r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19306
Expires: Tue, 15 Nov 2022 13:24:04 GMT
Date: Tue, 15 Nov 2022 08:02:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5290
Cache-Control: max-age=100629
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:18 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:59:27 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8089
Expires: Tue, 15 Nov 2022 10:17:07 GMT
Date: Tue, 15 Nov 2022 08:02:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 07:44:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1074
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3vSvIVWbCNiNvEKfdxMQfXptULNq+hQcB2kj2uInA2m8Q+73B+YQAnBK6WVK1p/zuvmXLV+w24nmWyTmOisyvA==
x-amz-request-id: 9ZQTY4E2Q7CKC3ZJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 07:51:28 GMT
age: 650
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
shjtdzsw.com/
104.253.92.70301 Moved Permanently 0 B IP 104.253.92.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: shjtdzsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 15 Nov 2022 08:02:18 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.shjtdzsw.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 07:44:48 GMT
cache-control: public,max-age=3600
age: 1051
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.shjtdzsw.com/index.php
104.253.92.70200 OK 805 B URL HTTP/1.1 www.shjtdzsw.com/index.php
IP 104.253.92.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 51f064b025171c2e873a65549f4953ed
b04ec94d9ceec08542f4a7393e003af65838905d
2f09795fccd827ec9b21cae106889bf2e8e7fe6dd9415d02d54f605a41fa2843
GET /index.php HTTP/1.1
Host: www.shjtdzsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 08:02:19 GMT
Content-Type: text/html
Content-Length: 805
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6239
Cache-Control: max-age=96521
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:19 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:51:00 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.shjtdzsw.com/common.js
104.253.92.70200 OK 634 B URL HTTP/1.1 www.shjtdzsw.com/common.js
IP 104.253.92.70:0
File type ASCII text, with CRLF line terminators
Hash 728aa574f013911577b587409d1ee76a
9e877ecfffb61cbc9ecb2b3749a488551195c5d3
cd69dc21f5ae544eccf8973803ba58f2128bf750797e045617563ed3132a71d8
GET /common.js HTTP/1.1
Host: www.shjtdzsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 08:02:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.42.148.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.148.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O1USyh5uzYqDsd7MyQuOwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w4fjUiQGLun+6A13uT2Kjd/NmeA=
www.shjtdzsw.com/tj.js
104.253.92.70200 OK 537 B IP 104.253.92.70:0
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 923c34c289875463dadbb982cc2118af
1eca108bc258daef3697b913349838de21a95761
2bdf6225cb0510bc7fe794613d5160e74b18df675a3cc08d74062fc4f87b0f4c
GET /tj.js HTTP/1.1
Host: www.shjtdzsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 08:02:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 15 Nov 2022 08:02:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.jiakaigongsi.com/news/data.php
104.233.145.245200 OK 47 B URL HTTP/1.1 api.jiakaigongsi.com/news/data.php
IP 104.233.145.245:0
File type HTML document, ASCII text, with no line terminators
Hash fc85f8ae73e9115d7d0db8bdb3049f87
ea85207ece10f485dfafc746433640e1a00a2465
06e8aab0f94e607266dfee3aa62468025bd845498f0912b9dd9b87a0832f3569
GET /news/data.php HTTP/1.1
Host: api.jiakaigongsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 16:10:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
api.jiakaigongsi.com/news/api.php
104.233.145.245200 OK 188 B URL HTTP/1.1 api.jiakaigongsi.com/news/api.php
IP 104.233.145.245:0
File type ISO-8859 text, with CRLF line terminators
Hash 7e750f605adfc363c1d72e4703fab5e3
b8fa626cdda955ecfa3c9159393a0138b3a03608
7356a94d03eb93203c584a2e295f638e96486be84225b420c8ef86beea873ea8
GET /news/api.php HTTP/1.1
Host: api.jiakaigongsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.jiakaigongsi.com/news/data.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 16:10:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 15 Nov 2022 08:02:20 GMT
Etag: "4078521116"
Expires: Wed, 15 Nov 2023 08:02:20 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F84CE5D1D09552AEE8560C60B0EA6149:FG=1; max-age=31536000; expires=Wed, 15-Nov-23 08:02:20 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16638
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 08:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16638
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 08:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16638
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 08:02:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94c82cd0e4204ea23b9bd86a3f576fa8
1651325ad361d1c86a4b81edb6b75af27f490a39
0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8025
x-amzn-requestid: c876c502-bde1-4c03-a946-7af2117240ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bg3EUF0foAMFfyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63703881-0594a8076fb64f570f824ad1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 00:21:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eWpoQ8Bkfez0fw2HBZVlPIWIrtjeS6i6V-Dn0NthrKeeDYQEYq62kQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:49:06 GMT
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
content-type: image/jpeg
age: 36794
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edc9d97a2396dfc326736cb9b2b3b474
2c5a98ad27133575ef4fa48a8ff379ee5ad51490
a89e1e9a13b72b0a826ed77a71ec92ac5548a996f6c17b11a4c002480a429333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7873
x-amzn-requestid: 4a968a3c-c6ca-4d18-83b4-6a1d42e85fee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bef9SFIMoAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f46bb-2cd01e7d191b3eda7d743866;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:09:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jjir5UM8aqq3T3akiZx_aAcsWL5GDKBnaPA_cDlM2e9Ce6oi-wGEQA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 08:21:23 GMT
age: 85257
etag: "2c5a98ad27133575ef4fa48a8ff379ee5ad51490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14d5eaa5fe940564f077ca611f6e3fbe
032b8bfc63294a55ff49ee7186768bd9728ce103
7bed85f8f78ba7e1fad560d0ea311a65bff33aaf5f3226bef392ddc10f52d620
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12942
x-amzn-requestid: fd589c13-7784-4e3a-b928-908fd2b8f98a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8hgHQvIAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-29db9a7832efa131593951f2;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lXz-TMhQewc6QT-NkFor90WG90GBJKPQVRVc2UjO8Z2FpFWVde2zsA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 07:49:51 GMT
age: 749
etag: "032b8bfc63294a55ff49ee7186768bd9728ce103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: 5261109d-ca5e-4b77-b0a2-17b634a51fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtpFvRoAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff0-570bdfbd329fe34b47d8c7a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8XeCtd88wwfynTV2w67E7r__KCAAIAsfv7sg67o_HSehIsIBae_SkQ==
via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:01:21 GMT
age: 14459
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 00:41:48 GMT
age: 26432
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18dc101656c2e449e5f54ff7b7fb10b
d5ba3b6a069a74b5db3560a265728e627f6fe18d
53a73577e37651a936a5841fe06e40475e06ce6fa9e14fc0590ddc7aba421dd2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4394
x-amzn-requestid: fd389a5e-b816-4bd8-a073-2f52fea5bfab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhtFfnIAMF1rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b471-133a3285137912af436daffd;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6i-blK0B05DT_CvizlmYpcDTpDV8IZLOIrukIQPW6FISAuXa1T0FdQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:53 GMT
age: 36987
etag: "d5ba3b6a069a74b5db3560a265728e627f6fe18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 306
Origin: http://www.shjtdzsw.com
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
HTTP/1.1 200
Server: CloudWAF
Date: Tue, 15 Nov 2022 08:02:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=0bacd15619da797492bf; path=/
HWWAFSESTIME=1668499335754; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.shjtdzsw.com
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 71148d7a8a2080e5c7764e3e8f9c55ed
4c79dcf0a2ff5e2dc098efd6d077be9f3c97df37
4149d255e2109e74d08fc3fa1b898880141771a7347c5df0e19452f5ce34bf6f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 06:21:14 GMT
ETag: "4c79dcf0a2ff5e2dc098efd6d077be9f3c97df37"
Last-Modified: Tue, 15 Nov 2022 06:21:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3213
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a676d098a4b518-OSL
www.shjtdzsw.com/favicon.ico
104.253.92.70200 OK 1.2 kB URL HTTP/1.1 www.shjtdzsw.com/favicon.ico
IP 104.253.92.70:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.shjtdzsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/index.php
Cookie: __vtins__JXlRE0uM0Z0y7g8p=%7B%22sid%22%3A%20%22e126d5b2-9637-5ad3-91aa-9845ed4e09bb%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201668501140024%2C%20%22ct%22%3A%201668499340024%7D; __51uvsct__JXlRE0uM0Z0y7g8p=1; __51vcke__JXlRE0uM0Z0y7g8p=54c1f702-6088-5a15-8ba5-a9900f54106f; __51vuft__JXlRE0uM0Z0y7g8p=1668499340029; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%22c89eb754-cc2c-5753-8bae-afadf862ff11%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201668501140039%2C%20%22ct%22%3A%201668499340039%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=310ca01f-8927-5125-b8f2-b9d50b349cfa; __51vuft__JdQpk0p36jq0lsZj=1668499340041
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 08:02:21 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 20 Nov 2022 08:02:21 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.shjtdzsw.com/index.php
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.shjtdzsw.com/index.php
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.shjtdzsw.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 15 Nov 2022 08:02:21 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 352a761cb90656ca55bd297cef6f9c98
66da61ad72a3376f81c1f23423ad94a625bb57e6
dfc7bd78494b2455274edcd5ea60a0b0705873496427fade1397c834aa679b32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFC7BD78494B2455274EDCD5EA60A0B0705873496427FADE1397C834AA679B32"
Last-Modified: Mon, 14 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Tue, 15 Nov 2022 14:02:03 GMT
Date: Tue, 15 Nov 2022 08:02:21 GMT
Connection: keep-alive
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 025aaefc2f10564e47a1949c9583da66
edb195817632ce666bb4c611a2ea43fa4264f393
eabbafd34ad0fe436b077f3ff366a06598ca4f55c0e418ee72b4c0ecb3d0dad6
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 08:02:21 GMT
Etag: 6e7593267335773fcfc9fef2851c9954
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D739C083CA2708C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash a7fa18f58c6aeab42cb1fde50c2a3ecb
2effa8711f6dace47f7398a7bc13d66447b5b69a
0b0d09b663e4f50ca674fca617cdd4e09f2054884ec0fda16cf8e95cff014df8
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 08:02:21 GMT
Etag: 704150e3a84ecfb002e5b1245a46882a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7598BA8294267F88; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 305
Origin: http://www.shjtdzsw.com
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
HTTP/1.1 200
Server: CloudWAF
Date: Tue, 15 Nov 2022 08:02:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=92489d48096d5e35249; path=/
HWWAFSESTIME=1668499337704; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.shjtdzsw.com
Access-Control-Allow-Credentials: true
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=651655290&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=43777&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.shjtdzsw.com%2Findex.php&tt=%E9%9D%96%E6%B1%9F%E6%92%BC%E5%91%9C%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=651655290&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=43777&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.shjtdzsw.com%2Findex.php&tt=%E9%9D%96%E6%B1%9F%E6%92%BC%E5%91%9C%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=651655290&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=43777&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.shjtdzsw.com%2Findex.php&tt=%E9%9D%96%E6%B1%9F%E6%92%BC%E5%91%9C%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 08:02:22 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=02B556E7FDEE7880; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1262926704&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=43777&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.shjtdzsw.com%2Findex.php&tt=%E9%9D%96%E6%B1%9F%E6%92%BC%E5%91%9C%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1262926704&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=43777&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.shjtdzsw.com%2Findex.php&tt=%E9%9D%96%E6%B1%9F%E6%92%BC%E5%91%9C%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1262926704&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=43777&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.shjtdzsw.com%2Findex.php&tt=%E9%9D%96%E6%B1%9F%E6%92%BC%E5%91%9C%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.shjtdzsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 08:02:22 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0DDFBA3C9D863B06; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.niumo282.xyz/static/images/hot.gif
