firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 14:37:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t0JZrxm2fMJR-g33Mi2qx7Y9G-x3QXZtIzKw0A4ElJiI5654hcyn_Q==
Age: 777
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7724
Expires: Thu, 01 Sep 2022 16:59:21 GMT
Date: Thu, 01 Sep 2022 14:50:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I7g2Omsa5gc55AoEHgk8ROIWD3loqLDwigROmB_yye2achV-jpclqw==
age: 48921
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mftwh.com/
156.234.81.157301 Moved Permanently 0 B IP 156.234.81.157:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: mftwh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Sep 2022 14:50:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.mftwh.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 13:57:05 GMT
Expires: Thu, 01 Sep 2022 13:57:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xLsBT2rV5yBdy_1TrC0GDh1QTnJBnD_yLelxNHpuwgePmpB1WY2JEw==
Age: 3213
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5948
Cache-Control: max-age=154518
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:50:38 GMT
Etag: "63106818-1d7"
Expires: Sat, 03 Sep 2022 09:45:56 GMT
Last-Modified: Thu, 01 Sep 2022 08:06:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.mftwh.com/index.php
156.234.81.157200 OK 781 B IP 156.234.81.157:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash ef7693e8df7eed423c22f0163452f359
1667ba0a33ecb8a3fc7511bd0b93d1b05fbb8675
4ef2edb57589f7cfb1c962460a672ad71485d9c9c767932202382b94c0f5b037
GET /index.php HTTP/1.1
Host: www.mftwh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:50:39 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive
push.services.mozilla.com/
44.233.140.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.233.140.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KneIZ62ptZ1g4lkStLgVZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iBNf1w+xKAsSWEzDlf5EPu0hk0I=
www.mftwh.com/tj.js
156.234.81.157200 OK 520 B IP 156.234.81.157:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type ASCII text, with CRLF line terminators
Hash c63359fff41a27e16575350549edd9e8
7b374b760e53ff0424aa0088f948325254613f65
e683c45102aceac419081c1f4475c9838de96487ffe3271852ef41d73352cffa
GET /tj.js HTTP/1.1
Host: www.mftwh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mftwh.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:50:39 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.mftwh.com/common.js
156.234.81.157200 OK 1.1 kB IP 156.234.81.157:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 3b08372f4773c8e7854234aaef938077
b65315c1d4fc673034b770705bf00746f6028d72
da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
GET /common.js HTTP/1.1
Host: www.mftwh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mftwh.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:50:39 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mftwh.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 01 Sep 2022 14:50:39 GMT
Etag: "4078521116"
Expires: Fri, 01 Sep 2023 14:50:39 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=7D638FFE1CAF89332AA265958639F7A5:FG=1; max-age=31536000; expires=Fri, 01-Sep-23 14:50:39 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.mftwh.com/index.php
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.mftwh.com/index.php
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.mftwh.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mftwh.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Sep 2022 14:50:39 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12500
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:50:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12500
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:50:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fo9YF1JJrYUMp7y9uM7av78_409D9n4ZWSaeydPAH7HuQzd8vOPiRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:36:46 GMT
age: 62033
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 13:35:58 GMT
age: 4481
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gwk8Z-MzgO1APlMgvdN3-5KGdQ2K4I959yy-YdbVUD5AOZTQ0mjYhQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 00:00:46 GMT
age: 53393
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 62000
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 35494
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:45:21 GMT
age: 318
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 568ba4712f7fa16ea59daeadb046fc0e
7fc5b4b0b59804efb4adcd86b8d10a835f8e4076
cde09c868345bc2f5375a56fdddd9328df5203de7b49f97b1eec2ea6162bf027
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Sep 2022 12:32:05 GMT
ETag: "7fc5b4b0b59804efb4adcd86b8d10a835f8e4076"
Last-Modified: Thu, 01 Sep 2022 12:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2838
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed1d08e23b517-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 568ba4712f7fa16ea59daeadb046fc0e
7fc5b4b0b59804efb4adcd86b8d10a835f8e4076
cde09c868345bc2f5375a56fdddd9328df5203de7b49f97b1eec2ea6162bf027
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Sep 2022 12:32:05 GMT
ETag: "7fc5b4b0b59804efb4adcd86b8d10a835f8e4076"
Last-Modified: Thu, 01 Sep 2022 12:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2838
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed1d08dadb51b-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 0dbd8742a90fa4e962f76904e3642eed
cc89926e65a938a0e48b90fe7885e581100da18f
4c81a03332f17eed0e9fb9da8ffcb0263bd180d4fa5b1b6d4db157b6b2b0344b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 23:27:45 GMT
Expires: Tue, 06 Sep 2022 23:27:44 GMT
Etag: "cc89926e65a938a0e48b90fe7885e581100da18f"
Cache-Control: max-age=462423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed1d00843b51e-OSL
www.mftwh.com/favicon.ico
156.234.81.157200 OK 1.2 kB URL HTTP/1.1 www.mftwh.com/favicon.ico
IP 156.234.81.157:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.mftwh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mftwh.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:50:40 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 06 Sep 2022 14:50:40 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
hm.baidu.com/hm.js?f588296cc6e6e124f0a6160c9b25cda3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f588296cc6e6e124f0a6160c9b25cda3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash cef50b15e7f9962f42c65d9647c1d520
e1cf65aeb8ee8e67747c0b73ffbdbf05fb90f401
16cabe5c44a8506b755e22eeb3cc7119e55fa16ac930327fc353bebdcc42c0dd
GET /hm.js?f588296cc6e6e124f0a6160c9b25cda3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mftwh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:50:40 GMT
Etag: 5ae2edee925e7729caf8e30c8fd2e181
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4653EE30E4CEF30C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 765cb857a084f581c5f14d1576dfc23c
83adc80a25fc9efc1f67f0ad8790812468e1970e
4837e7db5220fcf1575d936a572aa16af08fd30cecc7350f3402649287babf91
GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mftwh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:50:40 GMT
Etag: 303196d8231e7bed70082b8cd53d686e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D0C6C346658A0F33; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c914d9c9066c0e31f9b6402f29f50ddc
5b9446db2bdc22e2fdc14d36daabfd13bf8775cc
6101fc18a6b403e8c47cc921e6df6bca65df6ca31415ac0b5fdf53032953d069
