Overview

URL bud.studyspot.top/
IP104.21.13.73
ASNCLOUDFLARENET
Location
Report completed2022-09-23 12:42:44 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 bud.studyspot.top/ Malware
2022-09-23 2 bud.studyspot.top/imgcdn.php?pic=aHR0cHM6Ly9pbWcuZnJpbC5qcC9pbWcvNDY2OTY3Mz (...) Malware
2022-09-23 2 bud.studyspot.top/includes/templates/xt-ty-117/jscript/headpull.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS bud.studyspot.top (28) 0 2022-09-23 02:26:36 UTC 2022-09-23 02:26:36 UTC 104.21.13.73 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 08:34:06 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.43.58.150
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 07:14:46 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 143.204.55.25


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.13.73

Date UQ / IDS / BL URL IP
2022-09-23 12:42:44 +0000
0 - 0 - 3 bud.studyspot.top/ 104.21.13.73
2022-09-23 04:42:29 +0000
0 - 0 - 19 doctor.studyspot.top/ 104.21.13.73

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-09-28 06:38:24 +0000
0 - 0 - 3 infinite-stars.net/files/vida.exe 172.67.160.101
2022-09-28 06:38:21 +0000
0 - 0 - 3 infinite-stars.net/files/drop.exe 104.21.66.135
2022-09-28 06:38:20 +0000
0 - 0 - 3 infinite-stars.net/files/clip.exe 104.21.66.135
2022-09-28 06:37:42 +0000
0 - 0 - 1 pastebin.com/raw/BXAuE52c 104.20.68.143
2022-09-28 06:37:35 +0000
0 - 0 - 1 pastebin.com/raw/p96U1UpK 172.67.34.170

Last 2 reports on domain: studyspot.top

Date UQ / IDS / BL URL IP
2022-09-23 12:42:44 +0000
0 - 0 - 3 bud.studyspot.top/ 104.21.13.73
2022-09-23 04:42:29 +0000
0 - 0 - 19 doctor.studyspot.top/ 104.21.13.73

No other reports with similar screenshot



JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (43)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9097
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 12:42:33 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 12:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9iuM8O0ll8kjdGBu1AUSrYqxV_IUBCapSJ3RCzSb28f9WZfscXQPCg==
Age: 1707


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GwtXLygpPB8DNRMh5IJ4EJnziBTKAqzbjvT2kA7XjjM5uT3HFYEB5A==
age: 29240
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:42:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 12:27:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ViguvklAxLw3BGC6qInw7JQGZiWUpaOhdn7p3yj9lCWCRA4gx2oVGQ==
Age: 2352


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.13.73
HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 23 Sep 2022 12:42:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: zenid=48mtcq6ji6aqf1gdsrsa01cf15; path=/; domain=.bud.studyspot.top; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsVC05KThWVMcN69WCNbJOBGPqO2UoOZz3dX%2BCFFqP4RtuYxtovTxr1ogd%2F7Ja8xMszw21JARfihMp%2B7owy9lUPHta8RPgKXkMQ0pu9dht8gD934teVmVOEGiPHMW5DS4VMx1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f35c68eae8b4ee-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (481)
Size:   11221
Md5:    c12d781c8b846148e73a89ccc0a44ca7
Sha1:   d56363434889bedea20c05431cf4a5a30a8ae4f4
Sha256: 41fdab65ebb40130fe7726d087178ca69493f5ec3e25ea0a4c638d87b5f0963f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4256
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:42:34 GMT
Last-Modified: Fri, 23 Sep 2022 11:31:38 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /includes/templates/xt-ty-117/images/top/logo.gif HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/gif
content-length: 2707
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-a93"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWmGWwEmPxCnBfMAagntZ0%2FL1CJ75EG5hXwmQt0tz9abjLPyB%2FdfE40v1LT2UxxFWTCj8AGoAF2D7j1%2Fp8gagArL0hImKZ14WCNm%2FmqWl%2BfKqfISN%2BnHxvrOOwkmHZJBcr08HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f3b5e0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 201 x 76\012- data
Size:   2707
Md5:    f56c4e8d60cb05559b143e4875ccd96c
Sha1:   d225be1590ebfcbf61ea215d48475781c1eda87b
Sha256: bf20dcc4c81b9207041e5fbad6758ab401656a19c476e098a322bf448dcdba87
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VKeYwuZz/RVJnhg9hxduPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.43.58.150
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x3QQCMX8984QEY5wrGPHc5sYL3Y=