104.233.148.44200 OK 254 B URL HTTP/2 www.niumo282.xyz/static/images/hot.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
104.110.17.24200 OK 894 kB URL HTTP/2 dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6892440
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Tue, 15 Nov 2022 08:02:22 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101e12000a4ofel47FE8.gif
104.110.17.24200 OK 322 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101e12000a4ofel47FE8.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322063 bytes)
Hash 3d561aec4b19499cbe6caa3a4da86ced
993594495bb645712cc8c7f2632b01fc88aa72dc
76c31c00bbca98c29b1a488216310f2a510860be279f455019c15f4ee594dd38
GET /images/0101e12000a4ofel47FE8.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 322063
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14416910
expires: Mon, 01 May 2023 04:44:12 GMT
date: Tue, 15 Nov 2022 08:02:22 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=12011122
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Tue, 15 Nov 2022 08:02:22 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95d7e9c7c5c9ce85a27870aa6096064a
a6223461128bbe49ca8f4f67e502bd6da91811a8
c85882282a3075b379dd7f64c229b60dc2e8bc4f11d4edf4755cfbf1c5c05ed1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C85882282A3075B379DD7F64C229B60DC2E8BC4F11D4EDF4755CFBF1C5C05ED1"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15000
Expires: Tue, 15 Nov 2022 12:12:23 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95d7e9c7c5c9ce85a27870aa6096064a
a6223461128bbe49ca8f4f67e502bd6da91811a8
c85882282a3075b379dd7f64c229b60dc2e8bc4f11d4edf4755cfbf1c5c05ed1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C85882282A3075B379DD7F64C229B60DC2E8BC4F11D4EDF4755CFBF1C5C05ED1"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11645
Expires: Tue, 15 Nov 2022 11:16:28 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7426150
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Tue, 15 Nov 2022 08:02:23 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e329432ad3ade706bedd8efaea0f5b3
b1d819b19438f4f0c0e2eea4b53631315b8c488b
0f7c40667a14cbedef0685c60da735d4dd89a8ff6ae330c6e96fe539d60c3980
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F7C40667A14CBEDEF0685C60DA735D4DD89A8FF6AE330C6E96FE539D60C3980"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21404
Expires: Tue, 15 Nov 2022 13:59:07 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e329432ad3ade706bedd8efaea0f5b3
b1d819b19438f4f0c0e2eea4b53631315b8c488b
0f7c40667a14cbedef0685c60da735d4dd89a8ff6ae330c6e96fe539d60c3980
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F7C40667A14CBEDEF0685C60DA735D4DD89A8FF6AE330C6E96FE539D60C3980"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21404
Expires: Tue, 15 Nov 2022 13:59:07 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
www.niumo282.xyz/dingbu.html
104.233.148.44200 OK 233 B URL HTTP/2 www.niumo282.xyz/dingbu.html
IP 104.233.148.44:0
File type HTML document, ASCII text, with no line terminators
Hash 8c17c65f19e8ce3d3088b625c2a0164e
de62cdabda53da7489fffbd145b522cde3535969
57ea37f5b447c532a11e3d220061f65d002060b74036ba8b797d7be93f7c3f94
GET /dingbu.html HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: text/html
content-length: 233
last-modified: Sat, 12 Nov 2022 15:06:28 GMT
etag: "636fb674-e9"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvmaa.com/2bce8945ac6ae3579798b563e15db7a0.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/2bce8945ac6ae3579798b563e15db7a0.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2bce8945ac6ae3579798b563e15db7a0.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo282.xyz/smbaidu/dibu.js
104.233.148.44200 OK 7.3 kB URL HTTP/2 www.niumo282.xyz/smbaidu/dibu.js
IP 104.233.148.44:0
Hash 61173f87072add4bd60dcaff2182b401
c03beb4e053f49c9ed62c745c12b6e1def16bdef
a95ffc3f81ab45b03b8954e1e6499d29872e7786af505588702dd033fdccdc3c
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvmaa.com/e9e36b33a2faa7c72800b6aef61229ac.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/e9e36b33a2faa7c72800b6aef61229ac.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e9e36b33a2faa7c72800b6aef61229ac.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/e9e36b33a2faa7c72800b6aef61229ac.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvmaa.com/e27e16f06bd973f89ff8eb016904fb5c.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/e27e16f06bd973f89ff8eb016904fb5c.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e27e16f06bd973f89ff8eb016904fb5c.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 4e189a7929a652b8bcbf9228427bb718
9fb41f71ba14dc4f4e1da3cbad6a2035d482506f
00e3b4d91b820c143d04c484b0f041fce0849dad1de5e79bfb37674bf9de51d3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 19 Nov 2022 04:24:34 GMT
ETag: "9fb41f71ba14dc4f4e1da3cbad6a2035d482506f"
Last-Modified: Tue, 15 Nov 2022 04:24:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 589
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a676defa98b518-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d60f363be2b73b16c288292a40fc8991
87c6a9a4298211d0110f14321e0a1c5aa498bded
ba2398716a7f64ac8b45ba289b337124a331ac6d870fc1c5bdd1d904bd118491
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BA2398716A7F64AC8B45BA289B337124A331AC6D870FC1C5BDD1D904BD118491"
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Tue, 15 Nov 2022 08:38:38 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcafd732ed686107f45af30a1fc56fb2
4232ffcae1a9288b722a46677420a363c925d929
01924f3e16d32b1fb634e5187544ce22e590859da9373331a0ef275915103b3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "01924F3E16D32B1FB634E5187544CE22E590859DA9373331A0EF275915103B3E"
Last-Modified: Mon, 14 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16120
Expires: Tue, 15 Nov 2022 12:31:03 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
files.imgopen.vip/uploads/2022/10/20/6350f32333f55.gif
104.21.68.49200 OK 279 kB URL HTTP/2 files.imgopen.vip/uploads/2022/10/20/6350f32333f55.gif
IP 104.21.68.49:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 279 kB (279126 bytes)
Hash bb4674d6d7768a797ce7bcf2e91a1883
755f1d89868ee8d022e6c6217e8bc05df15036d0
bc4250c8a9d0600a1628bf9ac93b3dc093405cf818ab24133152a304342e0e75
GET /uploads/2022/10/20/6350f32333f55.gif HTTP/1.1
Host: files.imgopen.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 279126
cache-control: max-age=14400
cf-cache-status: HIT
age: 2133
last-modified: Tue, 15 Nov 2022 07:26:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvqDGuDA09HaxjPhzywhIUmCAeBpkrjSA81V6H0saChCktwfMiFrB5Zk0iwhJPZmPkqCKQYSd1uxd%2BR0I5CCNJ%2Bt99b3N9OOtSb%2Ba%2FBQF%2BfzVt1gL3nb%2Br%2FHuAJG5VTKyrm5EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676df4b200b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 99502209bc5084a3e525a4df0a21b0cb
27e8c523741948ea85c7ffd83316a2669e81d4de
0a91da16a39de1df3f18df972395607e06c6add3bd10d0c43c97d378141a5554
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0A91DA16A39DE1DF3F18DF972395607E06C6ADD3BD10D0C43C97D378141A5554"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4359
Expires: Tue, 15 Nov 2022 09:15:02 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.148.44200 OK 11 kB URL HTTP/2 www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.148.44:0
Hash 11ea304b97aa73644b04caa5b8130c23
998bd9b6225999ea78c96963e543ef0c8c5a721f
1cb14f959ff394d8eedb48e8032eec693952794375da04d771f006cad05ca7bb
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f30162c05b3b42b75886d15e2add022
f4be80ee5f41f4390fcb32636d2c8e8e20c6cc83
bbf04289c998fbfef7806c643f99b296e32788a3bf9fe7c96128e92c1e96d429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BBF04289C998FBFEF7806C643F99B296E32788A3BF9FE7C96128E92C1E96D429"
Last-Modified: Sun, 13 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Tue, 15 Nov 2022 14:01:41 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/baerw35s3r11110baerw35s3r1481587.jpg
172.67.28.138200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/baerw35s3r11110baerw35s3r1481587.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb578a0f9d744ba12f8a7bdff6d7d759
6121b2915a190ba5ba98e200150973ab681b3a32
fa04d262e18761526879a9aa8f95c29e7e02c923476868c73ea196441c0cd7c0
GET /upload/vod/2022/11-14/11/baerw35s3r11110baerw35s3r1481587.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/webp
content-length: 7364
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8336
content-disposition: inline; filename="baerw35s3r11110baerw35s3r1481587.webp"
etag: "6371b1b8-2090"
last-modified: Mon, 14 Nov 2022 03:10:48 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6591
accept-ranges: bytes
server: cloudflare
cf-ray: 76a676dfa83efac8-OSL
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash eec0a4c90cc09412b22b079c4ab179c5
3a4412a1ac9d0b865c43f105d49ea2d727d38d0d
6b7a2019ae4e88e65796188ded63249a91752adb8d2cba3a8752308d363bee4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5559
Cache-Control: max-age=155236
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "6372ed3c-117"
Expires: Thu, 17 Nov 2022 03:09:39 GMT
Last-Modified: Tue, 15 Nov 2022 01:37:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d7dd8322248b6e3d047bc4c8350a3a5
9af3b349da79065500028ec7c5326c04c80c1bd5
877d1f72baf0b3ecd78ac2291475f6d095f0da3e9322f6053860194e3176daad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "877D1F72BAF0B3ECD78AC2291475F6D095F0DA3E9322F6053860194E3176DAAD"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1575
Expires: Tue, 15 Nov 2022 08:28:38 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
104.21.233.216200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Thu, 08 Dec 2022 22:13:56 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 553707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFGGYnsXPoeCp7KUYBhhBiOISitzQpbKK1NZlOgun9IVsUnVMPhd%2Ff4jhG13y%2ByjIYcOXasKw4LrnZYLIpWlVwi7AEDNwmV8RX9xCNFFaKoYF3IBJWD0GbJuUqAa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676df6d67768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/3bhviqctowd.jpg
104.21.235.63200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/3bhviqctowd.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4259fbcc749569949abd1d578eedd29b
127b1964ea312bf8367341bd522f35e294b137c6
c6c456a699c8ccb21d85c9a257271c997f43fb9745e677b8187d4258897eb502
GET /upload/vod/2022/11/3bhviqctowd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 13084
cf-bgj: h2pri
etag: "637205f6-331c"
last-modified: Mon, 14 Nov 2022 09:10:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6155
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkY5kG61KP5Pc%2BYpPNmnvtZQURxsdBjWC%2BTLGV6bvOs34lm6k3kmo3xyvgHNq7PecGAqfC0RtqBAfLCr%2BEofKkzMiAu70oQFkav9cKlhtcAlpOpJZUWCi3LsDLUdMXpLo8PT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e00b0906a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/vatznfd2kfk.jpg
104.21.235.63200 OK 8.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/vatznfd2kfk.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8855b5baca23f07e46e186d2e4031ee3
a804c99608ef9e3cad43c30365bc10f167e0fb74
1f07802c45b562fd76ac6ff9151b3e30502e1624f22cb68e2a7bb143ce477a5a
GET /upload/vod/2022/11/vatznfd2kfk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 8071
cf-bgj: h2pri
etag: "637205fb-1f87"
last-modified: Mon, 14 Nov 2022 09:10:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLwYKLEjYviCNk8JjqHf2lUjCbMX2BFIVmsLBXuA82IFHOP0%2BUt2cWYu5VR7NpUDDdsMxcGRK2ZJtKwnR7EyaI4l39Ze0%2Fz2bXEFS9nV89M2MYnfio9OhwgB4cQji5hM88Gk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e00b0a06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/2diymshgwuv.jpg
104.21.235.63200 OK 6.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/2diymshgwuv.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash edc5cd5a42afa85b83a2400b328f2949
c6ca349ac247046a6bb105037259b20969d6b95e
b7674da105420f9db5c2f48488310eb17c43fc71a4a1264d2a30c9298c635a74