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6101FC18A6B403E8C47CC921E6DF6BCA65DF6CA31415AC0B5FDF53032953D069"
Last-Modified: Thu, 01 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19735
Expires: Thu, 01 Sep 2022 20:19:36 GMT
Date: Thu, 01 Sep 2022 14:50:41 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1130908065&si=f588296cc6e6e124f0a6160c9b25cda3&v=1.2.97&lv=1&sn=10706&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mftwh.com%2Findex.php&tt=%E5%95%86%E4%B8%98%E6%A9%99%E7%A5%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1130908065&si=f588296cc6e6e124f0a6160c9b25cda3&v=1.2.97&lv=1&sn=10706&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mftwh.com%2Findex.php&tt=%E5%95%86%E4%B8%98%E6%A9%99%E7%A5%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1130908065&si=f588296cc6e6e124f0a6160c9b25cda3&v=1.2.97&lv=1&sn=10706&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mftwh.com%2Findex.php&tt=%E5%95%86%E4%B8%98%E6%A9%99%E7%A5%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mftwh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:50:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A06B6D9E140D889A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1364337824&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=10706&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mftwh.com%2Findex.php&tt=%E5%95%86%E4%B8%98%E6%A9%99%E7%A5%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1364337824&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=10706&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mftwh.com%2Findex.php&tt=%E5%95%86%E4%B8%98%E6%A9%99%E7%A5%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1364337824&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=10706&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mftwh.com%2Findex.php&tt=%E5%95%86%E4%B8%98%E6%A9%99%E7%A5%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mftwh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:50:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6D2F902CD3496CAF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.mgcqnd.xyz/template/m1938pc/images/1.gif
173.231.17.185200 OK 254 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/1.gif
IP 173.231.17.185:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:42 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sat, 01 Oct 2022 14:50:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/html9/ad/zxf8.js
173.231.17.185200 OK 641 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/html9/ad/zxf8.js
IP 173.231.17.185:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash b840c26fe2ad5f5fed93a1422e810847
2e682ed0739aa6258b57deeb01e3b013edc0022d
e86ced398e2f16d4e3bc271378f9abc9961bbecc17d58ad9399733a61aa3f7b6
GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:42 GMT
content-type: application/javascript
content-length: 641
last-modified: Fri, 22 Jul 2022 08:35:23 GMT
etag: "62da614b-281"
expires: Fri, 02 Sep 2022 02:50:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ade70b89779183d32813514350a23903
571c173b9efa764b528e495d615e440fc794a441
3210e6ed938ff726169bf81d36ab8e14e24fd848440b5f499bf03e1d9e13f747
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Sep 2022 13:26:58 GMT
ETag: "571c173b9efa764b528e495d615e440fc794a441"
Last-Modified: Thu, 01 Sep 2022 13:26:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2982
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed1e4bc520b61-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ade70b89779183d32813514350a23903
571c173b9efa764b528e495d615e440fc794a441
3210e6ed938ff726169bf81d36ab8e14e24fd848440b5f499bf03e1d9e13f747
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Sep 2022 13:26:58 GMT
ETag: "571c173b9efa764b528e495d615e440fc794a441"
Last-Modified: Thu, 01 Sep 2022 13:26:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2982
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed1e4ba0db4f7-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ade70b89779183d32813514350a23903
571c173b9efa764b528e495d615e440fc794a441
3210e6ed938ff726169bf81d36ab8e14e24fd848440b5f499bf03e1d9e13f747
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Sep 2022 13:26:58 GMT
ETag: "571c173b9efa764b528e495d615e440fc794a441"
Last-Modified: Thu, 01 Sep 2022 13:26:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2982
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed1e4baf6b50b-OSL
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Thu, 01 Sep 2022 14:14:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: 85AAAAC6UCcZwhAX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1662041675
Via: cache15.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache7.se1[0,0,200-0,H], cache1.se1[1,0]
Content-Encoding: gzip
Age: 2168
X-Cache: HIT TCP_MEM_HIT dirn:11:72939968
X-Swift-SaveTime: Thu, 01 Sep 2022 14:14:59 GMT
X-Swift-CacheTime: 86376
Timing-Allow-Origin: *
EagleId: 2ff62c9516620438433205173e
fmlb.netlbtu.com/upload/vod/2020/04-23/18/yiu1vplffmy1805yiu1vplffmy0211457.jpg
104.21.235.173200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/yiu1vplffmy1805yiu1vplffmy0211457.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3a4d4a036b9a8f61c5a003cbd0809ea5
96e533d2b5a5e1127e8937ca3ab380fd8e8eacaf
fd853d782ec45bc60ca6f298bad97455184378d65e39e76d2d30aec92bcfbf23
GET /upload/vod/2020/04-23/18/yiu1vplffmy1805yiu1vplffmy0211457.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8727
cf-bgj: h2pri
etag: "8662eda75619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6VBjhegGDUKhfH2LVTvBkB1l540BkWhWKIolcKlpLLWOSBtaKNKvx3D5irtlJf7eHI1eHhD7kYDHdBF1oCs66JTsQJRZtVorz8UAFGFtB6jdUp7wyGAB%2BV%2BXDbXlkoH4gge"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9cd06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/2tspenojgr518052tspenojgr50211455.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/2tspenojgr518052tspenojgr50211455.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a24c52b3670ff9b6860ea7a087020a64
abc96ebf047af4b413fdc206211025357f423303
835d1cd829f4ad427736827e71975d92bf41efd6abdbf597d435733d57926a6e
GET /upload/vod/2020/04-23/18/2tspenojgr518052tspenojgr50211455.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8876
cf-bgj: h2pri
etag: "1c56fa75619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5868
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTdGLBhLMuFvJlMSnO2rbavDkCwUIoN6DfbbhpWO3%2FGJECyPBB1N%2FEHWQyq1jAUGV92xn4%2FWW2wkC4%2FIHB%2FoiDipixceMTxNkTLDD569ZlCEIHuVZOvbCZsKDPoCgLYr0R6y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9b906d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/yuxhvwfsdh21244yuxhvwfsdh22123355.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/yuxhvwfsdh21244yuxhvwfsdh22123355.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash aae97611ea40420d0c05ce46a6d67ccf
c33e21b5746fd363bdcc377735bb54256973f8ba
c230609ce2c575b2502c1dd99a25de92b0659b4156ed057e94cba739f9d41679
GET /upload/vod/2022/09-01/12/yuxhvwfsdh21244yuxhvwfsdh22123355.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8938
cf-bgj: h2pri
etag: "2e20d380bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXeMmp3VRoUPyU%2F9YwfOOu0Fq2o28E7adTcEM4pDK%2FagPsbnJvrenwGzhEnrgJnr%2BV8DE15ShyD6hGtcEwP5UsCek%2Fv7zAnN9%2BTmhwK9ckBxerR%2FAldL3exTXDldggEU5PzL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9ba06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/wlbu3iqcc251242wlbu3iqcc252523237.jpg