                                        
                                            GET /includes/templates/xt-ty-117/images/rank_1.gif HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/gif
content-length: 2024
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-7e8"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HNEUk2dcUmaNLffm5okXhyFfuwZrxUVeTLGbo07NADhHkCA5d09T6vcwI6wK1Z769DnBSd0OWz%2F60AbEpWqRFQeBjLykKSfI9%2Fmdb2B5Zgv%2BTQLcrCgpPq5IqxgrXC2rrlUYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b890b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 39\012- data
Size:   2024
Md5:    c9c1a377b2465fa88eb90f7f21fc4943
Sha1:   c329224a6ff30a92cb75e8d055d12185c30b54c6
Sha256: 0362db86a76badda7ca8dec6954d760c2bfe7b5c3e438682ff3213926d5a5c08
                                        
                                            GET /includes/templates/xt-ty-117/images/left/ft-trampoline_thumb2.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 17043
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-4293"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6liLCezuGQj8t52jUCbq0rMutaU6xJ0LtvhTq50ubGA%2B2kQ0mcbJvDABxirciM3jl6fCB8juYm2POMdKiVYnF5DFSwacxm4MvXFAVTRVADwVZ5cnJpGIassEDG5x%2BFmMtmE4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b8c0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size:   17043
Md5:    08213595356947ca098a0d28ed44906b
Sha1:   cae3be8575fe20de9c2aedfc7c01435165df021c
Sha256: 44d001bc2845f97c48e3a66af308900b416954f7095091bab261309748aee277
                                        
                                            GET /includes/templates/xt-ty-117/images/left/imgrc0069132490.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 23297
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-5b01"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flC7tru0lVkJOI6rbatm36sk5%2FFClKByKiQYyHurw%2FlPbmqoN4mjJVJ7krbGU9e7xS4txKKVPj%2BR7KvRhofSfpN7pjWeMSBzEkGmGXzyVYZCO9YPvt%2BCHtUDH22hTrFbTj5Dew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b850b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 260x90, components 3\012- data
Size:   23297
Md5:    a54c2a3d772618a5f0b5c6d8ecb10793
Sha1:   0b2ab0f703e6835960fa3565d492e830f742469b
Sha256: cadd0f292b187c82b46c145d2369d8a0de329a5948a3752881202bd12d867ac6
                                        
                                            GET /includes/templates/xt-ty-117/images/left/18aw-2_l.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 25944
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-6558"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa4d9kgWiJk67XPSVeYe1e38SAw7XJ3M2NboDeYmkpkdmtPVrtem7vFEYyD4V8Gea%2FIkf%2BXFAD%2FoU6gkyTiJmubEjta5L6vvG32V%2BWvES8iyya9erIID11ui48CviWrmBrNN%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b860b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 160x300, components 3\012- data
Size:   25944
Md5:    e48c546fd336b2e5f2b09394a3c121f8
Sha1:   9548388f4fa597d4cfe74947d5dc1eff921b030d
Sha256: 8a7107f943fdf2cc69f57c70d91c66c5bc1f30b75123ac21f29f04fe9c2b1803
                                        