GET /upload/vod/2022/11/2diymshgwuv.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 6482
cf-bgj: h2pri
etag: "637205f0-1952"
last-modified: Mon, 14 Nov 2022 09:10:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtKmqSPjcN4nTolMwu0xkGtT96Vf0tsBbpf99%2Fs3A1ZCXsHXx2ROxjRLqHgdeE%2BhLyAnx1W0D8YwuR3m1dywn62NyfNgtYn41miwr1i%2FWLI0%2BHSqB8Chdc2Qq1ymXWZYsf4x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e00b0606a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac53baddc24faccaaf862e30661842c1
36728a5c8767f1aa1c6f1bb6489ab5e54366c4bf
26a16568c06691338936c30a0803a4cf7094136cce5dad1889b7a493302e2033
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26A16568C06691338936C30A0803A4CF7094136CCE5DAD1889B7A493302E2033"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4465
Expires: Tue, 15 Nov 2022 09:16:48 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f363d70c115259a729dc3824b3438efb
4221d47f5b571ff4f11298a71c7a74e4e4a8b863
3a30cfa1ebe48d3375c50334059bc808fe0a7c377face5d9850d3f87ecc4d9db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A30CFA1EBE48D3375C50334059BC808FE0A7C377FACE5D9850D3F87ECC4D9DB"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5380
Expires: Tue, 15 Nov 2022 09:32:03 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/11/kxwtfzqr04e.jpg
104.21.235.63200 OK 7.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/kxwtfzqr04e.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 94f679d0547e47fac13ab43a01de4bc9
3755a6707d210bc17c4d365b1dca7f128ddce747
ebbd30a101fa813589050098e769c09c3175f7195b10c1f567449c662a56e4fc
GET /upload/vod/2022/11/kxwtfzqr04e.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 7097
cf-bgj: h2pri
etag: "637205f3-1bb9"
last-modified: Mon, 14 Nov 2022 09:10:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BMeISOneSPuwZS4yioyyHrRTK4Jf5LckmOSnB6DWa8Y2ioOC69%2FQvDWflulSX1ArcVaEsoIhOQ2z3S1kP%2B3p2J4WSjnC3ZxEL%2B6%2FeL1AO3SJ%2Bh1I7KP2NVzSIitxy80pD4g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e00b0706a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b7308f45a57b942bea99cb3ee4237ad9
ae5725cac0b786c70675d48abb79f0756ec5ed33
5b9601f6aa87292641d12c8161c980569db102e9a14dc01fa76b8a44586180ba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 22:54:39 GMT
Expires: Sun, 20 Nov 2022 22:54:38 GMT
Etag: "ae5725cac0b786c70675d48abb79f0756ec5ed33"
Cache-Control: max-age=484934,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676df0995b4fd-OSL
fmtu.netfhtu.com/upload/vod/2022/11/xwedtqhcnqe.jpg
104.21.235.63200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/xwedtqhcnqe.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 694ae87aa34b834fb2d0dbf195cddb81
a8b1f21ab7d56e26cf0fadc2d98730704b202c3a
871528c6d6652abf87d96c1aae6cac132ba5dd7d6220f572df3549e3f353918c
GET /upload/vod/2022/11/xwedtqhcnqe.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 8172
cf-bgj: h2pri
etag: "637205e2-1fec"
last-modified: Mon, 14 Nov 2022 09:09:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5680
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YBC19EVJTGMfDjFmijn24SPjLmgEsn3I41WB%2BofvDkPuzOKY7nS7irurd01qGa4k0IvAN8bNkfMKhKVnt3B92QHBbpSSDbDcFWfc1qpOLOiTpL6CCQ5Ltnhb%2FmiYlyolIX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e00b0406a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/5whh2snzzlg.jpg
104.21.235.63200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/5whh2snzzlg.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 951c7c8bd9091059c5a72e61fded149f
9b0d70e00ffc6465567ece7e73e075bdf42d2ebf
14bf22f8657eab585951b3caf32806afa8a2297f63bdd0c9704e2538a7ed2226
GET /upload/vod/2022/11/5whh2snzzlg.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 8985
cf-bgj: h2pri
etag: "637205d8-2319"
last-modified: Mon, 14 Nov 2022 09:09:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5680
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taDeOCd1CGWT9fZJVy7I%2F2%2FuSa4Uzq5smQPIg5zzfWJ%2BYHujjHRhW00LcJdlHSvlssbFmY6BGTnpCuI7OZC1ZpGUGDMVc%2FTOZBX0KlAxL%2FpJ%2B4N1u3elCOFZDXeAyw0TGV3e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e02b1a06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/jwl53c204k2.jpg
104.21.235.63200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/jwl53c204k2.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cec7c91f04dd55f2378cd93cb02cbb82
a94b3e7b7cd919a8a29c09fdb3bef0a7ffd27558
b4c28dcb3aa84402d4057948bfbd1d3e7fd9226680e0ceabb621f22e6a17f9fb
GET /upload/vod/2022/11/jwl53c204k2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 7440
cf-bgj: h2pri
etag: "637205eb-1d10"
last-modified: Mon, 14 Nov 2022 09:10:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5680
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10buyfpKXmaNJfws9%2BAolr%2BtnF%2FgvIjuI4pVUAusnYXLZJDxDn46ZRRf8lLJOZ%2FKP5kfs8I%2FEx4YV59T90QLPpHXkEOWMpAejLMf5aAAOn5GDLai3rL4V18DQFufThINiEBc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e02b1e06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/j4cytfd100g.jpg
104.21.235.63200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/j4cytfd100g.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cdf5dc39601da405d2777fcf1ed360b9
9a1475b904c845a35a2b36587092d3d4d341bbc8
4e5a93de01ee34856a6ad890de26dd8ae807c5bebb277871069194f862f6dcd1
GET /upload/vod/2022/11/j4cytfd100g.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 8680
cf-bgj: h2pri
etag: "637205d4-21e8"
last-modified: Mon, 14 Nov 2022 09:09:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6466
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQN1ENEwenpaf1qErx6b8dCyhSXr34SOoMg%2FgrOWuhzGdrNNSPP%2F4gCfjmLLjrjQll6vl%2BMu259F5HFNJI%2BEFRCasvMlk%2FuZT7%2Bj%2BQSancWDUa3jPUNEOr74H9eNcqvfSGOD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e02b2106a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c02d05d2e2dbcd9d2eda09e06f3c3462
12bca427ce26441acd5923453b4a33370d2a600d
d6b73d92f21ae03267c68b2c94d05fc361e7b79f8454635e65ae73cf59871ea5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 08:41:18 GMT
Expires: Sat, 19 Nov 2022 08:41:17 GMT
Etag: "12bca427ce26441acd5923453b4a33370d2a600d"
Cache-Control: max-age=347333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676dffd45b50c-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d60f363be2b73b16c288292a40fc8991
87c6a9a4298211d0110f14321e0a1c5aa498bded
ba2398716a7f64ac8b45ba289b337124a331ac6d870fc1c5bdd1d904bd118491
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BA2398716A7F64AC8B45BA289B337124A331AC6D870FC1C5BDD1D904BD118491"
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Tue, 15 Nov 2022 08:38:38 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 6c75f76a80a9c35d1103ef548bbdf801
a3717a18dc4bbfa7dd45e8c6e674749988896495
e08b84a1a428859b90e826b03bf1a1473f549a56c19a764c7d31be79c3ce3663
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 08:02:22 GMT
Etag: 8c517cfe6dd8f8e0dc01fa54cbb70050
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=17901EA61593BEA5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmtu.netfhtu.com/upload/vod/2022/11/0lrazcajod0.jpg
104.21.235.63200 OK 7.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/0lrazcajod0.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 96afb1ed20be150b408375cee4e894d5
b58c9fbacb74b32363e02d4a41d5c2941ccdacca
24b7720516df83a5a4510eed8dd0487a6f87d68004daee96a382c8083228eb71
GET /upload/vod/2022/11/0lrazcajod0.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 7751
cf-bgj: h2pri
etag: "637205e7-1e47"
last-modified: Mon, 14 Nov 2022 09:09:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6156
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHmecj7b18%2Fy4WiFhD18clZzs%2BsC7h6Ny4d9fP9gnsAZUDPhpv9MhkAalRLHUfO1NgBXyggMMDI%2BbQbNyz9vrNPBwrMzXDO3XQncN1UvdHTAetqvbhuz9Ugm%2BsrfixL%2FTOT%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e02b2206a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/cvph13rp2kp.jpg
104.21.235.63200 OK 7.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/cvph13rp2kp.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c6bb7d935ff17496bc0c2ec49f030acc
dfe7d58abbd2a1ea2725ee60ba0d96063e103d63
01299efc7b7db446bdbdd3cdb4254997fda333bf1d1763c1331e5b0be4560710
GET /upload/vod/2022/11/cvph13rp2kp.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 7490
cf-bgj: h2pri
etag: "637205dd-1d42"
last-modified: Mon, 14 Nov 2022 09:09:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5680
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUgxL%2B9a5z0HmvpY9FSjkfDH2yM%2BX7e3PqgmtXIUzWpozxF2E7fXB7pHb85%2BYA%2BeV5zwdaqkgWbagYPJCrbS%2FkECWhXL1PNDS8Wfqj6si3zZfX3MGClk2C5oHZWrak5%2FJAdW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e02b2606a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c6a0729b00950db19bd19c037897c78
92e155a27ad30f1f596e1a984be9a12a4b35ba7b
e7999017e64bca85a18941277c4090b4be5481405727b8664cd5ab0dc9c94b60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E7999017E64BCA85A18941277C4090B4BE5481405727B8664CD5AB0DC9C94B60"
Last-Modified: Mon, 14 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13487
Expires: Tue, 15 Nov 2022 11:47:10 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
kvhmm.com/1fa0744ab10fb5dce3ff9a16a13016da.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/1fa0744ab10fb5dce3ff9a16a13016da.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1fa0744ab10fb5dce3ff9a16a13016da.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/1fa0744ab10fb5dce3ff9a16a13016da.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/0wobhiwrnft11100wobhiwrnft411571.jpg
172.67.28.138200 OK 3.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/0wobhiwrnft11100wobhiwrnft411571.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8470d7129d8a2edaf8428606d13666f2
f06bc24a28681baabcb5b611b7f2b586f90cbcd7
480192ae7d897803313707ebf721a4a4d66ebe4fc6575673ac14357f89a4df63
GET /upload/vod/2022/11-14/11/0wobhiwrnft11100wobhiwrnft411571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/webp
content-length: 3620
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5492
content-disposition: inline; filename="0wobhiwrnft11100wobhiwrnft411571.webp"
etag: "6371b1b1-1574"
last-modified: Mon, 14 Nov 2022 03:10:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76a676df8832fac8-OSL
X-Firefox-Spdy: h2
kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
172.67.147.13200 OK 186 kB URL HTTP/2 kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Mon, 28 Nov 2022 15:23:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1442325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0MnmhboB%2BVRIQs4bG1XBRlIUwCaCydQxGA%2BF853boae1gqsOoLVWX02NU1GFqcAQcdN%2FDb501nCp5OfqSSKWi8euSl%2FvDdMgMqwG7Wob8muNhyycwyYfsYQifq1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e09813b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 109f72c29d1a9bb181ee8c712efdec16
8281fa96daf43d784997261a5a656686332cf9f7
718528a824f0a0530ec279123ea9ba428c4ffcc07aae815b613db6b78498379c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110416
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "637253df-117"
Expires: Wed, 16 Nov 2022 14:42:39 GMT
Last-Modified: Mon, 14 Nov 2022 14:42:39 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 109f72c29d1a9bb181ee8c712efdec16
8281fa96daf43d784997261a5a656686332cf9f7
718528a824f0a0530ec279123ea9ba428c4ffcc07aae815b613db6b78498379c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2923
Cache-Control: max-age=113339
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "637253df-117"
Expires: Wed, 16 Nov 2022 15:31:22 GMT
Last-Modified: Mon, 14 Nov 2022 14:42:39 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 279
nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
104.21.55.74200 OK 224 kB URL HTTP/2 nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 224 kB (223983 bytes)
Hash 7954e8c77b425e4e872c267c1428cb59
9a107ff658a34cc89f84bdda9e52b831d8f377b1
9522a5366e80b1acc16d442bcc96ccdcd265603fe7fb6a8b58217c7c4386c0cc
GET /e27e16f06bd973f89ff8eb016904fb5c.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 223983
last-modified: Thu, 22 Sep 2022 05:35:38 GMT
etag: "632bf42a-36aef"
expires: Fri, 25 Nov 2022 11:51:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1714226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxrt967a4dH%2BAxFePfRXKo7F6mNIsEOcBv78jPY%2FqkLg0Q%2FpA11xDmze%2FUCBgBUgIgYe8Z7sCnpAgOgvWi6xcpgfkymWRJrcc370Vvy7CsGPJFKUmfO3a%2BOhxfHk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e0caefb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/1fa0744ab10fb5dce3ff9a16a13016da.gif
104.21.233.216200 OK 146 kB URL HTTP/2 kvtfff.top/1fa0744ab10fb5dce3ff9a16a13016da.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 146 kB (145639 bytes)
Hash 91f6b17ea471666e3d7dabce2fa4e8cc
c80f0058972568ffd18fb7e6ff1b4b430fc6972f
33e87e39f87ed7f42dfb27639f4e3023a89e2f4e7a4d3b4b7959664ac1bde7fe
GET /1fa0744ab10fb5dce3ff9a16a13016da.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 145639