104.21.235.173200 OK 9.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/wlbu3iqcc251242wlbu3iqcc252523237.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 751a03745b93a55f2a757917dba5e40f
c78058263bb6e78adf28b0dbf11162a2c237b197
12600746558673ac592959c2038ffd7632751e23b5bb24c964ccca71a5babc2e
GET /upload/vod/2022/09-01/12/wlbu3iqcc251242wlbu3iqcc252523237.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 9407
cf-bgj: h2pri
etag: "8494c23bbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcUbmz3KPp8b4o1LQDZYEQQ0RBP5wv%2B9FpZLuVvx%2Fxs%2BDqtvyY7HmRLbrYaVN2WSYC7ll%2BS7m9ea%2FEJIa6QDBK4p2KHotRXUW0vSf8kJ0KQRIxPH%2Bv%2BA0FGxSYDjyeHbjsUq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9d006d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/2fzrxt3012e12422fzrxt3012e2723241.jpg
104.21.235.173200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/2fzrxt3012e12422fzrxt3012e2723241.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7ce23ad2ac30d9e7a0e3f739a185deac
9c9d9b894327113d48ead583638c67c021f147ce
19ef7568d60f4566e4d32817921b3a5f5158ac012d330b7b435ee7d089353587
GET /upload/vod/2022/09-01/12/2fzrxt3012e12422fzrxt3012e2723241.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 7472
cf-bgj: h2pri
etag: "4961d23cbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWH73kiLeop1OuCcjs1P%2Fd3yUas0mxK2kY8OvP%2BFYPv6cvQuNmzFFi8XbEp3Et5JARKvRSn983m849frGKRCC%2Fkubu%2FV8l1FeEAMO%2FAvza0af81OqXCwYpQyCYdy%2FvIz2Rqn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9ca06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/ufcedf4qzwq1242ufcedf4qzwq2923245.jpg
104.21.235.173200 OK 8.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/ufcedf4qzwq1242ufcedf4qzwq2923245.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2668ddff3716c2e755ca102ce42daed9
03566588950a03e4fa31b2e68b8c01edc564dce0
95ae8d376353bd6612bf3b7a515fcf0342363d04185efbdc75d6a91e5d326d09
GET /upload/vod/2022/09-01/12/ufcedf4qzwq1242ufcedf4qzwq2923245.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 7976
cf-bgj: h2pri
etag: "71e9e43dbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRBvngIXBgehBcPvmoTV8anbmjVvviHVN0ZhAxoXiCO4Aaba%2Fh0e6buYu4SAZ5sKVGlyMlXqxwnhWvydfQkOdzZyL8G6qpx0Ha5JHpmgTi4e%2FHhAlj8kXd1AF1cToYx12XW8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9c806d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/fb1wf0vallo1805fb1wf0vallo0611465.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/fb1wf0vallo1805fb1wf0vallo0611465.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3ee3b3d73dcea56585a9be17c9065890
b2dcfd77b9d47c2ca8d419268d69da9d6937aace
8a881f63444854c3c9f23e196837f6fc842b53c799fb7168be01dea58cc40bec
GET /upload/vod/2020/04-23/18/fb1wf0vallo1805fb1wf0vallo0611465.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 12077
cf-bgj: h2pri
etag: "5813e2a95619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAR%2BiCU2TObSkT%2B%2Fl%2Bmpou2p1kSLknEIzVyqRIvvI3wiXNV9ZC2Lya0ioO285jg%2FeJYtXcsbv4MtdE9T9gHSybrmdmSCy0DrgdvnYPUYaxxfxgyPkXrh8CSW1qaMU%2F4tJgIG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9c006d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/tp33jjxvg1o1243tp33jjxvg1o5623323.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/tp33jjxvg1o1243tp33jjxvg1o5623323.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b9d23a8ced2df9a40564a7fe6971e8bc
8716ac79d53d45de2b15603eeca220d3120505fb
dbc59e44b20467a2ecd136670948f2c2221d1c0488fbe6bdbdba63bc3f94cf89
GET /upload/vod/2022/09-01/12/tp33jjxvg1o1243tp33jjxvg1o5623323.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8939
cf-bgj: h2pri
etag: "38bbaa71bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5gQfhi1LyIl20yQNfvp%2B1rP11R4YhNs5Pd6v9kbYXfRpVgXM84O6Y6Pg7djb6dKryAxGSqEz8je%2F9OlOhtfFQQkaZ02PZhw8XB5f9f0RCtDmzm6%2BftdrqUeqUqLnTcdY5HV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9b406d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/h0nn2zfvno21244h0nn2zfvno22223357.jpg
104.21.235.173200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/h0nn2zfvno21244h0nn2zfvno22223357.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 94e1aa087073513853b88a498d9145f1
147c4c809a4bea4ae2817235103bd7606eda448d
0612d06b2c554d2d97742a0ce0944e0c460b906e4369ccde6e9fc5e21ba401e2
GET /upload/vod/2022/09-01/12/h0nn2zfvno21244h0nn2zfvno22223357.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 6855
cf-bgj: h2pri
etag: "2275b81bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJ%2BiM9ZnSlRarNoYTl2wgAlT4OKT3jiEwR0jb0iuz%2Bhxq5KcR4FkGmN%2Bz1vT5boyU%2F6nj%2BCPNGtRwaP90lkMG1aC4iMQB6kfJK3bK18Eqplaq%2BN7N9zwmUHCvSptu2H2fhpU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9bb06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/hod1ulyhqk01805hod1ulyhqk00411461.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/hod1ulyhqk01805hod1ulyhqk00411461.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c66ba3f9b1981fda3463ff5a26443b58
ca8b689cc7968e1dbced660aacd4c1c962f7f02d
a6a9d08206542fa84ac46100dbd7b0b95b1b155471957a5c35be4e1cd8e4c2e1
GET /upload/vod/2020/04-23/18/hod1ulyhqk01805hod1ulyhqk00411461.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 12445
cf-bgj: h2pri
etag: "ebbe7a85619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5866
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqSlrk%2ByOQctngbm65KM7kUcJFf0uV5Zs5%2BkA%2BbsY4NPQ1h4EWLKu%2FSIL1UCRCwKpmPmKYrUKL7Dox5zRJRFTpbz%2FuykaLnfbCU7ML%2BsiyR%2Fb%2BGPnvv%2Bz4pZmLnVYCavJ2iK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9bc06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/2qo0iaq4fpf12432qo0iaq4fpf5623325.jpg
104.21.235.173200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/2qo0iaq4fpf12432qo0iaq4fpf5623325.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ceb9c6bb38fddcdc37ad089e92bfb1eb
ce3ec5c67896e8490650c81d2c60714e9640834e
60e5aae63bf02b7036bb21d391158f07168c0fa7b9d5db3e797f71f5819c7270
GET /upload/vod/2022/09-01/12/2qo0iaq4fpf12432qo0iaq4fpf5623325.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8468
cf-bgj: h2pri
etag: "e6a23272bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9cJ3xgk3LGiJmXx%2FbLp06EMXaqzdkyzIqGAHq6hdWgTDW5FFfpmfWQQOOR%2BU7fTvAKCN4qpWlJzqHesLs0LFEGlrebtuPHDrsI6V%2B5TyZwA9V3B7m4%2FdH0YSFnGbvTP56x9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9b706d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/1manvpu1tow18051manvpu1tow0511463.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/1manvpu1tow18051manvpu1tow0511463.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cc4f9b92582ca3ec06792fd3412e1619
75f0bf46395744ac0f34f74e48f7d31d76592ccd
3f7323e03a49e461955b852187f8b41ed4267612addbc324bbba321742970ff0
GET /upload/vod/2020/04-23/18/1manvpu1tow18051manvpu1tow0511463.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8944
cf-bgj: h2pri
etag: "391866a95619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nTL%2BcGbKTJGDhF%2FKGBxetKauxKwS1heiuqMzwtvrNs3VPE88vh%2BTBL1cC%2BOGYYJz6LVCvGp0S%2BLN7aZAcotFe7vOBhkiWLAKqRSReq1z9efJU%2Fnc3%2B1zqKRJNQMfIo6WWBm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9bd06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/jk10x24sprx1243jk10x24sprx5423319.jpg
104.21.235.173200 OK 9.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/jk10x24sprx1243jk10x24sprx5423319.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 861733e63c3e031db51faf15bee705f5