                                            GET /includes/templates/xt-ty-117/images/left/carrywagon.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 35921
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-8c51"
expires: Sun, 23 Oct 2022 12:42:35 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9s0yA7EGGQsjh2EFx28XUGk7wmkxAMtZnkJs57%2FEFzrNiQ6hhsQdz8%2FpRabEFKgdFN1a6qJCu0Lajxy0LKSLs2cvSjbWvrv3sIiNkRufBR10PN%2BF8WRxcDFqSwtqYweQjWJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b880b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 180x250, components 3\012- data
Size:   35921
Md5:    b9e0e375e4f60032439315306393ec0d
Sha1:   1a56168fc55c001832e3e5807cbf8d7a9eb11c81
Sha256: 58732ad79fc4b8370a9d1c74b6c3618ad19ccb62c0f32d0bb78687af9e3cfaf3
                                        
                                            GET /includes/templates/xt-ty-117/images/top/brandbnr_air0821.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 43841
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-ab41"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsLMHuKm59h4Pwz%2BEEVgHwtbpCIPsciGlB86g6CRZHn7XfKexGgvU3itgZ8Hf%2BYu0Uf5tYmLhLKEL9LoX0JAh1b%2FANIksnGDreJNHNkQULC87Ih83XW%2Fzn8GKpTaxJAzsCCaWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b840b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 310x200, components 3\012- data
Size:   43841
Md5:    2c1215e150d15bbf1f72a10311557a1b
Sha1:   436c9918da7d5afd80d19448c82e8b47f2fa5288
Sha256: 9bbbc620271814f9d3bbfc563ce42362502dbea25962b4694f82220e02c66f5c
                                        
                                            GET /includes/templates/xt-ty-117/images/top/brandbnr_exa0907.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 40731
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-9f1b"
expires: Sun, 23 Oct 2022 12:42:35 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alxB5W5HMCHV1fgcJZZY7FulAEZ4m1gXIiUDOFQi5GXFNBvZxY45sICivizMYUKc78CRPVzGT2P4YqRjiHKgMm0q5pCHspG%2BS1Tb18tJ8A2tzbVLGYUBsuPi8Hu7FPzAdvMz5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b820b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 310x200, components 3\012- data
Size:   40731
Md5:    fc61ca606d150fa4d106192cf22c1a26
Sha1:   605b643cda469e3466132bb5a47705e4acda4dc5
Sha256: 23830235162cb61982179cc6b8f5e6872c33e7f544e62ebf6616c426c0279341
                                        
                                            GET /includes/templates/xt-ty-117/images/top/brandbnr_oct190222.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 50687
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-c5ff"
expires: Sun, 23 Oct 2022 12:42:35 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Im%2FtCzeHmd1jLJ26oAg%2FeMLaB0Di9N6IOJTB%2F9dTWdXDDZfsd%2B0nwWPPthoS%2FD9%2BslvYUca%2FQbVVz1dGez4LofpeSU6fq2n8NhZooyk98aMFrlQtzZIo3i33wkPSiXyyHuv7qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b830b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 310x200, components 3\012- data
Size:   50687
Md5:    49762ed535cfd3aadb5f78e380d03147
Sha1:   8a4b55c52d32fce7372da51340f14eb0e7681d42
Sha256: ef821f2ba93ba0ac3dbaf7e4ecaad6f39f4d4c7b0f0ab347cd9e2f3888e45f18
                                        
                                            GET /includes/templates/xt-ty-117/images/left/imgrc0069510400.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 52435
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-ccd3"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBMs6SQp6wKTvmmOCXyQ41bSya3i8ujjrRtG0d%2BoaAtXwc8qz94pz7U3O0wFP31mafvxCXoNRObRsoKjf2xlPVDq1YwbzQQ%2FoPisyhDvaBEuldvv0UnmAhtIqXY2NMfMGM5MKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b8d0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=220, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=251], baseline, precision 8, 251x220, components 3\012- data
Size:   52435
Md5:    f663ee459c86181c44cead00adfcb9e4
Sha1:   ebc8948ffba5ab16cc2c300d1ebf5a9bd96b7aeb
Sha256: 8a3e338e8c0a6f87e2518d2a2fd99be07fb598d7b6185843954ef7c97de2891c
                                        
