae533202e9207b5aba668a1bc7923f430
                                        
                                            GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Sun, 18 Sep 2022 20:48:04 GMT
Etag: de1addf146bc3eec725e9212e3f65974
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1231ADDAB2141E1E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    47b7e3775ef26e0ee24852c5885600d3
Sha1:   4401789604d494b6da4baf9a58d9209be00df4b9
Sha256: a65b8ac1865944840a58e9f2e76957e7ac6497802a2cf3b0da0febf248eb23ce
                                        
                                            GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Date: Sun, 18 Sep 2022 20:48:04 GMT
Etag: 418c0250322e1edc1016320ee9011db7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=43AFCF865501CEFD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   11343
Md5:    4a3e3b3756933c882d674ba9d90ed50f
Sha1:   ae14bd603afb9a9bcdf9bed3209bc186a411fcd7
Sha256: eb7015fb27eaf71aa1c3a0405b851b01ec924aa97b9a464f898535b4846c6341
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:48:04 GMT
Ali-Swift-Global-Savetime: 1663534084
Via: cache25.l2de2[486,486,200-0,M], cache25.l2de2[487,0], cache2.se1[509,509,200-0,M], cache2.se1[510,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 18 Sep 2022 20:48:04 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616635340840086325e

                                        
                                            GET /get-image/0xmAGT9KS9C HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         163.171.140.79
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 63278404_PShlamstdAMS1se91_29246-3534
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117593
Md5:    c4caa37b717580e8594587f32ca86470
Sha1:   a645ec82581a0b18f67444b62a062059adf78aa6
Sha256: 208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C2B722FF1BF12ED564327512E5DEB8DB25E6789987450B117CDC4947AB81763"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10261
Expires: Sun, 18 Sep 2022 23:39:05 GMT
Date: Sun, 18 Sep 2022 20:48:04 GMT
Connection: keep-alive

                                        
                                            GET /f6bf20b8c7c04cdf8a46c12e407354c2.gif HTTP/1.1 
Host: u0083.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.24.204.162
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 18 Sep 2022 20:48:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 07 Sep 2022 12:06:34 GMT
ETag: W/"6318894a-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   105623
Md5:    d8672cb6c77971420eaad2e23cb983f9
Sha1:   6879e309a3a4f5aa253be7d548c7ead34ff50a3b
Sha256: 3c1f6314f621b3defac9f81ff04a387b41aa4213357eb15bbc3fe4c29c271c7c
                                        
                                            GET /image/1-640X200.gif HTTP/1.1 
Host: uu99k.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.145.196
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Sun, 09 Oct 2022 21:42:18 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117717
Md5:    90a809e02687e4f28872e33f66cd33b1
Sha1:   e878a5b152fd19e45108395805b9f3176b5fbfd1
Sha256: 3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
                                        
                                            GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Date: Sun, 18 Sep 2022 20:48:04 GMT
Etag: 2e8d1aadb44f3597aad5e652a8c8d7fb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CC1EE6D200D8A578; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   11343
Md5:    69327258c54bfa077aa0b9272a439e6d
Sha1:   8cecbb570afb4d8d5dd32eb1e891806e68b59c4a
Sha256: 27b53b59773e432bbc2c1a42c758c74ab17efd5579d12c87066c2368e401473f
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:48:04 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 21:58:06 GMT
Expires: Thu, 22 Sep 2022 21:58:05 GMT
Etag: "6efb213f41e3f8bc5e2b777410a2875150838521"
Cache-Control: max-age=349200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf0bc8faa1c16-OSL

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1749829835&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=59161&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgsmqs.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 20:48:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B715BAEB54F956F1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=910555783&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=59161&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgsmqs.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 20:48:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=91BB1FBA6C87F91A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /128/960X60A.gif HTTP/1.1 
Host: zhibo128x1.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.83.25.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty
Date: Sun, 18 Sep 2022 20:48:04 GMT
Content-Length: 538695
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 05:47:13 GMT
ETag: "6316dee1-83847"
Expires: Mon, 17 Oct 2022 09:08:31 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   538695
Md5:    79a6bd621e989d305866cf3da25f3ead
Sha1:   43ff7c41e2e6fd4a9944bb5a6ad62673c1c079ba
Sha256: f0a59f510fc36a5570a8af24e87662bca9e0dd4225f39f72f0d94881505fa4f8
                                        
                                            GET /hg960x60.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:50:15 GMT
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Tue, 18 Oct 2022 20:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   138679
Md5:    f0f206683c8403cc9c134ed746fa4aa2
Sha1:   6d0059005833ac269f9a33b50a87ed96529d0f71
Sha256: bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
                                        