9c77a9f8111b8d22f79886109fd56d836a176252
d39f56ac04b189092efe3aaa4eef01c7107998cdf46e2e042eb490084bd3281f
GET /upload/vod/2022/09-01/12/jk10x24sprx1243jk10x24sprx5423319.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 9450
cf-bgj: h2pri
etag: "ac579870bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx8d9jpNDADPACzgNDRi581%2BVnd%2B%2F4VL4TDzyFgefJm%2FvnXutNLShB48juOBP4pITgwzY34MuT%2BlGPjVYWY8PskYsHGlnw6Ksq5QH%2BjVOKsyMSlPKUzXZ0hYo0Fzo%2BHG18Yi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9c406d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/fv5ei1qnrdn1243fv5ei1qnrdn5523321.jpg
104.21.235.173200 OK 8.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/fv5ei1qnrdn1243fv5ei1qnrdn5523321.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1be9858ce8654c03caa73e9197b2fefa
ca789888f584a7c5945cdb688389edab10cc02c6
a87672b9da42e65b378c8c08c75b8ae269915e8fdde31e63749794903673ca29
GET /upload/vod/2022/09-01/12/fv5ei1qnrdn1243fv5ei1qnrdn5523321.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8184
cf-bgj: h2pri
etag: "593e2071bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SOr7m5WHDH3kMO0OvSYJDtoLFXCg9iMH3svaT4P442yYy8PD088RUuFwI%2F63mM%2F3Jy4VbsJu28nyvr31tngm7gsrvmOq8wUli77cQpeR2OXHvqv29cAUt2eovNEqLm9NAqj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9c506d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/index.php
20.205.43.35200 OK 17 kB URL HTTP/2 mang.tiryakioyun.com/news/index.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash e90b47fab1eb01ebefbef60afb5e90d0
e57ec828c77f0c60fdecaa814520f2b904462d01
fa4fd99748f6e56b747c13a5b67ab319396c885901525d5ead0e7ced5e169334
GET /news/index.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mftwh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:50:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/vzrvnark3r11805vzrvnark3r10311459.jpg
104.21.235.173200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/vzrvnark3r11805vzrvnark3r10311459.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4e83154cf37c9ee9302fd20672d4846c
0230dc36326edeb17c13c35992561a9a1c66acc2
a6f6ef59bda6f909c6e2833bc7746e449e39427e96ef2c6a80b979041f6afbac
GET /upload/vod/2020/04-23/18/vzrvnark3r11805vzrvnark3r10311459.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 12800
cf-bgj: h2pri
etag: "1bc06ba85619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BAY7N98EHIZjStF4yZUNtvPPiFD82s%2Fxf19Dm7dQgaQpVpmBaOXG2HTS5cVcm2%2B17tVDyOy5toUai1%2BfJlDiHMo3MzkVU6TyWzEJyUP%2B%2BRtV0Yn0wJpQRukWBgVo9vMD5Ez"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9cf06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/movkdtg3qiv1244movkdtg3qiv1823349.jpg
104.21.235.173200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/movkdtg3qiv1244movkdtg3qiv1823349.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash a14466898c3553de268b4836a4d745b8
632ddf28d27c0ef4b4d638be533d6338f2a64913
a70f71d8f95d9dd94a9fa399e067b08c2af9f1aacc97bda1695745fea569a095
GET /upload/vod/2022/09-01/12/movkdtg3qiv1244movkdtg3qiv1823349.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 13493
cf-bgj: h2pri
etag: "51b9317fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djUQQ8eeKTnH3nnpmRfyD%2B61KK8EYidigMwEx1qRBHlYGKeniSIEuBy%2F3nK0o8EYJkZfJq9tv108%2Bc1RS0FYnAtYMC1hGwSXSy3oYbKRxZWrSgvxrhN9g%2FnF7AIu4oh652WY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5c9f806d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/tw2v3cwdysk1244tw2v3cwdysk1923351.jpg
104.21.235.173200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/tw2v3cwdysk1244tw2v3cwdysk1923351.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 58276304b53b5d409c85d2566e5ca04c
de48afb28bf503621b2c6d071dfbee8d378512c9
545a024a29befaa8bb3a814e20691ff29689f9ce7933d166150bd3b2e0b164ea
GET /upload/vod/2022/09-01/12/tw2v3cwdysk1244tw2v3cwdysk1923351.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 14203
cf-bgj: h2pri
etag: "96c9b97fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2878
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT%2BQ4imycsTP9C4vsHD8NdknQgl9Or875AM1efA1weRbxdrgGLz8k5PTqR8Ec%2BboZpFhCytif0xiNxqDcGzgKWtk5M2sqXAiqvOE8jv6Um%2FlOdxGNz5qcL1CSawvmpSO7Dw1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5c9f906d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/vsapdsmuqq11244vsapdsmuqq12023353.jpg
104.21.235.173200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/vsapdsmuqq11244vsapdsmuqq12023353.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 3ac7e149912995be253f6f51a6f3e74a
049d2b885ae480886e4d613a595039d27ccb3398
2e5d4cc251fb4ca390d0553776951a7abe0a2df4ef979167725ffcd5b1c24b01
GET /upload/vod/2022/09-01/12/vsapdsmuqq11244vsapdsmuqq12023353.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 13742
cf-bgj: h2pri
etag: "ead74880bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruR7svbAlXhynXofpIIM91UoraU6MNAkorJecT24VV3F1dKEEwj%2BSDPEcKMQSdE1%2Fyd0qpOlYwmtvfdlNsCocXg65xnHeT8k7Qj1gcByDV1Bb2TUglJKf7OsQSWJLMxxi1Y2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5c9fa06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/juf22ojfkke1242juf22ojfkke3023247.jpg
104.21.235.173200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/juf22ojfkke1242juf22ojfkke3023247.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ab13767a24d03c0eb232c512565dcd21
07cbd6b0f5d1bfef1e131adb697249141ae1fa78
0c63072bb7ecec4d92abc68d1271f886cf0abe68f432fd257c6e95560f733eef
GET /upload/vod/2022/09-01/12/juf22ojfkke1242juf22ojfkke3023247.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 7510
cf-bgj: h2pri
etag: "be326f3ebdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6NpmX2%2Fwgqo64gjMQfv4Dd0LHSxij3mgnCE7cdxaAYBCeFr4Wr%2Fn4EnqoL6cDRCZ9lY6%2BB5nuk49JGyk%2FQHfq5%2BNJxssSi15kEmLQHEhuGm5Nd9rG%2FHGKpa%2FL9h%2FwMMKZ%2B0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5c9fd06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/id1ejwvrhay1244id1ejwvrhay2323359.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/id1ejwvrhay1244id1ejwvrhay2323359.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 8adb405849cf9b3a981b4a9ebdd293df
a572550a8c3ff6eca0951ccb15eb6fa0c966570b
a7fb496ba115b950cd9c4b04e68e4f1c25a7ded1c3c05148a43b436c1173794d
GET /upload/vod/2022/09-01/12/id1ejwvrhay1244id1ejwvrhay2323359.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 12005
cf-bgj: h2pri
etag: "b250e581bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v6KoE02fmbWebkjf%2BzobaoazPPICVHuLbuWv6bBi6ydLLsSyIl86epd%2BhY2T6bKO0sscWgnez0QwwmviGKz5aOWhXdC%2B0pgGIMXkQ6Ddyg7b1vkutlzKiWvIzdHYm5P2S7K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca0306d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/ngdcsphlpdw1243ngdcsphlpdw3123315.jpg
104.21.235.173200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/ngdcsphlpdw1243ngdcsphlpdw3123315.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 211b3b33f710427da7aa58b5ae9db617
b0625340e5467472fbf08e3bc3d2b2bee2a08847
eef92a6ddf459c526bace813741f079c400fd341346ca252d505cba3a8006299
GET /upload/vod/2022/09-01/12/ngdcsphlpdw1243ngdcsphlpdw3123315.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 6913
cf-bgj: h2pri
etag: "3e5e886fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYSbG5nc3qVVK8p%2BpmmNX8kDWZI3mV6vsHsYIHBvX1nT9WfcccMs%2FRjAewahEkdkUFeRaQb%2BpCSAae9PVUqydpI8n62hB%2F0T%2Bjknk%2FUM6Gd89s1Z2grprZZau4h4Fs76mb96"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca0406d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/3bqsf1nz3lw12433bqsf1nz3lw5323317.jpg