                                            GET /includes/templates/xt-ty-117/images/left/imgrc0069510406.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 61216
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-ef20"
expires: Sun, 23 Oct 2022 12:42:35 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJsVMzHMFOHwSs0L8Aav2q46wIFZd5UscseuNudm0HqH4ClYXiU2EDeLBVjO%2Bcz%2FptL2olSZM8jrNFGxzmBmoilwsHhDbMoCC0ZHsyj6i6GXt9wBceW2nEay2ANKW2m6NoFiuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b8e0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=220, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=251], baseline, precision 8, 251x220, components 3\012- data
Size:   61216
Md5:    d352b705409dc01c77ef07039f00cb81
Sha1:   9f34e7f6e321bce77a27a913a77fc4c0927f8fd3
Sha256: 59b6da9064fe7bc45ce354ba9a93a8b468122837c36f22001c91fcc6b14bb751
                                        
                                            GET /includes/templates/xt-ty-117/images/left/imgrc0074048419.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 81088
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-13cc0"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APKdpb8DwuMJRMXszZ7UPMlYiiU3Oy9U%2BebKZjysOP%2BO8Myzaxj8c46yEkJiZWQT5CPNAD%2FdhvhqXlGpRkm%2B2ECkNv5syj8vD6iA5uUK4ptkirVn4LFpBJF8Z5Ak2yiE6zPonA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b8b0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=472, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], progressive, precision 8, 350x434, components 3\012- data
Size:   81088
Md5:    70cb9fc55cf693e8be570ab605509146
Sha1:   9ab8cbce9e771486c57a282231326f71de825a11
Sha256: 7d3683cf29c8db58981b51cbac0133a29ad7b16afa5b86e4a6af24bbb397b11a
                                        
                                            GET /includes/templates/xt-ty-117/images/top/brandbnr_om0719.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 125759
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-1eb3f"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gzkg7W4k%2FNMxbsOt7B6IKd9CECnQi%2BekbV3VvQOmeyLJG1CzgejICOq1GatEEMCUX3BYJoWhxW3qtGHscETVjibR144HKIPho7Rz7PHqnN7UaeosFPMoPP%2BIBt7Kb51BNf9XJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b810b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1095x320, components 3\012- data
Size:   125759
Md5:    2097f687a168e0f01dce099f4c377c8a
Sha1:   6ae0b8c10360744cc3695ec1b75d99f820d71857
Sha256: 7cbf1873098521c362d8277f63435b628afc8626f7b61cfe471e8c7b67f64c23
                                        
                                            GET /includes/templates/xt-ty-117/images/top/bnr_medilift0718.jpg HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpeg
content-length: 211616
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-33aa0"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x151lLgfTRyxf7Si8RZIgOEtR%2B%2BdkQxPxOaA51zINgliEib%2BdESJOZLDZFjQ2q4Awi7U5gQ5jbhTtlVcEEjjnC9m66RTesg6vp%2FcrIo9xMk2di8FIA4SFwh7AflmXJSwJHeTvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b7e0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 980x440, components 3\012- data
Size:   211616
Md5:    1d61bb7acf79eaccf6c08d29c3041176
Sha1:   51d82b69ada1560e320b9b3f7fd37b95cf5c3435
Sha256: 67ad7589f96b5ed4614a6f8377f13e1c2b036e8e16792ae40daad34d18214746
                                        
                                            GET /includes/templates/xt-ty-117/images/top/ss03_bnr_980x440-1.gif HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/gif
content-length: 590330
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-901fa"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMDmUuSB24VXx5OPcgw5uis5Khf6MOum2EOgLfdGSpNtN7SaNczIGG4ABBeVCpbETKcvZ7w57%2F%2F8OTB%2BgWyIUKpjkZ46M0u%2BIVjWCOBLCgjoSa5gjTmjRoqyiHAu%2BFlXGQKUVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f3b5f0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 980 x 440\012- data
Size:   590330
Md5:    4cf327e7788e2ceffdef7449d2d94876
Sha1:   2f0e8c81b109381e34d62912df7a9fe508f7134d
Sha256: 7196f4c47f644e192dab5f60ded5aaf139c636fa0d77f70fc0d39e94e180e080
                                        