last-modified: Fri, 07 Oct 2022 14:54:17 GMT
etag: "63403d99-238e7"
expires: Sun, 04 Dec 2022 18:06:35 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 914148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq8R9TXbcJtabrmnCVYVJxpnWWeshj1lurI3KQueXfvGZdAoOp%2FWUsABrs1qR50DuaCBk%2F3PAAa8lVORv%2BhsuCADa6oLgdxAQ%2BrkxexyL15QvaPdG2GLpaPLRyt%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e0bf1c768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 109f72c29d1a9bb181ee8c712efdec16
8281fa96daf43d784997261a5a656686332cf9f7
718528a824f0a0530ec279123ea9ba428c4ffcc07aae815b613db6b78498379c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110416
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "637253df-117"
Expires: Wed, 16 Nov 2022 14:42:39 GMT
Last-Modified: Mon, 14 Nov 2022 14:42:39 GMT
Server: nginx
Content-Length: 279
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: text/html
content-length: 162
location: https://kvkddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcafd732ed686107f45af30a1fc56fb2
4232ffcae1a9288b722a46677420a363c925d929
01924f3e16d32b1fb634e5187544ce22e590859da9373331a0ef275915103b3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "01924F3E16D32B1FB634E5187544CE22E590859DA9373331A0EF275915103B3E"
Last-Modified: Mon, 14 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16120
Expires: Tue, 15 Nov 2022 12:31:03 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
nvhbbb.top/e9e36b33a2faa7c72800b6aef61229ac.gif
104.21.55.74200 OK 297 kB URL HTTP/2 nvhbbb.top/e9e36b33a2faa7c72800b6aef61229ac.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 297 kB (296709 bytes)
Hash 1f10662b641d9f911415e9ce97fb7fd6
7225c09106f46a72c78baf5bd63d31b266e346fa
6dc6083c13089e59609d1a8c22706230951f10ee29f998aba3c35ba839696dcd
GET /e9e36b33a2faa7c72800b6aef61229ac.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 296709
last-modified: Wed, 31 Aug 2022 05:04:04 GMT
etag: "630eebc4-48705"
expires: Wed, 14 Dec 2022 12:55:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 68820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eanz5Pag6HYO7V538oYqJVI8%2BjWBhaiLswPtbSRmWTfIQ69shpL9mwJ7XQgs%2BB%2FWO8LDpLj7nFtfOn3%2BRxH%2BgQhI7LgGWzHTMrt7UtGBbcer0u87QWfQyievhN3t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e0fb30b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash eec0a4c90cc09412b22b079c4ab179c5
3a4412a1ac9d0b865c43f105d49ea2d727d38d0d
6b7a2019ae4e88e65796188ded63249a91752adb8d2cba3a8752308d363bee4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5559
Cache-Control: max-age=155236
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "6372ed3c-117"
Expires: Thu, 17 Nov 2022 03:09:39 GMT
Last-Modified: Tue, 15 Nov 2022 01:37:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
104.21.55.74200 OK 54 kB URL HTTP/2 nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash 1b0debb707f7274e95ae467969832663
7787ea12e377677eccfcbba7f7fc14b18602ddad
688c201ad0040278d8431382eeeb71ea318699cc7d4ccf167132e5818473d55f
GET /2bce8945ac6ae3579798b563e15db7a0.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 53701
last-modified: Tue, 27 Sep 2022 05:36:32 GMT
etag: "63328be0-d1c5"
expires: Sun, 27 Nov 2022 07:55:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1555615
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmC3GrFeiJ1qYoCnNSY8YlVPvpiTBo4I%2FyYeyFRYO%2FatHhlLflrj9fmLi5eiqrgpyYR1DJ0uTEQMZBZz3%2BsWqBj3iLDXdCgjYgq7WAyh104PfQT27OH%2FCF3FpbIc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e12b5eb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
104.21.233.216200 OK 845 kB URL HTTP/2 kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 845 kB (845033 bytes)
Hash 2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Sun, 04 Dec 2022 00:14:09 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 978494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMKCZDMv%2BT7CfFaREK1%2BYfNcrdBK3cQCZEeYxaY25Mju2h3HtraKa97oBlDcZPorsd%2FNgCwbBjXHE2TeaMM5Qm014ywMmiO5j1pBoEEYerHFkkYUBtO0cY3evSFU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e0cf30768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
104.21.233.216200 OK 383 kB URL HTTP/2 kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 383 kB (383218 bytes)
Hash 4c8d1145a8990f5db374bf490eaaedf3
20a774fba3e70db44f9b247c9cbc36717d1bcb54
a692017bfeefe2bb565d2148c962984df0022cf636e6bebce0d9bfff5dae26aa
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 383218
last-modified: Fri, 16 Sep 2022 11:54:31 GMT
etag: "632463f7-5d8f2"
expires: Sun, 11 Dec 2022 14:20:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 322943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oR9mfVlXL7P4x%2Be70%2FmwCqPdYTOKniCpSiOLFIQqP3UrdbuJZKptLTFTDF6DTmEX%2F%2B8yqrxRkJDlIkIzzvtinq6nxL9jGZN6RngdTlxklW9lW5GpCmbePPYpM7Zg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e0cf3a768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b0ee2e8d2469a8b07b50cfd28c419f0
bc773a6e35dd387b6bf9e758e3fcdbfaf53e064c
b438aa87b104299fa8963dc8b85b082d040a55eeb263c758ee0fa6188b934414
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134926
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "6372b39d-117"
Expires: Wed, 16 Nov 2022 21:31:09 GMT
Last-Modified: Mon, 14 Nov 2022 21:31:09 GMT
Server: nginx
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 46e3f9a8544b2d8beb901bbf728445a2
989810e3c3dab32dd18899212dc05a8c7809767d
ac9e510fa003a2da580f066f99d78bd5973278be0170c2ead6219e12baf7ea46
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:18:45 GMT
Expires: Mon, 21 Nov 2022 23:18:44 GMT
Etag: "989810e3c3dab32dd18899212dc05a8c7809767d"
Cache-Control: max-age=572780,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e0cb6fb4fd-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/b033tafv4se1110b033tafv4se461583.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/b033tafv4se1110b033tafv4se461583.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 81a5254d4b44ff2dcc56a5c9ee0ebb53
598b663ec2b4f594ad24ba053d57816b14f48e1c
3fbaac8680f627f7f9abc0e0c873a603c334636c586e4ca80a28680142d870df
GET /upload/vod/2022/11-14/11/b033tafv4se1110b033tafv4se461583.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 11412
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11901, status=webp_bigger
etag: "6371b1b6-2e7d"
last-modified: Mon, 14 Nov 2022 03:10:46 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676df9836fac8-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c6a0729b00950db19bd19c037897c78
92e155a27ad30f1f596e1a984be9a12a4b35ba7b
e7999017e64bca85a18941277c4090b4be5481405727b8664cd5ab0dc9c94b60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E7999017E64BCA85A18941277C4090B4BE5481405727B8664CD5AB0DC9C94B60"
Last-Modified: Mon, 14 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Tue, 15 Nov 2022 14:02:02 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/u421bpeeuw41110u421bpeeuw4471585.jpg
172.67.28.138200 OK 7.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/u421bpeeuw41110u421bpeeuw4471585.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 12d0421fb9b6f9dc4a1d5e66fa15e9bc
d601c0bad8bb4ea2897c0d735c4389f378b0032a
a6e38e3787e2bba63b1017b10069f9b6741aed85edb8530c33896157e123b389
GET /upload/vod/2022/11-14/11/u421bpeeuw41110u421bpeeuw4471585.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/webp
content-length: 7298
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8248
content-disposition: inline; filename="u421bpeeuw41110u421bpeeuw4471585.webp"
etag: "6371b1b7-2038"
last-modified: Mon, 14 Nov 2022 03:10:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76a676df9837fac8-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c6a0729b00950db19bd19c037897c78
92e155a27ad30f1f596e1a984be9a12a4b35ba7b
e7999017e64bca85a18941277c4090b4be5481405727b8664cd5ab0dc9c94b60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E7999017E64BCA85A18941277C4090B4BE5481405727B8664CD5AB0DC9C94B60"
Last-Modified: Mon, 14 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Tue, 15 Nov 2022 14:02:02 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/5zb1533oci311105zb1533oci3451581.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/5zb1533oci311105zb1533oci3451581.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f5ab8c89a2740c9dee1a92231de5980
837956820a110796fbdd1ee5df960bf212334750
44cda82d12d847538535cbce9033f279c6fd18aa8d4176546a64283fb16b3499
GET /upload/vod/2022/11-14/11/5zb1533oci311105zb1533oci3451581.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/webp
content-length: 11098
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11814
content-disposition: inline; filename="5zb1533oci311105zb1533oci3451581.webp"
etag: "6371b1b5-2e26"
last-modified: Mon, 14 Nov 2022 03:10:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76a676dfc84cfac8-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 109f72c29d1a9bb181ee8c712efdec16
8281fa96daf43d784997261a5a656686332cf9f7
718528a824f0a0530ec279123ea9ba428c4ffcc07aae815b613db6b78498379c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=110416
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "637253df-117"
Expires: Wed, 16 Nov 2022 14:42:39 GMT
Last-Modified: Mon, 14 Nov 2022 14:42:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.147.13200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Tue, 29 Nov 2022 17:58:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1346624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSkZQnWmx1tbnbF9cMJyKnbaXrvWDjObl3Y7gAEN2L%2BSjINy8Rphe9D3v%2FnQbyRlx0zJuuyTbTWiutM1Wi%2FZEz%2BFA8JKC5D5SvQ%2Fy1nauQ3ucp6Q80HL582hP2kh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e1c99ab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/rxffyviyv251110rxffyviyv25431577.jpg
172.67.28.138200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/rxffyviyv251110rxffyviyv25431577.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea709c3c449c5b0e5569df30914db16b
1c6e40d98ad2e8de9133849d3d2dfa3181decbd2
370b7dc34a3c56450fecfbfc1e3e85c62eff0e6acdd6877e5371a9f6af2df1af
GET /upload/vod/2022/11-14/11/rxffyviyv251110rxffyviyv25431577.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/webp
content-length: 5726
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7517
content-disposition: inline; filename="rxffyviyv251110rxffyviyv25431577.webp"
etag: "6371b1b4-1d5d"
last-modified: Mon, 14 Nov 2022 03:10:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76a676dfc853fac8-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/aofqbcg40a41110aofqbcg40a4441579.jpg
172.67.28.138200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/aofqbcg40a41110aofqbcg40a4441579.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aea992c00dcf854a63e234628f724670
6fbbf1b0c43c2ecbd2700a8add7a7d0ce72dc094
f0f9924a0228624438b741f5dc2ee4bda1ede58ab9ae007395a9ebec62248572
GET /upload/vod/2022/11-14/11/aofqbcg40a41110aofqbcg40a4441579.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/webp
content-length: 6294
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7785
content-disposition: inline; filename="aofqbcg40a41110aofqbcg40a4441579.webp"
etag: "6371b1b4-1e69"
last-modified: Mon, 14 Nov 2022 03:10:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76a676dfc84ffac8-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/droiqr5d03a1110droiqr5d03a421573.jpg
172.67.28.138200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/droiqr5d03a1110droiqr5d03a421573.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 99421eebd1146471921dc5efb4584dbe
e583942cd065d711ea097ee7badfd6296f84e512
045842549354cbd69e6a8ed29385fee0dc9b7f23a634c162502f2c651c45fb74
GET /upload/vod/2022/11-14/11/droiqr5d03a1110droiqr5d03a421573.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 9164
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9595, status=webp_bigger
etag: "6371b1b2-257b"
last-modified: Mon, 14 Nov 2022 03:10:42 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676dfd85efac8-OSL
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 498e04b97021ee5e0797227f565987b4
85c5e73a8b52b8377a05fdc3248a76e5cde897d3
e111225bf265d4fa80e7c2abab84014baf444f4bdb82ac55b5e10f0c010e1801
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=173
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
X-N: S
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/fab0npr02mv1110fab0npr02mv431575.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/fab0npr02mv1110fab0npr02mv431575.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 163b1df977bf61754b8d93f6f0db4385
92da9dfbdcd777f75bcd6ff40a01877c9d954212
93a23ae530c966f351fb4c81775240177645a8c7a44ae1c730ff17986e5ed4ca
GET /upload/vod/2022/11-14/11/fab0npr02mv1110fab0npr02mv431575.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/jpeg
content-length: 13040
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13856, status=webp_bigger
etag: "6371b1b3-3620"