104.21.235.173200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/3bqsf1nz3lw12433bqsf1nz3lw5323317.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 35979a86ea1e3fe4c97d12772071273c
b68f1f6f26d005b849f4fbfe76f6913f3ac87868
898cb0f0a23fe6f9503308359d0f0a9c00f29f236ba9892b1c64d6aeb0fae10c
GET /upload/vod/2022/09-01/12/3bqsf1nz3lw12433bqsf1nz3lw5323317.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 7472
cf-bgj: h2pri
etag: "9280b70bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4116
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH0m1yphcpbBQ4hCU1skr8eRxMjTFFw9hTWHw2%2FZVx6FRimfDYG5teR3qvKAW6ghwH8lSxjDzgAkiP2HlK0qCIMemdsDiRMbAQcBVi9jkVN50rnCnkjPp7czDwjMIiGEcOWQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca0706d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/c5vlfyl0hjx1805c5vlfyl0hjx0911473.jpg
104.21.235.173200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/c5vlfyl0hjx1805c5vlfyl0hjx0911473.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a157ce841a5cdbfa55063f114644f162
c8e5e695973b3f1a243a46fe22b9f28fe7460772
7dddb7a0c52ccadd7f82ac7e062cdc24684f1d03b32b8a93ee51ca215a378609
GET /upload/vod/2020/04-23/18/c5vlfyl0hjx1805c5vlfyl0hjx0911473.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 10820
cf-bgj: h2pri
etag: "5c786ac5619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8JhWLVaxodyKXgNmSDNxYurhqFzWfqaQjVdfp7ab1zqEgLrhg9M5i%2B6%2F0zkGZZrDSNoj4V4%2FViFwSOMRY1OnLHAdQ0%2FHpbWj87S%2FxCp8nFm4Fxlut3pcalSvT8ZvZo62KbK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca1706d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/4tn1qhzhwyc12424tn1qhzhwyc2623239.jpg
104.21.235.173200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/4tn1qhzhwyc12424tn1qhzhwyc2623239.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 464403547f4a6cdaa59081cb67d731bb
d3374ab71e6025dc15ca536642ac81a03ec63f7d
60b6c8ff267090f9d7cf7e6ee04b4993bd2ddb47b27f806af0cd3f475c83cbf0
GET /upload/vod/2022/09-01/12/4tn1qhzhwyc12424tn1qhzhwyc2623239.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 8561
cf-bgj: h2pri
etag: "8add4c3cbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhVXGheXH7Y%2BTPL87plB2jnyYsuW8K4b8wVue5HiL4doBF%2BOk8%2FB20BQrZkTgtHXLJWRfD%2BzhkQbxMz0je9CjRLAwyvUnUoGJCoGb6%2Fsbf5k9pYgENZ79kMJJ4KbNsVynKon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca1106d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/0hfuhwmbrw518050hfuhwmbrw51011475.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/0hfuhwmbrw518050hfuhwmbrw51011475.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 517b22cc45125129ddb57ff3e67b4593
58734711f9a94fda4a7a26728a6e9e583e9a4ed0
f68686b6e8b1733cc5e385c5d1a7034e1243d4d0fdf435ff13617e71caea53b3
GET /upload/vod/2020/04-23/18/0hfuhwmbrw518050hfuhwmbrw51011475.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 11808
cf-bgj: h2pri
etag: "85f8eac5619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdc1akK5NGyUz8xPC3vC7houAk5pZ2AECRydDeWFw4Sjjyc6sy99WvGsQAcrUpGdtkjjm1p2NlM2%2FCX2UBYgxeM%2FbaPI3VLC%2B98zr%2FyJZKuaYJpx6wkhD%2BBRiOfbPTZ545yn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca1c06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 19868670f5795f4e32568f6e5057e3cf
24bfe0de63d52a188d3177a41143dbab781c1f6b
09ba7ed2581222cc90ef9468e2fdfd44ab525db8d6e64d66579e8145ff098d2a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 13:06:38 GMT
Expires: Mon, 05 Sep 2022 13:06:37 GMT
Etag: "24bfe0de63d52a188d3177a41143dbab781c1f6b"
Cache-Control: max-age=338753,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed1e24b77b500-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42b8545af754fab4b32b6c88209217b4
8ccab1ea72352ffbc1ee262bd81b0d06eaa75356
2602ee264c9495721ec232f656f03d1c6201c0e329561ef8481ed65de7689c8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2602EE264C9495721EC232F656F03D1C6201C0E329561EF8481ED65DE7689C8B"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2677
Expires: Thu, 01 Sep 2022 15:35:20 GMT
Date: Thu, 01 Sep 2022 14:50:43 GMT
Connection: keep-alive
www.mgcqnd.xyz/template/m1938pc/images/video-mask.png
173.231.17.185200 OK 107 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/video-mask.png
IP 173.231.17.185:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sat, 01 Oct 2022 14:50:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/images/video-play.png
173.231.17.185200 OK 1.6 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/images/video-play.png
IP 173.231.17.185:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sat, 01 Oct 2022 14:50:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/egdzzyrrg3a1244egdzzyrrg3a4723397.jpg
104.21.235.173200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/egdzzyrrg3a1244egdzzyrrg3a4723397.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 82fd45ad8f6a65fda44da8c7f7852a61
8fe209e5d5c24c27b29eec430a341de0f8134f11
05be0abb62155449679d1291b334950f3fa7d5ef6782604b3ae664fefdc5a01d
GET /upload/vod/2022/09-01/12/egdzzyrrg3a1244egdzzyrrg3a4723397.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 9949
cf-bgj: h2pri
etag: "56ca5a90bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOFEFHz%2FzwU3aUYYuCihK5hKG%2B07tmEVvuLtslxzB5fn0msnmg1mhrsbsNYw8uqujfO6aVVv%2BvNHi8vATwsncbWjrniG8N%2FFmCXHql8HhhwxzOKDRq2SjkMcQpkwnTJLys43"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca0e06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/x1zz4nlpg4f1244x1zz4nlpg4f4423391.jpg
104.21.235.173200 OK 5.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/x1zz4nlpg4f1244x1zz4nlpg4f4423391.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5da4b7400a675f792de5551b0e6bc1fb
7f84aa6df02c6b6a547594db40b73d712788a9d5
858175d8f9de81a0a7a370e1a92d0974b577ffc8fc0c537832fc4954e825f474
GET /upload/vod/2022/09-01/12/x1zz4nlpg4f1244x1zz4nlpg4f4423391.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 5434
cf-bgj: h2pri
etag: "331fbe8ebdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:44 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBeXEjh9kLp9yMqAtNAKJu4bb7SDRhNVWOn7Fsm%2FHJjc%2FLqAuNFiekEaJhkXkSAS3SQBQL1%2F%2FkupgoNFYD0M2sgkix%2F6RVVftD5oQ9ZTeNE7Rn2lRjoPs9oEVAl4l13V9Kq3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca1306d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 005b95aa89356933b58cd628444d64ff
2cc42f5226e208e9ec9b80235fcd68cdaeef19e8
340473fbe51dd9fdb81f84d5d598e61a76b0bbaeefcd2d7c83b10862a1176c63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "340473FBE51DD9FDB81F84D5D598E61A76B0BBAEEFCD2D7C83B10862A1176C63"
Last-Modified: Tue, 30 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Thu, 01 Sep 2022 15:13:04 GMT
Date: Thu, 01 Sep 2022 14:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 005b95aa89356933b58cd628444d64ff
2cc42f5226e208e9ec9b80235fcd68cdaeef19e8
340473fbe51dd9fdb81f84d5d598e61a76b0bbaeefcd2d7c83b10862a1176c63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "340473FBE51DD9FDB81F84D5D598E61A76B0BBAEEFCD2D7C83B10862A1176C63"
Last-Modified: Tue, 30 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Thu, 01 Sep 2022 15:13:04 GMT
Date: Thu, 01 Sep 2022 14:50:43 GMT
Connection: keep-alive
www.mgcqnd.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=202291Thu%20Sep%2001%202022%2014:50:43%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.185200 OK 3.2 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=202291Thu%20Sep%2001%202022%2014:50:43%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.185:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 82824af6b9b6b5f4af4c324cbaee3af1