                                            GET /%E7%9A%87%E5%86%A0240x240.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:50:15 GMT
content-length: 113483
last-modified: Sun, 24 Jul 2022 09:37:56 GMT
etag: "62dd12f4-1bb4b"
expires: Tue, 18 Oct 2022 20:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   113483
Md5:    06e653b16b8380bd8ff599d09204f83b
Sha1:   02c928506c30bda05419ed0220617770c435dc7a
Sha256: afb56e7d5879a7ba5561a8b3d3e7454241e51ed81aab742826b418932720ef89
                                        
                                            GET /3p960x60.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:50:15 GMT
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Tue, 18 Oct 2022 20:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   310536
Md5:    25791847d9df13fa1bcd1c1c232449cd
Sha1:   b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
Sha256: fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
                                        
                                            GET /3P-240x240.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:50:15 GMT
content-length: 322371
last-modified: Sun, 24 Jul 2022 09:37:58 GMT
etag: "62dd12f6-4eb43"
expires: Tue, 18 Oct 2022 20:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   322371
Md5:    10b590fb68b248b758ae345f3cc33961
Sha1:   9e13b8044dc3e6bfcf6156977a32403f672b71c3
Sha256: ee081d5613e4bafe5733342028b1518f676b9572319146f2197463836993391e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3486
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:48:05 GMT
Last-Modified: Sun, 18 Sep 2022 19:49:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /images/62fbb66bab3ecbe918ac81f1.gif HTTP/1.1 
Host: img.x967.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.222.18
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 480\012- data
Size:   670683
Md5:    61c09a981829377054623156baf850e6
Sha1:   5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
Sha256: 5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
                                        
                                            GET /73baa2446a9d453aa94fdaf9e9494fc2.gif HTTP/1.1 
Host: vesdsp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.170.15.45
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "63188936-6cad4"
server: nginx
date: Sun, 18 Sep 2022 05:11:44 GMT
last-modified: Wed, 07 Sep 2022 12:06:14 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-35
content-length: 445140
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   445140
Md5:    8dc9eeb6e2f698ff336e098bf7c002a6
Sha1:   5be86ef65976a88e36ad3f30fe64d700f1883e0d
Sha256: 0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
                                        
                                            GET /obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.226
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 454806
date: Sat, 27 Aug 2022 14:42:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:26:45 GMT
nw-session-id: 202208272126450102080352140A7068A2j6fpx01dy
nw-session-trace: 2022-08-27T21:26:45.540738746+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 454806
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:26:45 GMT
x-tt-logid: 202208272126450102080352140A7068A2
via: n204-097-238, cache16.l2de2[0,13,206-0,H], cache4.l2de2[14,0], cache4.l2de2[15,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015f385d3fc56128f1a4291cfc24ba5beb6bb050174f8a4bde30a2f8504ba2b81d1af23526cac1a55c0544ba65e9a8f06af049aa6fb10d31566b09af1a690e91ed58ef22652af931b4a5db136e17599b70de2d2d794a56a990b6237e8c4a9c7dfc
x-response-lb: image
ali-swift-global-savetime: 1661611346
age: 1922739
x-cache: HIT TCP_MEM_HIT dirn:3:39098984
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31190969
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816635340850471117e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 480\012- data
Size:   454806
Md5:    a2adfb182a1e1629ab484d90b72f23c8
Sha1:   0301a7d9e60d54dd13e1cb528a0b22546790c026
Sha256: 7bcc06c7b13d9e1ffbff6e5b627b209b91556b3dcd39c8181f99548f150fc89b
                                        
                                            GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1 
Host: n7181.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Sat, 20 Aug 2022 16:18:13 GMT
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 683474


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   683474
Md5:    ba813a4b9580b3da278e68a1c3e3a954
Sha1:   6d843c3c02ad3270abd575c460ec26ed615578f4
Sha256: 574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1727224250&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=59161&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgsmqs.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 20:48:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8425A713B206AAA2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /tu-pic/240-140.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Sun, 18 Sep 2022 17:20:56 GMT
etag: "1663532414"
expires: Tue, 18 Oct 2022 17:20:56 GMT
last-modified: Sun, 18 Sep 2022 20:20:14 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 149597
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 140\012- data
Size:   149597
Md5:    f2d3e1a6f8899994610ab814f64bf078
Sha1:   9523d6eba5dd1ab466b5b2968d5d6231161e6ae6
Sha256: 06e958cd3720c7f7afb07142bc76c2b531df3aab1a58ef6d5f3a789f3cad0177
                                        