                                            GET /includes/templates/xt-ty-117/images/top/bnr_201810miniwallet_main.png HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/png
content-length: 471151
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: "626b9518-7306f"
expires: Sun, 23 Oct 2022 12:42:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Fsa%2Bf6dbLcqJj52Q4J3SizU1W47w6dQoJfTHQ95SQqAB6DKhhXaTZLa%2FQrR5QPK1kBPg4ToKpMJjWVFTu%2F1iSX3n0TlfJ0MCZTyg0NpTYO%2B5hytRCqHKNQSO1AEskPV7tI%2FzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f4b800b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 980 x 440, 8-bit/color RGBA, non-interlaced\012- data
Size:   471151
Md5:    25f37360932b764fc5e187514b3647a1
Sha1:   da93956690f9fc08f0048aed716cdd4e10a241d6
Sha256: 776fad7397874cac773b4275e2489b673ee1929f2c58dc6642103fafccfdde8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6177
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 12:42:36 GMT
Connection: keep-alive

                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet_cart.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-2192"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlUJu7PymnZLdt6XzAGGCB3xgK0d0njqcNBz2qfRfamkb4HJtfcED5DnvCtdIxKKlaMYX9RnkxsgBDtSwqJTSfNrcH0OiOl9pttkKFcTF98I%2BQPM%2F4k4VdX2iE3mNfucC1vhEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f4b8f0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (809), with CRLF line terminators
Size:   2896
Md5:    46aa1458885a5afd2dca54d002f7c9a3
Sha1:   247eec211959887f2a477870ecf4155999a57869
Sha256: 7716d41b3bf972cf664915808e5570214ef8468c4c161daea96fadc4351910a2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6177
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 12:42:36 GMT
Connection: keep-alive

                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet_searchtop.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
etag: W/"626b9518-37c"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRz41VsqvxpzOkupp8JNQBzGdWeMkSNbeZJ8Q6loeAVuOhXoyFLHoplVyBeNisOXgR9REuG2waPiz7%2FxDgHsdOWKX%2BB%2B6GbonqyPEQ9dSLwmLT1pdljodJt9fgv46GZw4StmiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35c6f5b950b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   883
Md5:    534dbfebfa98e322cdd2c80c4d6cd4da
Sha1:   99957c13f70ba06ca8892898577f6798239d54b1
Sha256: 44b25111ac18ebb79887937173b68e00275426d7c82276087f5a7e9b411fa472
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 52248
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14579
Md5:    f10a12719b387d176497669ba75f0acc
Sha1:   16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
Sha256: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 52269
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8497
Md5:    7606ff88f05062b66970d9805f38987a
Sha1:   d47db5fcd83023b4a8de40a47d4510e183de387a
Sha256: 20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:08:25 GMT
age: 20051
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13000
Md5:    634db5bfe2b27e608c3f3518b0c44ebb
Sha1:   06f5f63e681d711bd68626805c5dd2b902ebf9cf
Sha256: 935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 52508
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 53654
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 52270
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bud.studyspot.top/

                                         
                                         104.21.13.73
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Fri, 23 Sep 2022 12:42:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Dec 2017 23:11:02 GMT
ETag: W/"5a457a06-1536"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeTLpK9ZsYBg3SzcEPEdeYJnqz6nRoCde5XHS9kzEByJ1XmXIxrZ6qbBhM0GnLkciLrbZAK0EBVLIltfN72NqpRCzWoHS%2BG0pMEofyhiZHUep8SXcuVkNvuc%2FtHP8t2pV1m2RA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f35c77de19b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   105
Md5:    f5755be425622c647f7b1bfc46c779d9
Sha1:   1f51e79cef0a25e8d04783b4e0a7660b76b6f657
Sha256: 24bf4d92ad9b12374ae1fe9ab145e89e62c3953c5c6274dbbf017d2574ad8ce4
                                        
