www.pukedafa.com/
154.215.214.118 570 B IP 154.215.214.118:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (883), with CRLF line terminators
Hash d7b1ed5bc37c86ab5748b978fb1ffa56
e519912229c0a757098d8c7c3102adbcc55debcf
4750c40b9af22c7b01fffc00489a155399add21c56c0f366b794945d643ff2a7
GET / HTTP/1.1
Host: www.pukedafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 10:09:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.pukedafa.com/dafapoker.exe
154.215.214.118200 OK 570 B URL User Request GET HTTP/1.1 www.pukedafa.com/dafapoker.exe
IP 154.215.214.118:80
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (883), with CRLF line terminators
Hash d7b1ed5bc37c86ab5748b978fb1ffa56
e519912229c0a757098d8c7c3102adbcc55debcf
4750c40b9af22c7b01fffc00489a155399add21c56c0f366b794945d643ff2a7
GET /dafapoker.exe HTTP/1.1
Host: www.pukedafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 10:09:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.pukedafa.com/common.js
154.215.214.118200 OK 683 B URL GET HTTP/1.1 www.pukedafa.com/common.js
IP 154.215.214.118:80
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
Requested by http://www.pukedafa.com/dafapoker.exe
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 9ce4397e668e4b20baefffe09b118648
56584f44667c321db45b88da5bbecede508e9465
617f40cdc50704b34c4be18c2408f237472e2aa32bb7153ec269870f63cbfa53
GET /common.js HTTP/1.1
Host: www.pukedafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.pukedafa.com/dafapoker.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 10:09:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.pukedafa.com/tj.js
154.215.214.118200 OK 518 B IP 154.215.214.118:80
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
Requested by http://www.pukedafa.com/dafapoker.exe
File type ASCII text, with CRLF line terminators
Hash dcfe3c0073e43efb1ee69fc156c890d4
736c7594682a8a7df587375b59c94279d2bfce68
e2204a4d7b6afcf0db79ee64b1ffac2d51b9d89f46c422499fc8793068467849
GET /tj.js HTTP/1.1
Host: www.pukedafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.pukedafa.com/dafapoker.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 10:09:56 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
www.pukedafa.com/favicon.ico
154.215.214.118200 OK 1.2 kB URL GET HTTP/1.1 www.pukedafa.com/favicon.ico
IP 154.215.214.118:80
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
Requested by http://www.pukedafa.com/dafapoker.exe
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.pukedafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.pukedafa.com/dafapoker.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 10:09:56 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 08 Jun 2023 10:09:56 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
rijisp99.top/template/shafa888/image/loading.svg
122.10.49.30200 OK 506 B URL GET HTTP/2 rijisp99.top/template/shafa888/image/loading.svg
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
GET /template/shafa888/image/loading.svg HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 10 Dec 2021 11:26:37 GMT
etag: "61b3396d-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
rijisp99.top/template/shafa888/css/bootstrap.min.css
122.10.49.30200 OK 27 kB URL GET HTTP/2 rijisp99.top/template/shafa888/css/bootstrap.min.css
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
File type gzip compressed data, from Unix\012- data
Hash 768d8cf1eea3c2de4a4ad86a017955a9
1a745f700efc26fae5ffdabc497b57c62c555f68
d12b897441046a179d5467207d9705998132677c0d7f9a48cfa579d4183355ea
GET /template/shafa888/css/bootstrap.min.css HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: text/css
last-modified: Fri, 10 Dec 2021 13:24:24 GMT
vary: Accept-Encoding
etag: W/"61b35508-23af3"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
rijisp99.top/template/shafa888/css/common.css
122.10.49.30200 OK 2.7 kB URL GET HTTP/2 rijisp99.top/template/shafa888/css/common.css