6749c6b517225d41ff1d611fce32e157d2829bd3
8861a70718411bed741d32f7e6fcf43eec49f7df095ba2f3bffb77fbb634338b
GET /template/m1938pc/html9/advertised/advertised.json?refresh=202291Thu%20Sep%2001%202022%2014:50:43%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: application/json
content-length: 3218
last-modified: Tue, 30 Aug 2022 09:27:10 GMT
etag: "630dd7ee-c92"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/u5dw1z30egt1244u5dw1z30egt4323389.jpg
104.21.235.173200 OK 4.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/u5dw1z30egt1244u5dw1z30egt4323389.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 81410fc8ce7bd2b2dc8ebf01ebef796e
ba84e239abb8bbc928c6c80373f39aa713d1daf3
794cbf3513b3883ca901358aa4b0838316733dbdfba00eefb796518513cca19f
GET /upload/vod/2022/09-01/12/u5dw1z30egt1244u5dw1z30egt4323389.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 4803
cf-bgj: h2pri
etag: "3b38368ebdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:43 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdpXAB2Q1P8j6NEYLXDn4EV3G9Ge4pfIJQaNL40UkO5BfXUDL1nwr7hl3%2F%2BZbSI7kAn%2FQh%2FrywQaZWzpa8SXEh4qSWi52ykdzm%2FLU6kGAsA%2BXku5mwiSPDsK9U4A9TtKks0d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5a9ac06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mgcqnd.xyz/
173.231.17.185200 OK 7.9 kB IP 173.231.17.185:0
Hash 0d4ac5cd69abcba964212b6ecd890f9d
6a0afce200cc18acf952c3304829b77101fc09fd
fe34c1bfc2271e8488e2fb99da784c9c793dd9b5870a39e3a1e08f97b8ee4603
GET / HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/1vlds15z1u512441vlds15z1u54623395.jpg
104.21.235.173200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/1vlds15z1u512441vlds15z1u54623395.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 450e59a25ad63035255d6b64ef3dc8c8
69329643a18e9c2dcfce5755d5c31078668706c4
c6b9a88720e1150b384b71be89e168ffe5d15a4239ca11ca08ac40fd9ce99983
GET /upload/vod/2022/09-01/12/1vlds15z1u512441vlds15z1u54623395.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 10861
cf-bgj: h2pri
etag: "35a8d78fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:46 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ws6w2043IGFJWtlZVWItNnGxVHtRnbkgBEIY0OVybfItB0P72MPPVx7ToQl8XqU92LRjWA5tuPX0Mbj%2FKI2DAFtQV1gizc%2BxV0bl%2BxlPZWdhhUH09HoRebxMwUBEMcgm0ojk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca0906d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/wf1mdy5yxhn1244wf1mdy5yxhn4523393.jpg
104.21.235.173200 OK 6.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/wf1mdy5yxhn1244wf1mdy5yxhn4523393.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b983c5a6f34e53df23a69d982a106ea4
cc0dd209cb5057ef8a195554fff2267a7a234ffc
0accd993fe5b38fc7d6454427f3cf1371c053d39e175deaf16fb0a0f6e143e47
GET /upload/vod/2022/09-01/12/wf1mdy5yxhn1244wf1mdy5yxhn4523393.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 6233
cf-bgj: h2pri
etag: "65904f8fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:45 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FLSFqnduZzafVwLPSgmgBG%2FpNILWXTCo3BthnVp22256egneV5svjW3930ucozjIO8uURDNTay1bp1XQ8FeizgbMrmu4JQl1pKPSOpUNbDwwSb7rWAZfTT4yNtnMd%2B5Rbvv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5b9d306d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a4c71bb51e299420dfe1e238f2dd17d
6a77be5234945767db9d3bb9a7fac61131795b41
dfafdf969ff462cbeaf982195439e1c3f8abecd8516719f1e259ac59bad0e9d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFAFDF969FF462CBEAF982195439E1C3F8ABECD8516719F1E259AC59BAD0E9D0"
Last-Modified: Tue, 30 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1942
Expires: Thu, 01 Sep 2022 15:23:05 GMT
Date: Thu, 01 Sep 2022 14:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a4c71bb51e299420dfe1e238f2dd17d
6a77be5234945767db9d3bb9a7fac61131795b41
dfafdf969ff462cbeaf982195439e1c3f8abecd8516719f1e259ac59bad0e9d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFAFDF969FF462CBEAF982195439E1C3F8ABECD8516719F1E259AC59BAD0E9D0"
Last-Modified: Tue, 30 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1942
Expires: Thu, 01 Sep 2022 15:23:05 GMT
Date: Thu, 01 Sep 2022 14:50:43 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-01/12/si2pnojk41p1244si2pnojk41p4323387.jpg
104.21.235.173200 OK 5.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/si2pnojk41p1244si2pnojk41p4323387.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 65b56480c2daa18306b25659f1909ff9
50295db4d8256302a42e7e64c4046a299e2b5d4c
9561fd13fae907b555d27df30dcc5aa138e2257c6a859acdc786e7adccb001b2
GET /upload/vod/2022/09-01/12/si2pnojk41p1244si2pnojk41p4323387.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/jpeg
content-length: 5085
cf-bgj: h2pri
etag: "aab3b08dbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:43 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1CkaEprnn2qO6bEhADGoY5uKq0%2FAHq3DCyT5wgQlVpTCySdhXmoplpSg7or%2B6GHwyddKZbF8xAPQyDLtrjgE%2BFn0ImF9QNWLxWJ6RkK2TB66Jz8rW5aq4%2F5gZQF6Fi1e%2FU7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e5ca0006d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.233.184200 OK 902 kB URL HTTP/2 kvkddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.233.184:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvkddd.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgcqnd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 30 Sep 2022 03:56:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 125627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMla95NO8ykEIZBsIR99c8ku6X%2B0c5vk3wQUdLYjKnsjLk6RC9VRGbvhdpn4vXv3oRBm44xLY4cz58k7Csrd%2Br6T7vwG2W%2BM75iGNYCVJP%2FTjlVTROwmVLgcknXB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed1e8ca78dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 1952cea71a5aa730d168da34a00adb17
0e0c7503c9497d00b5b599a1f5f4bef5faccc7e5
b5f4a0e0242cef228c7323b46bd0c81a199248d80be2081dde90ab483cf72a0a
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 14:50:43 GMT
Ali-Swift-Global-Savetime: 1662043844
Via: cache25.l2de2[498,498,200-0,M], cache25.l2de2[499,0], cache7.se1[522,521,200-0,M], cache7.se1[523,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 01 Sep 2022 14:50:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16620438435447771e
si1.go2yd.com/get-image/0xmAGT9KS9C
163.171.140.79200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:50:44 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 6310c6c4_PShlamstdAMS1cc96_24276-12402
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash cc2d50bfea3db3c74b3a203f4210b344
e11e48601924b83c665144c5f957c6ed8b717f7b
01a785b89c251246d4599bfc65d0808e7e457656da75b01821b1e80514d5a806
GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:50:43 GMT
Etag: 8663d6d4f852cf8e67bd889550426a50
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=60F06904D2B478F6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (630)
Hash ab9990b6324130b2ea915a683de8ee14
e2fd26e08a791431127e5432ad60f646d59cdf35
1d1790e628724941f4074ccd36c059c5219b7438a40e36abc759043331b45c81
GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:50:43 GMT
Etag: a9be2c5bffe1f787f77a2489704a1e0c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=94A59D2958566BEC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7944e340542b77a7d8a0213123e4fe78