last-modified: Mon, 14 Nov 2022 03:10:43 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676dfd85dfac8-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash aa6c78ccb063f95ea94e97c8841893f9
a14959e2da78b2d787827614baadde2b297edfb3
50d82b0f09b23c87f82be3cc8693e86c591d5497009ebe493a700a66cc2f23e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 20:09:45 GMT
Expires: Sat, 19 Nov 2022 20:09:44 GMT
Etag: "a14959e2da78b2d787827614baadde2b297edfb3"
Cache-Control: max-age=388640,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e1cc89b4fd-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45cc6d128e7907e35ed532cdc23f61e7
8585b85e8ed0bdf33abc4868bde47014a9b255dc
738b21edde1a532cd48d0835ef586fb56f5df7093c25cf9582239bbc269a5f54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "738B21EDDE1A532CD48D0835EF586FB56F5DF7093C25CF9582239BBC269A5F54"
Last-Modified: Mon, 14 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18841
Expires: Tue, 15 Nov 2022 13:16:24 GMT
Date: Tue, 15 Nov 2022 08:02:23 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0f980abf35f2d073b139b9326a7b42fc
36598481616853dc24072761963c6b860a35ab35
125ffc3793c25aea01358ff95ba0fde7436a3a9fa3e4f876ec0f27f51b39c8dc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 16:45:16 GMT
Expires: Mon, 21 Nov 2022 16:45:15 GMT
Etag: "36598481616853dc24072761963c6b860a35ab35"
Cache-Control: max-age=549171,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e22cfdb4fd-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash efb2b54fdac9ffda782eeb110490b9ce
77d409c4e0c208baa5198c12c87278ad7b37c698
4e7a76e5b5ccecc6d147109aa0ce88af5ca16a3d349bfb0e95c88dfb47e589e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161924
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "63731d13-116"
Expires: Thu, 17 Nov 2022 05:01:07 GMT
Last-Modified: Tue, 15 Nov 2022 05:01:07 GMT
Server: nginx
Content-Length: 278
3p8801.co/11-960x120.gif
142.0.131.26200 OK 72 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash cc5cbdd2ee9ba6ba73a2a8eac54af20b
a91d908f1b845a347f8b71e36818bce89a9f797d
924bb9a0fde920b243bfb927862deccd4c8d8beff4317118bd1e101f3986b83b
GET /11-960x120.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 71647
last-modified: Thu, 10 Nov 2022 04:24:47 GMT
etag: "636c7d0f-117df"
expires: Thu, 15 Dec 2022 08:02:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.41200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.41:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Tue, 13 Dec 2022 18:34:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 134865
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HF8yVLuoODEQJZi98HAM5IasABFkUhUwlPzcQGA%2FXoN2pHdEHe4%2F9Xe72xiwtjmpR18BvzqSd%2FOTggpAiCRh0HBCGc55P3rnI1B2jL9kDLGYOeSdqhvCs88cgPiF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e1be28774a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1445287765&si=43710706cbe9431ef5bccf7937e9a282&su=http%3A%2F%2Fapi.jiakaigongsi.com%2F&v=1.2.97&lv=1&sn=43778&r=0&ww=1152&ct=!!&u=https%3A%2F%2Fwww.niumo282.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1445287765&si=43710706cbe9431ef5bccf7937e9a282&su=http%3A%2F%2Fapi.jiakaigongsi.com%2F&v=1.2.97&lv=1&sn=43778&r=0&ww=1152&ct=!!&u=https%3A%2F%2Fwww.niumo282.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1445287765&si=43710706cbe9431ef5bccf7937e9a282&su=http%3A%2F%2Fapi.jiakaigongsi.com%2F&v=1.2.97&lv=1&sn=43778&r=0&ww=1152&ct=!!&u=https%3A%2F%2Fwww.niumo282.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 08:02:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1750755DD9C11DA5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 652546c7c32f6938e057985f362e6201
3b09cd23bd9d96193a14f3e09d2f4f3a67513b28
cf85b9e377c888be7cb49ce7e71682d553ae36dd36af72a0be81e20e68b50ae2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 04:05:51 GMT
Expires: Sat, 19 Nov 2022 04:05:50 GMT
Etag: "3b09cd23bd9d96193a14f3e09d2f4f3a67513b28"
Cache-Control: max-age=330806,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e29d9cb4fd-OSL
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash f31ef6790bf0391c8be1a143caa1602c
62343a5f81146cb9a987a6d87c7b2d83f736199d
08df2448e22d4b7deb6aea64c4bf406188a082d6f48daa784afa8cd71d81cbe9
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159017
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "637311b8-1d7"
Expires: Thu, 17 Nov 2022 04:12:40 GMT
Last-Modified: Tue, 15 Nov 2022 04:12:40 GMT
Server: nginx
Content-Length: 471
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash bbd86a19485b90b1fd5d57ee76dc6afe
4a1ba1d11cab7262774f79301624770f7c8fbcd8
53b2633f9e9d3f633e45322996c23b65533e22657ac85d415eeb2538d50825d6
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 07:23:28 GMT
ETag: "4a1ba1d11cab7262774f79301624770f7c8fbcd8"
Last-Modified: Tue, 15 Nov 2022 07:23:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a676e2e80ab518-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash efb2b54fdac9ffda782eeb110490b9ce
77d409c4e0c208baa5198c12c87278ad7b37c698
4e7a76e5b5ccecc6d147109aa0ce88af5ca16a3d349bfb0e95c88dfb47e589e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=161924
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "63731d13-116"
Expires: Thu, 17 Nov 2022 05:01:07 GMT
Last-Modified: Tue, 15 Nov 2022 05:01:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash f991355bb773a75cef3a7ab0cb008a51
f9113a7825047be42d8c89df00e46af27d40fedd
3ae5e232562e8b6f6d1c1bebe59d4b2b178def494dff2b382b56ae42151c9a35
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 05:36:01 GMT
ETag: "f9113a7825047be42d8c89df00e46af27d40fedd"
Last-Modified: Tue, 15 Nov 2022 05:36:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1387
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a676e30834b518-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b0ee2e8d2469a8b07b50cfd28c419f0
bc773a6e35dd387b6bf9e758e3fcdbfaf53e064c
b438aa87b104299fa8963dc8b85b082d040a55eeb263c758ee0fa6188b934414
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134926
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:23 GMT
Etag: "6372b39d-117"
Expires: Wed, 16 Nov 2022 21:31:09 GMT
Last-Modified: Mon, 14 Nov 2022 21:31:09 GMT
Server: nginx
Content-Length: 279
kvkddd.top/bb7f858c0dad171784517c02e7bff891.gif
104.21.233.183200 OK 1.6 MB URL HTTP/2 kvkddd.top/bb7f858c0dad171784517c02e7bff891.gif
IP 104.21.233.183:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvkddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Fri, 02 Dec 2022 05:37:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1131868
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxHiDRqzmee20rRgNxyCuReYt89FpUHjPws8iIRFLaZKjcOWUxeVxGIr1n1Dkb9axqAOgttiLN6%2BBZKCpkPPhw8stKLFblupMDpQZueNgOTlp7BpxesmlsWAwUX5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e29c7075bf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
n0644.com/ff894e643e8e4bc7aad1b9dd9aa8c802.gif
20.255.19.235200 OK 86 kB URL HTTP/1.1 n0644.com/ff894e643e8e4bc7aad1b9dd9aa8c802.gif
IP 20.255.19.235:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Hash ef0cc62ebb1cf803edf48dd63b77c8c8
b3de14b8b8f9c75fb82b52d4d434db20f3f0d866
34278eba78b4da490cb8f9df8b1566148c1ebccec95f2f509946737c58523f14
GET /ff894e643e8e4bc7aad1b9dd9aa8c802.gif HTTP/1.1
Host: n0644.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:23 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 14:45:54 GMT
ETag: W/"6363d422-5ae62"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63566c18d5d70ea474eacf73bab096a6
5d76af6485973806839972ea3d2885dc0527f4a6
ef083a9b50db42e6f35d8c9086e09a710cc347d217fccc8b2913f3d1bfc16954
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF083A9B50DB42E6F35D8C9086E09A710CC347D217FCCC8B2913F3D1BFC16954"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2071
Expires: Tue, 15 Nov 2022 08:36:55 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 306456c5d5a73f6cd8cd63b1d63ba6e6
90f3f988cdaca5933e0be6539668a99db498b099
38eca66cf7f0d4d4bbbf6876773bfcc3ee9a67ca89c7888128d6ce32139a35d6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 00:02:24 GMT
Expires: Mon, 21 Nov 2022 00:02:23 GMT
Etag: "90f3f988cdaca5933e0be6539668a99db498b099"
Cache-Control: max-age=488999,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676df69960b31-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d3794ae01105db39111c1d9a96ecc23
2b9c89d9a7df445c5d94521813fee750171806c5
430bca7bc5fc1aba0cd6d3427f1836698eb6ebc31e54229588863bda491ecf2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "430BCA7BC5FC1ABA0CD6D3427F1836698EB6EBC31E54229588863BDA491ECF2D"
Last-Modified: Sat, 12 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4527
Expires: Tue, 15 Nov 2022 09:17:51 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9416866f75e7800d01675b9a77e4fcaa
cd9c672db046725356a8a44564a9b9d2c4b24fe7
dfa7bcbd629b04134ee5a1a8f8a95c0f768dd96ee6af2ec7ad9b0fdfdd550409
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 02:59:53 GMT
Expires: Mon, 21 Nov 2022 02:59:52 GMT
Etag: "cd9c672db046725356a8a44564a9b9d2c4b24fe7"
Cache-Control: max-age=499647,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e46fb0b4fd-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fbbe11d494773cc724939f4d88cf8978
a9966d5bdca78510c173f32f3e1622da6b4644ec
1d18ae8e85d96becab9c63ac728501ee2d8addd02ff92645869e947f9f571e3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D18AE8E85D96BECAB9C63AC728501EE2D8ADDD02FF92645869E947F9F571E3E"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2948
Expires: Tue, 15 Nov 2022 08:51:32 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 698e22cc7ead1b461e1e4a45c1e0d8e9
be93d65846c92dbcd637e002abfe27cd4f5e3bc5
a1b34861a7a232fc1e16d7756bea5a401a2fb54f4a63c94797b3dbdac95e21c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1B34861A7A232FC1E16D7756BEA5A401A2FB54F4A63C94797B3DBDAC95E21C7"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15038
Expires: Tue, 15 Nov 2022 12:13:02 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
103.170.15.55200 OK 259 kB URL HTTP/2 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 103.170.15.55:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632443bb-3f4d0"
server: nginx
date: Fri, 04 Nov 2022 16:48:18 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 09:36:59 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-45
content-length: 259280
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b266ed9e9ca074f146e3e740289244aa
86c764b681ebb28d61f6a596e1beee4ad2409d30
3abba334723dffa5cef66c8093fe72a45d7c712cd81c705162ab0d778d19aae3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 18:12:20 GMT
Expires: Sun, 20 Nov 2022 18:12:19 GMT
Etag: "86c764b681ebb28d61f6a596e1beee4ad2409d30"
Cache-Control: max-age=467994,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e14e9ab50c-OSL
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: text/html
content-length: 162
location: https://kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
172.247.77.90200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 08:04:01 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Wed, 10 Aug 2022 11:34:50 GMT
Connection: keep-alive
ETag: "62f397da-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1da1290dff64767f01a7a1480ae65fa5
30708f5c7050ebb6f9e6a966e166e92ad2c4d814
1679d64d0bf32f04c5a0e013986e4479702bb44da4584ea54bbb556aa4472332
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1679D64D0BF32F04C5A0E013986E4479702BB44DA4584EA54BBB556AA4472332"
Last-Modified: Sun, 13 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20872
Expires: Tue, 15 Nov 2022 13:50:16 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.16.238200 OK 1.0 MB URL HTTP/2 kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.16.238:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 10 Dec 2022 11:21:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 420076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkyvplB8Qe8LnKP133oS6za%2Fd8pr2sngukZ1%2BySK%2FgKKIpRPEEmelhhEh1renAgQYZG%2FIkWXUgscpPdysyFnlCAIIELfwX%2Fgt66%2FVRpArWGXWoRiOekzsO5V9F01"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e5fa630b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 808b62e352442d2e0861e04f246afc14
db370f5a7a86cfd96ac345b12e3003ee02f8ea6a
2e7c56d521e10e2c8880db7354fda6c2487519a8e6a4fc3fcca3efc068bf1a94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E7C56D521E10E2C8880DB7354FDA6C2487519A8E6A4FC3FCCA3EFC068BF1A94"
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11903
Expires: Tue, 15 Nov 2022 11:20:47 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1da1290dff64767f01a7a1480ae65fa5
30708f5c7050ebb6f9e6a966e166e92ad2c4d814
1679d64d0bf32f04c5a0e013986e4479702bb44da4584ea54bbb556aa4472332
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1679D64D0BF32F04C5A0E013986E4479702BB44DA4584EA54BBB556AA4472332"
Last-Modified: Sun, 13 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20872