                                            GET /img/96060.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:46:23 GMT
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Tue, 18 Oct 2022 20:46:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   46855
Md5:    2b9c30b086d03d90a45a9174aef7b408
Sha1:   e87dbe76669e2f402826dd598bb047d793b1e20c
Sha256: f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
                                        
                                            GET /img/960160.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:46:23 GMT
content-length: 165614
last-modified: Mon, 02 May 2022 05:20:34 GMT
etag: "626f6a22-286ee"
expires: Tue, 18 Oct 2022 20:46:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 160\012- data
Size:   165614
Md5:    499d402cf727956bcdb1a229ff10c05e
Sha1:   95bbdda00299532dab6ca13cec744d21c0f7ae26
Sha256: 20be363fb9c4cc867e6d5467daff447c1e9aa10feabda9fd943672b6672aeff9
                                        
                                            GET /img/200200.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:46:23 GMT
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 18 Oct 2022 20:46:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            GET /admin/202208/630634f18a75e.jpg HTTP/1.1 
Host: images.xxootv.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.207.13.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Tue, 18 Oct 2022 20:48:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Size:   25706
Md5:    003320de6bd2223be46a8d7e078a0a45
Sha1:   fc08ff33a5d7080674882770038a92384a1bc366
Sha256: 7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /gg/960X60.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Sun, 18 Sep 2022 20:48:04 GMT
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 63278404D0409B30375855E8
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   95856
Md5:    57557d6b489d522d480d9b82ce29db65
Sha1:   da2d3b35f0c9534e84e50310aeafe73173037315
Sha256: 4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
                                        
                                            GET /img/600400.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:46:23 GMT
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Tue, 18 Oct 2022 20:46:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 400\012- data
Size:   304522
Md5:    e0a34183ace6e0dff373311780daecf4
Sha1:   48e4233e415d464e22ac1ff3d2135d20e4c31eb8
Sha256: eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
                                        
                                            GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 30080 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 99e21353-af89-4dad-875b-18abbfaa22cd
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 200\012- data
Size:   177086
Md5:    be83c16833e7818983eb893bfd657c71
Sha1:   0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
Sha256: bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 121197
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:24:44 GMT
cache-control: max-age=2592000
x-delay: 24016 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 121197
chid: 0
fid: 0
x-nws-log-uuid: 8f6d6c53-092f-423c-b008-3a0b8297c527
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   121197
Md5:    c333d9318beb5b59bc7fd1dbe71ed7f3
Sha1:   7f59fbc05d4302bc5768755ed10aa58932bf8c7a
Sha256: 58ae8f93dc8f4805de239cc27796b1a97bd67acd9ef72cd7f0ed73119175d4f5
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 325 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 4ff18ab7-60ea-471a-b258-74ec8fc3b7e4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   688878
Md5:    38adb06da8d7db34d62dfc1760cda2dd
Sha1:   862c5ecedd5add094b8dfb22c3087b09493a312a
Sha256: 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 1296026
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:22 GMT
cache-control: max-age=2592000
x-delay: 565 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1296026
chid: 0
fid: 0
x-nws-log-uuid: 60d19974-7a6e-4b7f-b5af-501b0defde57
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   1296026
Md5:    5f356028e5e94176f56a75568e49ae20
Sha1:   3796c4c950687811a1d1f80fd9e31e718bda0f85
Sha256: c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 477 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 9defc51e-9451-428e-bdb2-3c9de9f477f4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   988610
Md5:    4145292e4c977dcbc7b371f460e08cf2
Sha1:   c8025e36c672a4240da49f73e80295b42a71b274
Sha256: 3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
                                        
                                            GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 619 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 4dfda7e7-697b-4925-b9ee-580b942983cf
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   1362871
Md5:    b43c54ced7fcd33ebd9405eb26d533b7
Sha1:   05e5eb23ef5a79364bc8f8fd778d54a9fa335174
Sha256: 7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 225 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: 1f354c12-069d-477b-8c3f-529ddfa74fd8
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   456390
Md5:    24f8d711ff99c1b9e8eda597e520496d
Sha1:   0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
Sha256: 9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 20:48:04 GMT
content-length: 2668995
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:04:56 GMT
cache-control: max-age=2592000
x-delay: 143214 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 2668995
chid: 0
fid: 0
x-nws-log-uuid: d4a1b34c-74df-4965-8f94-5ff784a1f7c6
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/62f786e81cd529cdb973c2b0.gif HTTP/1.1 
Host: img.cuphf.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgsmqs.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.228.34
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---