13aa2015222300e59173f7fa0cfaeb089698edc1
82a19d7d15c1059012b8a128db9be67329d3c04a53b1e44e331e421b5cd9896c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:50:44 GMT
Last-Modified: Thu, 01 Sep 2022 14:02:37 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7944e340542b77a7d8a0213123e4fe78
13aa2015222300e59173f7fa0cfaeb089698edc1
82a19d7d15c1059012b8a128db9be67329d3c04a53b1e44e331e421b5cd9896c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2365
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:50:44 GMT
Last-Modified: Thu, 01 Sep 2022 14:11:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/4ce636698dbb47e99602db6f485efb8f
47.246.44.230200 OK 501 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4ce636698dbb47e99602db6f485efb8f
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 501 kB (501349 bytes)
Hash 3dc97401e4e33250392f8ccdb5da0a7a
e0dfbf31b1dc9ac45535a7843b202ff1fcd888b6
b1be46bf7dc47b9f074c1ee799521eeb28872bfc694291e921a4b050ce842168
GET /obj/tos-cn-i-dy/4ce636698dbb47e99602db6f485efb8f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 501349
date: Sat, 27 Aug 2022 14:11:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:46:56 GMT
nw-session-id: 202208272146560102020921561B721E6Dztjxb01dy
nw-session-trace: 2022-08-27T21:46:56.454850868+08:00 108
x-bdcdn-cache-status: TCP_HIT
x-length: 501349
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:46:56 GMT
x-tt-logid: 202208272146560102020921561B721E6D
via: n204-098-054, cache19.l2de2[0,8,206-0,H], cache26.l2de2[10,0], cache26.l2de2[10,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:145::22
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015def71313203223086dd21881eeb1056783e3119e6102f8ace8ff9efbf5ff898fd2d1b3fe004be3ec61e17d799b69ed885915e9ceec50e6a3b4d28ce0bf66f8e21dfde9191ad00fa902be3aceecb2aaf950eb30dca5e6cd13faf370641b4c3a5
x-response-lb: image
ali-swift-global-savetime: 1661609486
age: 434358
x-cache: HIT TCP_MEM_HIT dirn:2:53285062
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31189109
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816620438443092097e
X-Firefox-Spdy: h2
img.x982.xyz/images/62f787031cd529cdb973c2b2.gif
23.225.222.18302 Found 312 kB URL HTTP/2 img.x982.xyz/images/62f787031cd529cdb973c2b2.gif
IP 23.225.222.18:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 312 kB (312271 bytes)
Hash 63c5ab2641bffed061d2806eb7df49f3
7e59d53db432156b20bdbabf9b0423989b91dd5b
2127615c1afdcc6672bf10bb9bfd61d4665b62f293f7085fab4f2cb65627c0e8
GET /images/62f787031cd529cdb973c2b2.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4ce636698dbb47e99602db6f485efb8f
cache-control: max-age=3600
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash e3dc52c6087904ee09cef35aff1d8529
b4301437a8f1e6341659f55a0fa18eff929d9e92
ad54e0b908693a73034be587871cff564a85aa94d9a337de95f07d05b76060db
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:50:44 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 13:17:51 GMT
Expires: Mon, 05 Sep 2022 13:17:50 GMT
Etag: "b4301437a8f1e6341659f55a0fa18eff929d9e92"
Cache-Control: max-age=339425,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed1ea5da9b51e-OSL
n7181.com/d35467f31a1e415dbf061087c8c283d5.gif
45.61.212.47200 OK 684 kB URL HTTP/1.1 n7181.com/d35467f31a1e415dbf061087c8c283d5.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1
Host: n7181.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Fri, 19 Aug 2022 21:59:52 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 683474
hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (630)
Hash 0ef1bc99199f9343cbe4664619ab1b88
665e908f107362bc7385aff9aaceed65c50a464b
7f1cefd08a2f99731bf0a099e16a8fc5ee73d04b08ae5bb481a409e5d8b7a1c6
GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:50:43 GMT
Etag: a1fdef6b81b4f2d51e68a280008d2bea
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=53BFEBC21AE0AD81; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:52:15 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Sat, 01 Oct 2022 14:52:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/js/jquery.config.js
173.231.17.185200 OK 115 kB URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.17.185:0
Size 115 kB (115350 bytes)
Hash ca6dfcb852af4a4529245e1f6594ae74
bd4a195469b03d676c3111fee3678d7fa811c9c6
a960bc0fcd01a375714cd4b7356fc205c1aab822b93242a94ba065bae8c37503
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:42 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Fri, 02 Sep 2022 02:50:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
47.246.44.230200 OK 671 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 671 kB (670683 bytes)
Hash 61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
GET /obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Tue, 30 Aug 2022 21:38:15 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 30 Aug 2022 18:44:18 GMT
nw-session-id: 2022083102441801015113717113E7F2E1bsqs702dy
nw-session-trace: 2022-08-31T02:44:18.526864003+08:00 58
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Wed, 31 Aug 2022 02:44:18 GMT
x-tt-logid: 2022083102441801015113717113E7F2E1
via: n131-120-203, cache23.l2de2[0,0,206-0,H], cache15.l2de2[1,0], cache15.l2de2[2,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:15:292::203
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0165ab36164fe3cff27e57d1575698e7c40ef33423e3cd4481ccb47ac81afec6964a9b795bd1908024a4e1b8c66fbac9b09d7073eff371620f6a34ba2590db0926f71c38ccdd8dc228fcadce977d0f1e85b7ab50835f56ba9ea895a38594ac270f
x-response-lb: image
ali-swift-global-savetime: 1661895495
age: 148349
x-cache: HIT TCP_MEM_HIT dirn:1:39969653 mlen:0
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31475118
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816620438446182322e
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=951404304&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=10709&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=951404304&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=10709&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=951404304&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=10709&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:50:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4DCC4A4F2F80A44B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
3p8801.co/3P-240x240.gif
137.175.35.2200 OK 322 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 322 kB (322371 bytes)
Hash 10b590fb68b248b758ae345f3cc33961
9e13b8044dc3e6bfcf6156977a32403f672b71c3
ee081d5613e4bafe5733342028b1518f676b9572319146f2197463836993391e
GET /3P-240x240.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:52:15 GMT
content-type: image/gif
content-length: 322371
last-modified: Sun, 24 Jul 2022 09:37:58 GMT
etag: "62dd12f6-4eb43"
expires: Sat, 01 Oct 2022 14:52:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.x928.xyz/images/62fbb537ab3ecbe918ac81f0.gif
172.247.4.42302 Found 43 B URL HTTP/2 img.x928.xyz/images/62fbb537ab3ecbe918ac81f0.gif
IP 172.247.4.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /images/62fbb537ab3ecbe918ac81f0.gif HTTP/1.1
Host: img.x928.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/fe44c5309a8f4bb780d2226b57137a76
cache-control: max-age=3600
X-Firefox-Spdy: h2
images.xxootv.top/admin/202208/630634f18a75e.jpg
45.207.13.180200 OK 26 kB URL HTTP/2 images.xxootv.top/admin/202208/630634f18a75e.jpg