Expires: Tue, 15 Nov 2022 13:50:16 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b7e09e01107c43a38e90e36ef4631b52
484e42638b310e6a672b9e3ef8277578ec79938b
b072b58e8610aa416105e90c951f45d210d4eaf57a7c4c4afac5272f40dfe188
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 03:46:39 GMT
ETag: "484e42638b310e6a672b9e3ef8277578ec79938b"
Last-Modified: Tue, 15 Nov 2022 03:46:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3323
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a676e6acf4b518-OSL
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP 142.250.74.3:0
Hash 1d352091d164dea29e2c25e4cdc375a7
667f72395fcbdda458318f1b2e8a10366ec11f87
dbad3c5b677bd5e39b42178db15cad384f0f830fc023fa8729692a9e99b5e7a2
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.154.165200 OK 400 kB URL HTTP/2 kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.154.165:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 418897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESuNtAIXJVAiK6BygE%2FGa9f%2FB4cCk1yLdJtkic46%2FnCCkdJlgC%2FpnsIsorr7vUIoslFdhcKiL8vJMQ3c7N8DaxrQE7RTcqB0Bsji97VNcA6yvaEzizyEx5R2ju3C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e70d22b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash be8bcd8cb1b34d677c1ae9d4e55fe97b
21c67429b3796bb0cac8ad9f204661e060a601d3
7ea323a9e2a8bf141456c1ad38b1658df6e24788d7d60ef7e0386360dce92639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122295
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:24 GMT
Etag: "63728247-117"
Expires: Wed, 16 Nov 2022 18:00:39 GMT
Last-Modified: Mon, 14 Nov 2022 18:00:39 GMT
Server: nginx
Content-Length: 279
kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.58.206200 OK 211 kB URL HTTP/2 kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.58.206:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Sun, 04 Dec 2022 13:12:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 931778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YlpSjLuPhpaguiD0v8%2FRpU0ZrZXYbZUMIzaGQByLhcEz0MxgcnoOgCWJjDUmVQfy9CnVLZUs09iwOKX9tTeHwyPwxCt0uzPhdN2d2wkkiBnORhsLPjiitLEm3xz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e749ebb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
104.233.148.44200 OK 3.4 kB URL HTTP/2 www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP 104.233.148.44:0
Hash 6087ac0c4b95ec2e325481d876d353fd
0147fd7479ebf5edc0d91141b0dcf6e6abd298f2
7888f9367c5be730a05f8793e14c2f77803dfbb82c7d7d184e72d06ffeb84373
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 378
Origin: https://www.niumo282.xyz
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=94524664045a745612b; path=/
HWWAFSESTIME=1668499342835; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.niumo282.xyz
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash be8bcd8cb1b34d677c1ae9d4e55fe97b
21c67429b3796bb0cac8ad9f204661e060a601d3
7ea323a9e2a8bf141456c1ad38b1658df6e24788d7d60ef7e0386360dce92639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=122295
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:24 GMT
Etag: "63728247-117"
Expires: Wed, 16 Nov 2022 18:00:39 GMT
Last-Modified: Mon, 14 Nov 2022 18:00:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b836ec2410f965c29a87b3348a56ec1b
4edf66031e47cffc08869145035649a70fb4b5a5
e93e319080af3b99891869bcdd883fb00a65a567c7712f34812e1ee9bbbe7985
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E93E319080AF3B99891869BCDD883FB00A65A567C7712F34812E1EE9BBBE7985"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Tue, 15 Nov 2022 14:01:53 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
172.67.170.228200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 172.67.170.228:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Tue, 29 Nov 2022 15:27:11 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1355713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUlkF4TO6vEBYPz9QbFnnG%2F06%2B%2Be6flUtgi9YEY9QLMjKpEPMtjwbcBKA3CqrAUL59bHLS5E1VDk9egyXhErfne0whEAvuAvSQlrhPuayLYjX%2BtcXt6P%2FKp1tG20"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e7dc81b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
832793jse.com/498a940e543f40ee89dc52deb0035724.gif
103.170.15.84200 OK 636 kB URL HTTP/1.1 832793jse.com/498a940e543f40ee89dc52deb0035724.gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 636 kB (635680 bytes)
Hash 1cb325d5859a93c29e41953b1089d4ef
ba867d7f6fd51ccf98e3e62b3786b109198ed236
903053e8dc64064819c2c30f1672015877d8cf7f5f2e7ca70ba8060ddda4b8fb
GET /498a940e543f40ee89dc52deb0035724.gif HTTP/1.1
Host: 832793jse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6370e538-9b320"
Date: Sun, 13 Nov 2022 13:48:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 13 Nov 2022 12:38:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 635680
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.148.44200 OK 43 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
gg72a1.com/gg/960x60-2.gif
137.175.13.103200 OK 567 kB URL HTTP/2 gg72a1.com/gg/960x60-2.gif
IP 137.175.13.103:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 567 kB (566629 bytes)
Hash c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90
GET /gg/960x60-2.gif HTTP/1.1
Host: gg72a1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:04:33 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Thu, 15 Dec 2022 08:04:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
573569djd.com/98aa01ba16b240c69e1ec23d9e9d0864.gif
103.170.15.100200 OK 1.0 MB URL HTTP/1.1 573569djd.com/98aa01ba16b240c69e1ec23d9e9d0864.gif
IP 103.170.15.100:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
Analyzer Verdict Alert quad9 Sinkholed
GET /98aa01ba16b240c69e1ec23d9e9d0864.gif HTTP/1.1
Host: 573569djd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6370e649-f90bb"
Date: Sun, 13 Nov 2022 13:52:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 13 Nov 2022 12:42:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-30
Content-Length: 1020091
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0cf9ae5150eeda6e2c50f31a2165876c
fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c
1df1cb393f0b46504888a5e53ebe1e82d91f9b5f0f4dd0182cbc5ea1bc40c3ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 11:50:10 GMT
Expires: Mon, 21 Nov 2022 11:50:09 GMT
Etag: "fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c"
Cache-Control: max-age=531464,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e7dd84b50c-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0cf9ae5150eeda6e2c50f31a2165876c
fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c
1df1cb393f0b46504888a5e53ebe1e82d91f9b5f0f4dd0182cbc5ea1bc40c3ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 11:50:10 GMT
Expires: Mon, 21 Nov 2022 11:50:09 GMT
Etag: "fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c"
Cache-Control: max-age=531464,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e7cc7ab4fd-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0cf9ae5150eeda6e2c50f31a2165876c
fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c
1df1cb393f0b46504888a5e53ebe1e82d91f9b5f0f4dd0182cbc5ea1bc40c3ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 11:50:10 GMT
Expires: Mon, 21 Nov 2022 11:50:09 GMT
Etag: "fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c"
Cache-Control: max-age=531464,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e7d89f0b31-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b836ec2410f965c29a87b3348a56ec1b
4edf66031e47cffc08869145035649a70fb4b5a5
e93e319080af3b99891869bcdd883fb00a65a567c7712f34812e1ee9bbbe7985
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E93E319080AF3B99891869BCDD883FB00A65A567C7712F34812E1EE9BBBE7985"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Tue, 15 Nov 2022 14:01:53 GMT
Date: Tue, 15 Nov 2022 08:02:24 GMT
Connection: keep-alive
u1044.com/d49b1d05f7eb4722ae0647e790ac4c9a.gif
103.189.108.100200 OK 262 kB URL HTTP/2 u1044.com/d49b1d05f7eb4722ae0647e790ac4c9a.gif
IP 103.189.108.100:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 262 kB (262190 bytes)
Hash 1a8e3a0619f31ef8f6c1fc4929b111df
5e0aa3f1847a89e281f54895ec6bdf95a1a907f9
eb28b213fc0196269abe1f9cfb6ce42f8fc3b2d6362828a91ec32fb99c63bfe2
GET /d49b1d05f7eb4722ae0647e790ac4c9a.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6363d408-4002e"
server: nginx
date: Sun, 06 Nov 2022 03:36:59 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2022 14:45:28 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-090
content-length: 262190
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.148.44200 OK 49 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
vjnhby.com/81b3a1d4168744fdb2491b0402b7a708.gif
45.61.212.145200 OK 348 kB URL HTTP/2 vjnhby.com/81b3a1d4168744fdb2491b0402b7a708.gif
IP 45.61.212.145:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347872 bytes)
Hash 1ace5409fd371542532d2c9a27131b87
98c7c29f6d64296235a6be4b8259ffce72fd6691
8794843b5991bae6c5224e7e49f7389e2560098704392c0b10dc621bf38e3113
GET /81b3a1d4168744fdb2491b0402b7a708.gif HTTP/1.1
Host: vjnhby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63415a26-54ee0"
server: nginx
date: Thu, 10 Nov 2022 03:33:01 GMT
content-type: image/gif
last-modified: Sat, 08 Oct 2022 11:08:22 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-15
content-length: 347872
X-Firefox-Spdy: h2
static.yximgs.com/bs2/adcarsku/sku192e341b-32df-4643-bdc1-ec7a6cf1989b.gif
2.21.240.233200 OK 385 kB URL HTTP/2 static.yximgs.com/bs2/adcarsku/sku192e341b-32df-4643-bdc1-ec7a6cf1989b.gif
IP 2.21.240.233:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 960 x 60\012- data
Size 385 kB (384932 bytes)
Hash 6b1533d50f7375dff2f5b3969e7ec1da
6dfd13e56902faedb34a9d2e6d27e51605ddb0f1
2f235ff0c8fd65b40619ef5448206c505716aa41dcee03850c00b1352c986f7c
GET /bs2/adcarsku/sku192e341b-32df-4643-bdc1-ec7a6cf1989b.gif HTTP/1.1
Host: static.yximgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 384932
x-amz-request-id: 99d69be491b84f6b82ba62192e96b084
x-amz-id-2: cW9ze91yHpElou0eXt0LgNDxlrT3nVK5fITcFW9+JaZZvBB5OxqC+4ZQ
etag: "6B1533D50F7375DFF2F5B3969E7EC1DA"
last-modified: Tue, 08 Nov 2022 12:48:20 GMT
x-amz-storage-class: STANDARD
x-bs-object-status: 0
x-kslogid: 668023827918307139
accept-ranges: bytes
x-ks-cache: Hit from 23.192.47.150, Hit from 184.31.15.29, Hit from 184.31.15.71, Hit from 184.31.15.53, Miss from 2.21.240.233
x-mai-cache-status: Y0-L1-0
cache-control: max-age=2116370
expires: Fri, 09 Dec 2022 19:55:14 GMT
date: Tue, 15 Nov 2022 08:02:24 GMT
akamai-mon-iucid-del: 1076937
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-tcp-cca:
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
img.u2659.com/images/636cb962de52f86b7a8a4390.gif
23.225.228.58302 Found 312 kB URL HTTP/2 img.u2659.com/images/636cb962de52f86b7a8a4390.gif
IP 23.225.228.58:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 312 kB (311995 bytes)
Hash a78b1d3c4c374bd5a68ee79cd6a32092
78846daf14c2d75e5a82906ac98bdc199928344f
851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816
GET /images/636cb962de52f86b7a8a4390.gif HTTP/1.1
Host: img.u2659.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://static.yximgs.com/bs2/adcarsku/skuca5e56c1-1961-48c3-8a7f-9f77844558b3.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP 142.250.74.3:0
Hash abefc1d9910f90af978d392a09a3726f
5b1e10cdf4525252718419beb7bc2e3bbcb9ab89
9f87781723e57d53567b0ca31c0b7afa337987ac75bad4ee1d712ca97a39adfb
POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.148.44200 OK 25 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221113/AiMwB1Pk/1.jpg
172.247.50.115200 OK 16 kB URL HTTP/2 askzyimg.com/20221113/AiMwB1Pk/1.jpg
IP 172.247.50.115:0
File type JPEG image data, baseline, precision 8, 480x640, components 3\012- data
Hash aab28e44d5b54e882e63c51581b82c20
21cd641c5a50e78657ed40d66afb9c3de2b2fc00
391505e0a33ae16bfaada0d34a17b5ebcbb4dba548395a2aa06c62a1886f15ac
GET /20221113/AiMwB1Pk/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 15714
last-modified: Sun, 13 Nov 2022 15:42:51 GMT
etag: "6371107b-3d62"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
104.21.235.66200 OK 756 kB URL HTTP/2 kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 104.21.235.66:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 756 kB (755861 bytes)
Hash c2dc0ed33af046deabc8a896c8ca57ca
b4f888334f869de4eb3dddd6b7542b0e2922f36a
c613a49de134cd30594eb822368a4a16eb3de0648b857ad44d872944c4bd407a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo282.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/gif
content-length: 755861
last-modified: Thu, 06 Oct 2022 15:26:58 GMT
etag: "633ef3c2-b8895"
expires: Sun, 04 Dec 2022 10:10:23 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 942721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3mz9tJ37lBXOa1HgrvwCIA6Axoe7jou%2FjNbeWb%2Bjcr2BPcKHpbdH2uV%2FyUVrr5a9L7QM%2F1UuYpu5ku8klkPJGR9EUTyNXsZjm6zW3mdU76WZvWBok31HnQchZNT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a676e9fd58007d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