                                            GET /includes/templates/xt-ty-117/css/headpull.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-17b2"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqL88Cc0Xo%2FS8vWcZTW6L4WMdRzsissIOJouXjawUwbOKjq%2FENnFjq%2FePnx26e6YPzy7RYtu8JSQUk2z41Y%2F1lnMZ8eerqpJeyCencY%2BTj%2FJwG2zKyOpJ5uPSD6XAOYkF8R27g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f3b5d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /imgcdn.php?pic=aHR0cHM6Ly9pbWcuZnJpbC5qcC9pbWcvNDY2OTY3MzE5L2wvMTM1NjIyMzYyMi5qcGc/MTYzMzE0NzA0Ng== HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: image/jpg
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmpwkhkTcSsUGlEJ66hxhyhQumIrkWfY59rlHPEQV8UjPwF%2FlgXPzZq1FAMXrX2vPH6GmBZIxTxIJgeQUYBhyAdUjympAZO5Si5%2BWUJ7PR6OQCm6ecXATveP%2FUnqP%2B8MFGkU%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f4b8a0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet_tm.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-43fa"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iigAi1IXqdSgehxt7UDG8x%2ByX0%2BohTO2rg3LEn9WEwcTuLj1qoO3FR2EE%2ByHhcpaHYFWbqDKjTxpijdaiRpj7H%2Bj0NalnBOymp8zOKpI6URDwR%2F%2FwtV3y0HX11KvQftrkf7tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f3b5b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-620f"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKXKurx8X1Zhk1NUfgx9oAz1Gp3814WOjidqaXBO7SrRfWJNXSa3Py7Xcyu2q0XcG1STrUE5Z2rZJFqBRx4ymnslGoiBZ7u89VIEpXhA%2FaYusPfJkKrLbtmePSChhfGbDJPkuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f2b560b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet_related.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-74a"
expires: Sat, 24 Sep 2022 00:42:35 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHJiL1j9pSDqDez7fYCbKgciAxj4lu%2BAXWLgfgOP0I3ecVnXErLExx0l4QBjo1R0tn2alkfngiPYqSvz5JHlselXDSl6cuBwL6zgM8cOpW4R%2BBFca1a1AfTGridbmeKqsyVZYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f5b930b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /includes/templates/xt-ty-117/jscript/headpull.js HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: application/javascript
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-2c82c"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo8wur2JWTfZOuFFBkSk5C0RKzCVFsn8%2Bxd3kfeD0T04cu0QwcJ9XIJeGUwCzUEube5qqXWMIxbVHu%2BnnbGJWLxHkNs81R46Lpk1%2FHHJx5ChRJLF8zEddA9DhR2tUwAeNIQe2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f3b5c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet_index_home.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-d53"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTTcFgOj35e0lb8cQrz5i303UkNELIyPZWMErYHfkvfBQPDYYZDMqwmSfGHwegjB7hWgsdNvHsG63WY%2FqhotkK4kMThH0P%2BesIKOoG4PpgnkeR0bohw0Wvj8g5hWwfZzBIkMeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f4b910b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /includes/templates/xt-ty-117/css/stylesheet_css_buttons.css HTTP/1.1 
Host: bud.studyspot.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bud.studyspot.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.13.73
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:42:35 GMT
content-type: text/css
last-modified: Fri, 29 Apr 2022 07:34:48 GMT
vary: Accept-Encoding
etag: W/"626b9518-7da"
expires: Sat, 24 Sep 2022 00:42:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL9UazpYGD4sLbC6NT43akCCR3gPZAY5ZF%2Bdk0vzDXkA5Ml26S4AZRZMEj30XBLSdNKn5%2FCigccgg52R1I0FJNNk57o6yPmnBha2iSPqtmolkP26o7u7KepVFESCetErXTQ6uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f35c6f4b900b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---