IP 45.207.13.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Hash 003320de6bd2223be46a8d7e078a0a45
fc08ff33a5d7080674882770038a92384a1bc366
7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880
Analyzer Verdict Alert quad9 Sinkholed
GET /admin/202208/630634f18a75e.jpg HTTP/1.1
Host: images.xxootv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:44 GMT
content-type: image/jpeg
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Sat, 01 Oct 2022 14:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
47.246.44.230200 OK 455 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 455 kB (454806 bytes)
Hash a2adfb182a1e1629ab484d90b72f23c8
0301a7d9e60d54dd13e1cb528a0b22546790c026
7bcc06c7b13d9e1ffbff6e5b627b209b91556b3dcd39c8181f99548f150fc89b
GET /obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 454806
date: Sat, 27 Aug 2022 14:42:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:26:45 GMT
nw-session-id: 202208272126450102080352140A7068A2j6fpx01dy
nw-session-trace: 2022-08-27T21:26:45.540738746+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 454806
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:26:45 GMT
x-tt-logid: 202208272126450102080352140A7068A2
via: n204-097-238, cache16.l2de2[0,13,206-0,H], cache4.l2de2[14,0], cache4.l2de2[15,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015f385d3fc56128f1a4291cfc24ba5beb6bb050174f8a4bde30a2f8504ba2b81d1af23526cac1a55c0544ba65e9a8f06af049aa6fb10d31566b09af1a690e91ed58ef22652af931b4a5db136e17599b70de2d2d794a56a990b6237e8c4a9c7dfc
x-response-lb: image
ali-swift-global-savetime: 1661611346
age: 432498
x-cache: HIT TCP_MEM_HIT dirn:11:144649003
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31190969
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816620438448762502e
X-Firefox-Spdy: h2
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:49:13 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sat, 01 Oct 2022 14:49:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1350961820&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=10709&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1350961820&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=10709&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1350961820&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=10709&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:50:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1DBF4FAD67BF3236; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:49:13 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sat, 01 Oct 2022 14:49:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/960160.gif
220.128.218.220200 OK 166 kB URL HTTP/2 taiwtp1.com/img/960160.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 160\012- data
Size 166 kB (165614 bytes)
Hash 499d402cf727956bcdb1a229ff10c05e
95bbdda00299532dab6ca13cec744d21c0f7ae26
20be363fb9c4cc867e6d5467daff447c1e9aa10feabda9fd943672b6672aeff9
GET /img/960160.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:49:13 GMT
content-type: image/gif
content-length: 165614
last-modified: Mon, 02 May 2022 05:20:34 GMT
etag: "626f6a22-286ee"
expires: Sat, 01 Oct 2022 14:49:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/600400.gif
220.128.218.220200 OK 304 kB URL HTTP/2 taiwtp1.com/img/600400.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 600 x 400\012- data
Size 304 kB (304522 bytes)
Hash e0a34183ace6e0dff373311780daecf4
48e4233e415d464e22ac1ff3d2135d20e4c31eb8
eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
GET /img/600400.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:49:13 GMT
content-type: image/gif
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Sat, 01 Oct 2022 14:49:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.dcocsp.cn/
47.246.44.227200 OK 471 B IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash cc5661fefacbe8fac08be0592e96e09b
dc27d8f43f051fa3ccdb3ee2730206265f9a887b
288a918e20b1370a6909f1a796f80f832cdbaee5f93d85ed3a2e275fb1847c98
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 01 Sep 2022 14:25:33 GMT
Ali-Swift-Global-Savetime: 1662042333
Via: cache21.l2de2[0,0,200-0,H], cache2.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[0,0]
Age: 1512
X-Cache: HIT TCP_MEM_HIT dirn:3:343967902
X-Swift-SaveTime: Thu, 01 Sep 2022 14:30:18 GMT
X-Swift-CacheTime: 3315
Timing-Allow-Origin: *
EagleId: 2ff62c9616620438455933973e
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.154.254.32200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 85 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: aa86f176-3281-478b-81da-50f7fa56cfda
X-Firefox-Spdy: h2
img.x967.xyz/images/62fbb66bab3ecbe918ac81f1.gif
23.225.228.34302 Found 0 B URL HTTP/2 img.x967.xyz/images/62fbb66bab3ecbe918ac81f1.gif
IP 23.225.228.34:0
GET /images/62fbb66bab3ecbe918ac81f1.gif HTTP/1.1
Host: img.x967.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
cache-control: max-age=3600
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 1296026
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:22 GMT
cache-control: max-age=2592000
x-delay: 621 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1296026
chid: 0
fid: 0
x-nws-log-uuid: 99921af6-e356-49aa-a134-bdc79aa17a86
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 702 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: c0588b5e-bcce-4f30-a775-adc2c2cc8dd5
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 2668995
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:04:56 GMT
cache-control: max-age=2592000
x-delay: 1188 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 2668995
chid: 0
fid: 0
x-nws-log-uuid: bb060bd8-f3e1-4da8-bfc5-0bcd90e6d340
X-Firefox-Spdy: h2
www.mgcqnd.xyz/template/m1938pc/css/zui.css
173.231.17.185200 OK 0 B URL HTTP/2 www.mgcqnd.xyz/template/m1938pc/css/zui.css
IP 173.231.17.185:0
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.mgcqnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:50:42 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Fri, 02 Sep 2022 02:50:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
3p8801.co/hg960x60.gif
137.175.35.2200 OK 0 B IP 137.175.35.2:0
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:52:15 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Sat, 01 Oct 2022 14:52:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 235 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: 127fb507-9fc6-4c0e-9d29-b4d41ce9c364
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 308 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: dad3e83e-44f3-4a10-bb6c-19d21ec29295
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:50:43 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 584 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 88016909-0f81-4583-ae2e-1cff7e57e5d5
X-Firefox-Spdy: h2
img.cuphf.xyz/images/62f786e81cd529cdb973c2b0.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.cuphf.xyz/images/62f786e81cd529cdb973c2b0.gif
IP 3.36.126.81:0
GET /images/62f786e81cd529cdb973c2b0.gif HTTP/1.1
Host: img.cuphf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
cache-control: max-age=3600
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/data.php
20.205.43.35200 OK 0 B URL HTTP/2 mang.tiryakioyun.com/news/data.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /news/data.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:50:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2