528791725.com/dbdf4e1d3b274c01832dfbbfcd1a64ae.gif
47.75.19.145200 OK 198 kB URL HTTP/1.1 528791725.com/dbdf4e1d3b274c01832dfbbfcd1a64ae.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 180\012- data
Size 198 kB (198346 bytes)
Hash 97dd12fcbb853c0bd89c0e95b77cf33c
358e1087ed0f9c0fe667395de4fcd61f82639c8d
0fb9b664460cf60425f3ee829f3d55b584756946575fc0537ed4a016b3c11fc9
GET /dbdf4e1d3b274c01832dfbbfcd1a64ae.gif HTTP/1.1
Host: 528791725.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: image/gif
Content-Length: 198346
Connection: keep-alive
x-oss-request-id: 63734790FC567C3735826256
Accept-Ranges: bytes
ETag: "97DD12FCBB853C0BD89C0E95B77CF33C"
Last-Modified: Tue, 08 Nov 2022 15:29:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8518076725563888831
x-oss-storage-class: Standard
Content-MD5: l90S/LuFPAvYnA6Vt3zzPA==
x-oss-server-time: 1
829355rff.com/2e65d17ad597468894cb7aadba54a3a3..gif
103.170.15.75200 OK 580 kB URL HTTP/1.1 829355rff.com/2e65d17ad597468894cb7aadba54a3a3..gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 70\012- data
Size 580 kB (580408 bytes)
Hash 05a42f8d5a1ace1051abd1a2c2fb20bc
8e3030710b21b648de97250ffa0aadb140b802dd
5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f
Analyzer Verdict Alert quad9 Sinkholed
GET /2e65d17ad597468894cb7aadba54a3a3..gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636e321b-8db38"
Date: Fri, 11 Nov 2022 14:48:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 11 Nov 2022 11:29:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 580408
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 523643e85013e3366fd6b2fad18977f0
97fcffd99dca808d2acea9d23f74c3edff4abc22
c626bc2aa4436c762fb8ba12706737b0b227bc0694f06fa68681647e8c2211b1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 07:15:48 GMT
ETag: "97fcffd99dca808d2acea9d23f74c3edff4abc22"
Last-Modified: Tue, 15 Nov 2022 07:15:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a676eb09c4b518-OSL
askzyimg.com/20221113/lof2Ozpo/1.jpg
172.247.50.115200 OK 22 kB URL HTTP/2 askzyimg.com/20221113/lof2Ozpo/1.jpg
IP 172.247.50.115:0
File type JPEG image data, baseline, precision 8, 480x640, components 3\012- data
Hash 1d61851ed3bdbaa503dcaead3343672d
55262688575c9f9d834dedf30f7df98a5bb73d31
796cddc5b6a33a84d78f3c4f331012e7a93df343a42dc9db27950390503fcc1c
GET /20221113/lof2Ozpo/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 22246
last-modified: Sun, 13 Nov 2022 17:17:24 GMT
etag: "637126a4-56e6"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP 142.250.74.3:0
Hash abefc1d9910f90af978d392a09a3726f
5b1e10cdf4525252718419beb7bc2e3bbcb9ab89
9f87781723e57d53567b0ca31c0b7afa337987ac75bad4ee1d712ca97a39adfb
POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
askzyimg.com/20221113/TUZvrIte/1.jpg
172.247.50.115200 OK 26 kB URL HTTP/2 askzyimg.com/20221113/TUZvrIte/1.jpg
IP 172.247.50.115:0
File type JPEG image data, baseline, precision 8, 480x640, components 3\012- data
Hash f2d72a61ec393cc3f488cf7d7c2b5338
21ded7b53000b9e41fa13e0cf1d75f267eba1c96
2aaea1d9e38a08597fd3cc021810fb4f230af9ecfb7f515fa63733c4ef46bf15
GET /20221113/TUZvrIte/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 26353
last-modified: Sun, 13 Nov 2022 16:35:51 GMT
etag: "63711ce7-66f1"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/EDMU1r2k/1.jpg
172.247.50.115200 OK 14 kB URL HTTP/2 askzyimg.com/20221113/EDMU1r2k/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash ab609df25671093683b69bc2e77a1dd9
7f98ca09f9f0a2e8993f1cda3b331c8b85a08f49
986b234577670896434fdf6eb2f038feb25e093b39e9b683b55d9f909385de91
GET /20221113/EDMU1r2k/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 13451
last-modified: Sun, 13 Nov 2022 17:47:04 GMT
etag: "63712d98-348b"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0cf9ae5150eeda6e2c50f31a2165876c
fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c
1df1cb393f0b46504888a5e53ebe1e82d91f9b5f0f4dd0182cbc5ea1bc40c3ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 11:50:10 GMT
Expires: Mon, 21 Nov 2022 11:50:09 GMT
Etag: "fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c"
Cache-Control: max-age=531464,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e7db8db512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a0a5d11f87f0dd6d5d56ba844be5b70b
b2fd9261a4cc700df31feaf838e84e4ec530d41a
626bfd29472a24a3a104a42ec35e6d09eec4bd71b260f01a700337090ae22148
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2708
Cache-Control: max-age=107375
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 08:02:25 GMT
Etag: "63723d6c-2d7"
Expires: Wed, 16 Nov 2022 13:52:00 GMT
Last-Modified: Mon, 14 Nov 2022 13:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727
askzyimg.com/20221113/30fs0k8V/1.jpg
172.247.50.115200 OK 17 kB URL HTTP/2 askzyimg.com/20221113/30fs0k8V/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 50f93c4461c715dded1c318a2cf383bc
686a8566e2afaa522755a1d86b93f00ae891da70
9e9028de9925b21fe14b912693910fca7e580125ab29724d18e7ec2434571898
GET /20221113/30fs0k8V/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 17369
last-modified: Sun, 13 Nov 2022 18:00:42 GMT
etag: "637130ca-43d9"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
ali2.a.yximgs.com/udata/music/music_fa051500db9b4fc9a6b84b1275a14f9e0.jpg
47.246.44.225200 OK 440 kB URL HTTP/1.1 ali2.a.yximgs.com/udata/music/music_fa051500db9b4fc9a6b84b1275a14f9e0.jpg
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 440 kB (439790 bytes)
Hash 07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /udata/music/music_fa051500db9b4fc9a6b84b1275a14f9e0.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 439790
Connection: keep-alive
Date: Fri, 21 Oct 2022 13:10:37 GMT
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 13:10:36 GMT
Last-Modified: Fri, 21 Oct 2022 12:03:09 GMT
x-amz-request-id: 933fefcfc8c646dfb33ec8f6800d7631
x-amz-id-2: fGBhaN0tH5VnuPNHQ9xDmYKsiLe5h0O7L8jDUmN/bfIcoxMhcRLb+YBZMOoV8ps=
Accept-Ranges: bytes
ETag: "07AD6948D174B603A75E166A521BBB04"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666357836916087396
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.225
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666357837
Via: cache46.l2eu95-3[0,0,200-0,H], cache40.l2eu95-3[0,0], cache25.l2de2[0,0,200-0,H], cache26.l2de2[1,0], cache4.se1[0,0,200-0,H], cache4.se1[4,0]
Age: 2141508
X-Cache: HIT TCP_HIT dirn:11:308821360
X-Swift-SaveTime: Fri, 21 Oct 2022 13:26:00 GMT
X-Swift-CacheTime: 31103077
kwaisign: null
X-Ks-Request-ID: 2ff62c9816684993453528263e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9816684993453528263e
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.23.69200 OK 432 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 6373479007D4B9333926CE6F
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sun, 06 Nov 2022 07:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 3
img.u1885.com/images/636661a809d6345f4f98bebf.gif
23.225.228.58302 Found 546 kB URL HTTP/2 img.u1885.com/images/636661a809d6345f4f98bebf.gif
IP 23.225.228.58:0
File type GIF image data, version 89a, 250 x 250\012- data
Size 546 kB (545518 bytes)
Hash e703b6e305d4329be7218dbe01977a30
a945dd3df368fba689704555fefae5e2e745fb20
7202bcebddf613675a9251e6b15373c03e7bfce078dfad843e6f94e7824d5c71
GET /images/636661a809d6345f4f98bebf.gif HTTP/1.1
Host: img.u1885.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://static.yximgs.com/bs2/adcarsku/skue6f42982-9e63-48c5-b2d0-1d5c1d3aaacf.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2
askzyimg.com/20221113/XTZxDRHj/1.jpg
172.247.50.115200 OK 20 kB URL HTTP/2 askzyimg.com/20221113/XTZxDRHj/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 9e85f798b733b59be244e34218af8992
f68551c2b937ade2685591e8185a0c36bc3f315e
7101e2d5e6e65b4a00dbd8cb3af00e379a5d37f161461088c05fbd24a8d4ebf8
GET /20221113/XTZxDRHj/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 19902
last-modified: Sun, 13 Nov 2022 18:26:18 GMT
etag: "637136ca-4dbe"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/9IGgn7V0/1.jpg
172.247.50.115200 OK 20 kB URL HTTP/2 askzyimg.com/20221113/9IGgn7V0/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 286x381, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 4997e8cedffde3751419a1dafdcd89c6
3fa60a35fcc86d1e749de36ae1e5ab18e763f364
35c36023da0e69a37d5cc4d5bf7882f68eb7cf0f24391dab8955ec2f5c622b46
GET /20221113/9IGgn7V0/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 20312
last-modified: Sun, 13 Nov 2022 17:28:26 GMT
etag: "6371293a-4f58"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
www.niumo282.xyz/images/st1dfgtr5thfhyg.gif
104.233.148.44200 OK 870 kB URL HTTP/2 www.niumo282.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: image/gif
content-length: 870065
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-d46b1"
expires: Thu, 15 Dec 2022 16:10:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221113/11PZbGYc/1.jpg
172.247.50.115200 OK 23 kB URL HTTP/2 askzyimg.com/20221113/11PZbGYc/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash b6e160f0d8d24e9371ef0fb403998363
fb0e425ba997eb9991c0c8029877e90733b279ac
5654223a731ebe531d71f5f91b3b6f588111b528607015e00aace4276b0c69aa
GET /20221113/11PZbGYc/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/jpeg
content-length: 22844
last-modified: Sun, 13 Nov 2022 18:10:03 GMT
etag: "637132fb-593c"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/7YjYNwxD/1.jpg
172.247.50.115200 OK 18 kB URL HTTP/2 askzyimg.com/20221113/7YjYNwxD/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash a7aee68b4566de428fb2f44c60063d21
34edb46331b491620629ec55fbf889bd88183e80
ef77b7f4848c78aefab6f499a1f7eac12c3d1b3a6682719d25a537b6773545cb
GET /20221113/7YjYNwxD/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 18329
last-modified: Sun, 13 Nov 2022 18:46:08 GMT
etag: "63713b70-4799"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
616182863.com/5df7107094b446238663a2c1ff7a0e99.gif
47.75.19.145200 OK 68 kB URL HTTP/1.1 616182863.com/5df7107094b446238663a2c1ff7a0e99.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Hash 7fb729164de96495010d31173b4dfde9
48e6c18b318b6dbe66739b2a97b1ca536a260a5b
eb89dbf10519257d735db5ba0731ed566cd5b8fac2a72ffd7bd299a9e8c4c10b
GET /5df7107094b446238663a2c1ff7a0e99.gif HTTP/1.1
Host: 616182863.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: image/gif
Content-Length: 67749
Connection: keep-alive
x-oss-request-id: 63734790FDBA0C3634153451
Accept-Ranges: bytes
ETag: "7FB729164DE96495010D31173B4DFDE9"
Last-Modified: Tue, 27 Sep 2022 08:24:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3572186298259414675
x-oss-storage-class: Standard
Content-MD5: f7cpFk3pZJUBDTEXO0396Q==
x-oss-server-time: 2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0cf9ae5150eeda6e2c50f31a2165876c
fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c
1df1cb393f0b46504888a5e53ebe1e82d91f9b5f0f4dd0182cbc5ea1bc40c3ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 08:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 11:50:10 GMT
Expires: Mon, 21 Nov 2022 11:50:09 GMT
Etag: "fe7c76e806bf0203cc2a8bf4c25818e485c2ec0c"
Cache-Control: max-age=531463,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a676e81a3a0b02-OSL
askzyimg.com/20221113/9Tuuj4RH/1.jpg
172.247.50.115200 OK 29 kB URL HTTP/2 askzyimg.com/20221113/9Tuuj4RH/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash b501973ab60576a225a46c5696b7b076
94b8c9f47420b16e843e4761b53b40ffe8690316
64cb88776e8d64e77d8d765f25f66419001de72ed0b0ab2ca43d8a67d120aa3c
GET /20221113/9Tuuj4RH/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 28966
last-modified: Sun, 13 Nov 2022 18:26:38 GMT
etag: "637136de-7126"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/VLDx0wQj/1.jpg
172.247.50.115200 OK 25 kB URL HTTP/2 askzyimg.com/20221113/VLDx0wQj/1.jpg
IP 172.247.50.115:0
File type JPEG image data, baseline, precision 8, 480x640, components 3\012- data
Hash 31bdd57d9ded317e4198402c3b506e09
be85cef089b4aeeff492e16dcb3e2173b805741f
4f0a8d9903f5921855407872105db8907f7c06ccf1254c51b89fde341bca9678
GET /20221113/VLDx0wQj/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 24948
last-modified: Sun, 13 Nov 2022 16:44:00 GMT
etag: "63711ed0-6174"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 08:02:24 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 637347907E084E3834761C2F
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 1
askzyimg.com/20221113/byYb3KxB/1.jpg
172.247.50.115200 OK 21 kB URL HTTP/2 askzyimg.com/20221113/byYb3KxB/1.jpg
IP 172.247.50.115:0
File type JPEG image data, baseline, precision 8, 480x640, components 3\012- data
Hash a33db90017692c63bfd58b5026fc4fb0
560a8eeb1f1fcb3659861a8f5fcb5daba026a8a7
2fbc8285bde3c5c8ec80af09839211747df5d667f705f563c1ac1bd60cb4946f
GET /20221113/byYb3KxB/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 20822
last-modified: Sun, 13 Nov 2022 18:44:09 GMT
etag: "63713af9-5156"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.148.44200 OK 35 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.148.44200 OK 60 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/static/images/empty.jpg
104.233.148.44200 OK 13 kB URL HTTP/2 www.niumo282.xyz/static/images/empty.jpg
IP 104.233.148.44:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221113/7E7O5kxM/1.jpg
172.247.50.115200 OK 22 kB URL HTTP/2 askzyimg.com/20221113/7E7O5kxM/1.jpg
IP 172.247.50.115:0
File type JPEG image data, baseline, precision 8, 480x640, components 3\012- data
Hash d1c01564e12e31f21364dae736d99e7d
be0c2ec8e1f4eb5fd57789575b97a8acb518e2e4
e43a768c8bdf0fc637833e4eeea978566d7a981be2e366f4f41ed62a6a1075d6
GET /20221113/7E7O5kxM/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 22302
last-modified: Sun, 13 Nov 2022 18:45:04 GMT
etag: "63713b30-571e"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/gcnodCrA/1.jpg
172.247.50.115200 OK 18 kB URL HTTP/2 askzyimg.com/20221113/gcnodCrA/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 24x31, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 8ec1c26062133f6fb37783a323a9ced4
c342d594b3b829805bbad0c3c8d575cc68afdf7c
47eae535e82a5dd0a8a763b20e2382112e0708ab5bb81bc90046e20c99a875e9
GET /20221113/gcnodCrA/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 17605
last-modified: Sun, 13 Nov 2022 16:04:08 GMT
etag: "63711578-44c5"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/69Gwcm1C/1.jpg
172.247.50.115200 OK 21 kB URL HTTP/2 askzyimg.com/20221113/69Gwcm1C/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash ebe5a254779e9ac2adc611a3c2f31d91
de35e9d96aa60be3cb3f8a09ceaec6f137e0cb75
a4b4c7edce9c5cd65e7259a2ac5a2e6d363f480a77e889a520de63c77f5f3cce
GET /20221113/69Gwcm1C/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 20746
last-modified: Sun, 13 Nov 2022 16:06:25 GMT
etag: "63711601-510a"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/k2FY8NFb/1.jpg
172.247.50.115200 OK 22 kB URL HTTP/2 askzyimg.com/20221113/k2FY8NFb/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash cf58fb1cf905eed845fa0b9f30e85180
5863a550fd04683caf179f36883c54ca818a48b9
19149b60204f95fbbdbd75b5b9da943da39e3986c22c5c103073634dab3db547
GET /20221113/k2FY8NFb/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 22501
last-modified: Sun, 13 Nov 2022 18:24:22 GMT
etag: "63713656-57e5"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/iUYyzEmn/1.jpg
172.247.50.115200 OK 20 kB URL HTTP/2 askzyimg.com/20221113/iUYyzEmn/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 106x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 4e4a2f1d22847c38ab55a2eec8edbf4f
2b15e4aa1069e750f2bb5632adcfcd5deb23b381
ed7991c2caa2253544defb5d5a55d741155c143d2f90e438cb323b4e83db2a97
GET /20221113/iUYyzEmn/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 19603
last-modified: Sun, 13 Nov 2022 17:48:39 GMT
etag: "63712df7-4c93"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/iULtdhtG/1.jpg
172.247.50.115200 OK 14 kB URL HTTP/2 askzyimg.com/20221113/iULtdhtG/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 6cb2eed662d733a55f79bada8e4ca871
bb20666541aa4b074bfc17ce0cbafe66d6bc3284
b1e75a0a8d6f56a31b4025ecc237f7e81a1bb1d90919177d40b06339572df6b6
GET /20221113/iULtdhtG/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 14225
last-modified: Sun, 13 Nov 2022 16:52:15 GMT
etag: "637120bf-3791"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221113/TwDSHpN3/1.jpg
172.247.50.115200 OK 14 kB URL HTTP/2 askzyimg.com/20221113/TwDSHpN3/1.jpg
IP 172.247.50.115:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 480x640, components 3\012- data
Hash 443b3197acdfd80acad903ace41aafce
fcaf00c55de6e0a08afa9c4212c568b7023c4d61
583eca1fd55d98800632c710d81bde7f85be8bce47a295dc970d9e9575f5400f
GET /20221113/TwDSHpN3/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/jpeg
content-length: 13859
last-modified: Sun, 13 Nov 2022 15:52:07 GMT
etag: "637112a7-3623"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
www.niumo282.xyz/static/images/empty_288_144.jpg
104.233.148.44200 OK 13 kB URL HTTP/2 www.niumo282.xyz/static/images/empty_288_144.jpg
IP 104.233.148.44:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty_288_144.jpg HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:48:12 GMT
etag: "6183d68c-32a3"
expires: Thu, 15 Dec 2022 16:10:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/nmwys.png
104.233.148.44200 OK 3.1 kB URL HTTP/2 www.niumo282.xyz/nmwys.png
IP 104.233.148.44:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Thu, 15 Dec 2022 16:10:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.148.44200 OK 111 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.148.44200 OK 73 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.148.44200 OK 1.0 MB URL HTTP/2 www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.148.44:0
Size 1.0 MB (1002217 bytes)
Hash 617db32e1d03db1103988c66e0f472e7
5d4106e906ba7ba3a57dae637bddfeb90b371c55
62a08754407b11f80ac4518dfdd99b2279da00031bc8398ddaeebbe773faced4
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo282.xyz/images/gjhjkhkj67677899099hjjh.gif
104.233.148.44200 OK 139 kB URL HTTP/2 www.niumo282.xyz/images/gjhjkhkj67677899099hjjh.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 139 kB (139182 bytes)
Hash 405f0678dbf102836cf21054c20e15e9
913d5e2ee467f0061dbe6c3a686cc0b8edb6f3d7
724ee95d46e4aa4e5c4212c7d6182e392005c87f98ae654910bf1a3b39bfa6d0
GET /images/gjhjkhkj67677899099hjjh.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 139182
last-modified: Tue, 30 Nov 2021 06:19:41 GMT
etag: "61a5c27d-21fae"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.148.44200 OK 126 kB URL HTTP/2 www.niumo282.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: image/gif
content-length: 125587
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-1ea93"
expires: Thu, 15 Dec 2022 16:10:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/46cdsgsfheidb4155e.jpg
104.233.148.44200 OK 87 kB URL HTTP/2 www.niumo282.xyz/images/46cdsgsfheidb4155e.jpg
IP 104.233.148.44:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /images/46cdsgsfheidb4155e.jpg HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: image/jpeg
content-length: 87395
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-15563"
expires: Thu, 15 Dec 2022 16:10:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
m1.im5i.com/2022/11/03/UVHyLh.gif
14.17.115.233200 OK 305 kB URL HTTP/2 m1.im5i.com/2022/11/03/UVHyLh.gif
IP 14.17.115.233:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 305 kB (305068 bytes)
Hash 0860a53eeec82ff9a7300b36824b5d3b
c34c2355ce22706f4a1c01450ea1a0f744ecbf3d
70c3a261a41c0d6ec8a7e2d158890b1662e62ed6d698990bffba1ee331e50b7a
GET /2022/11/03/UVHyLh.gif HTTP/1.1
Host: m1.im5i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 08:02:23 GMT
content-type: image/gif
content-length: 305068
last-modified: Thu, 03 Nov 2022 11:00:07 GMT
etag: "63639f37-4a7ac"
expires: Thu, 15 Dec 2022 08:02:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
120.52.95.236200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 120.52.95.236:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 08:02:25 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 8696619
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HElangfang-AREACUCC1-CACHE32[3],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjCjJeKicTMsykK2RNIaK3gia0BDXRYBU7lBXndpMuZhXXw/0
43.129.255.47200 OK 369 kB URL HTTP/2 p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjCjJeKicTMsykK2RNIaK3gia0BDXRYBU7lBXndpMuZhXXw/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 369 kB (369108 bytes)
Hash d3f9f17ed067ebb6ee0792014656333e
1f5593ee409f13d7734fd538a9a779dbe469a7c1
69da833d60a8ae1c0d5f64a25dfb6b42579ac7d20046a2db7c2be4256b601b68
GET /qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjCjJeKicTMsykK2RNIaK3gia0BDXRYBU7lBXndpMuZhXXw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 15 Nov 2022 08:02:24 GMT
content-type: image/gif
content-length: 369108
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 14:54:05 GMT
cache-control: max-age=2592000
x-delay: 176 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 369108
chid: 0
fid: 0
x-nws-log-uuid: 5bf27567-cc41-40fd-ae8d-54b0d1218ca4
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.148.44200 OK 315 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.148.44200 OK 551 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.148.44200 OK 410 kB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/4dfsdadsd5ghrt5.gif
104.233.148.44200 OK 411 kB URL HTTP/2 www.niumo282.xyz/images/4dfsdadsd5ghrt5.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 310 x 150\012- data
Size 411 kB (411269 bytes)
Hash e677fef93938e45f94dbdac40dcbe2ee
661f58d604341a3aaeacdb061e105cf88c5a4219
0f3ee208963c41dc1f36259f395e793a7e328aa7ab7a4a924df4d88323284047
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: image/gif
content-length: 411269
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-64685"
expires: Thu, 15 Dec 2022 16:10:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.148.44200 OK 1.3 MB URL HTTP/2 www.niumo282.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.148.44:0
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Thu, 15 Dec 2022 16:10:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe4f5dc12e097182fed4de0161bc5b8a
746804d683bea55f44d5f6456a7e69d0048e4f58
d8a2095cd57455bab301ae68b7478997f3db056039886d85301eb85d7d196cf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5882
x-amzn-requestid: 3269a61b-6246-42bc-a3f6-ba2fc6708c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPteF0SIAMFp8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705fef-48758a23646243030346d9d9;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fXm81LDpPcdG5wr5OA5jUT_wDh8oRuNYYRmlyOdjrPzj42J5FAEOQQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:32:32 GMT
age: 16195
etag: "746804d683bea55f44d5f6456a7e69d0048e4f58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.niumo282.xyz/static/fonts/voltaire.woff
104.233.148.44404 Not Found 0 B URL HTTP/2 www.niumo282.xyz/static/fonts/voltaire.woff
IP 104.233.148.44:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=6qd63moimmqdnfainvh90b4vdr; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
img.u2695.com/images/63528a7a3ce47c907dcb148c.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.u2695.com/images/63528a7a3ce47c907dcb148c.gif
IP 23.225.228.58:0
GET /images/63528a7a3ce47c907dcb148c.gif HTTP/1.1
Host: img.u2695.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_fa051500db9b4fc9a6b84b1275a14f9e0.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo282.xyz/smbaidu/tj.js
104.233.148.44200 OK 0 B URL HTTP/2 www.niumo282.xyz/smbaidu/tj.js
IP 104.233.148.44:0
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 21:33:47 GMT
vary: Accept-Encoding
etag: W/"6366d6bb-100d"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo282.xyz/
104.233.148.44200 OK 0 B IP 104.233.148.44:0
GET / HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://api.jiakaigongsi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=c4nhms0q7cd051itahp6drgat6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
104.233.148.44200 OK 0 B URL HTTP/2 www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP 104.233.148.44:0
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:10 GMT
vary: Accept-Encoding
etag: W/"61554e6e-1917"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo282.xyz/static/fonts/voltaire.woff
104.233.148.44404 Not Found 0 B URL HTTP/2 www.niumo282.xyz/static/fonts/voltaire.woff
IP 104.233.148.44:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo282.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 15 Nov 2022 16:10:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=uhk3kb1ndhr9leuk66v45kn83g; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo282.xyz/smbaidu/tpwz.js
104.233.148.44200 OK 0 B URL HTTP/2 www.niumo282.xyz/smbaidu/tpwz.js
IP 104.233.148.44:0
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo282.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 16:10:40 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 00:37:29 GMT
vary: Accept-Encoding
etag: W/"6340c649-5aa"
expires: Wed, 16 Nov 2022 04:10:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.2588u.com/images/636a5011b079c2ed23d10ed3.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.2588u.com/images/636a5011b079c2ed23d10ed3.gif
IP 23.225.228.58:0
GET /images/636a5011b079c2ed23d10ed3.gif HTTP/1.1
Host: img.2588u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo282.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://static.yximgs.com/bs2/adcarsku/sku192e341b-32df-4643-bdc1-ec7a6cf1989b.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2