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
File type gzip compressed data, from Unix\012- data
Hash f99134471308a94d27a2b146f91d3449
01e52be659dbf37a19957cad86bb6ba32bff27be
0cb804ac8a8014dd76d6000fe3b72e3e43a31b66e25008d15f2aea078ebc8bef
GET /template/shafa888/css/common.css HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: text/css
last-modified: Sun, 12 Dec 2021 11:12:44 GMT
vary: Accept-Encoding
etag: W/"61b5d92c-2288"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
rijisp99.top/template/shafa888/js/jquery.min.js
122.10.49.30200 OK 38 kB URL GET HTTP/2 rijisp99.top/template/shafa888/js/jquery.min.js
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
File type gzip compressed data, from Unix\012- data
Hash 10b57a5979d39bfa06186d75ba8b1b74
aee3cf802cf5069c934cea737e20555eb534c80d
448300d36c035dfa90fd7d2e4b1e32654bed3fcd31de12167d935666ba8aeb89
GET /template/shafa888/js/jquery.min.js HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 11:25:34 GMT
vary: Accept-Encoding
etag: W/"61b3392e-17b8b"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
mrtoss03.com/3c52792939dec2a456e9f2a839a41642.gif
45.154.214.206301 Moved Permanently 162 B URL GET HTTP/2 mrtoss03.com/3c52792939dec2a456e9f2a839a41642.gif
IP 45.154.214.206:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint85:10:5F:78:DF:6F:D2:9D:0D:34:F3:7F:BF:CE:D3:6F:1F:BD:8A:A4
ValidityFri, 19 May 2023 10:06:18 GMT - Thu, 17 Aug 2023 10:06:17 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Jun 2023 10:09:59 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mrtoss03.com/d816a0142aeb37814a5d77cfd510e67b.gif
45.154.214.206301 Moved Permanently 162 B URL GET HTTP/2 mrtoss03.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 45.154.214.206:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint85:10:5F:78:DF:6F:D2:9D:0D:34:F3:7F:BF:CE:D3:6F:1F:BD:8A:A4
ValidityFri, 19 May 2023 10:06:18 GMT - Thu, 17 Aug 2023 10:06:17 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Jun 2023 10:09:59 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tscf8.com/ba306bc87113a557ede08dd27e77f7a3.gif
172.83.155.45200 OK 49 kB URL GET HTTP/2 tscf8.com/ba306bc87113a557ede08dd27e77f7a3.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Hash dcba8203c9183f2e83272957160fbd88
66dc3d5f3078891dd482f9596e7164f028c83c3f
f1a72472741925196d6383e1338dcc8066f2bfbe15c8c2802c6b88803ed1c184
GET /ba306bc87113a557ede08dd27e77f7a3.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: image/gif
content-length: 48550
last-modified: Sat, 22 Apr 2023 13:05:24 GMT
etag: "6443db94-bda6"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 257620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3M7Lw3%2FtjoZKIKUbXL4t38vUEZ9Ea5hZ%2FngHk4ib03fvO49eoGzsHz8%2FfYV1VBdO8B7r7omYTR3i6uciKdIrgXO%2FGdoxz%2BrO2NwP6lpEh%2FXpNcl2obDbgEBWtdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b45b289f283e-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
5976tp1.com/rj2.gif
162.250.140.222200 OK 253 kB IP 162.250.140.222:443
Certificate IssuerLet's Encrypt
Subject5976tp1.com
Fingerprint68:F4:8F:28:4A:23:A8:A6:A7:9F:D5:A9:C7:5D:E5:05:5C:BA:46:EB
ValiditySat, 22 Apr 2023 05:00:03 GMT - Fri, 21 Jul 2023 05:00:02 GMT
File type GIF image data, version 89a, 700 x 400\012- data
Size 253 kB (252778 bytes)
Hash 746b9fbc33073e687d8850ab3aaf7775
f3eaad228afe9d8ddfe8a6fece152f5c773aeeaa
a578a5aa63693e3669f03b9bb0cd3ec4ac311bf78a284a45373e2ed01833a6b8
GET /rj2.gif HTTP/1.1
Host: 5976tp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Jun 2023 10:11:04 GMT
Content-Type: image/gif
Content-Length: 252778
Connection: keep-alive
Last-Modified: Sun, 21 May 2023 23:16:39 GMT
ETag: "646aa657-3db6a"
Expires: Tue, 20 Jun 2023 23:22:15 GMT
Cache-Control: max-age=2592000
Via: 162.250.140.218
CDN-Cache: HIT
Accept-Ranges: bytes
tscf8.com/d41aeed3b9aa52d7fcd37a6dbed93ace.gif
172.83.155.45200 OK 328 kB URL GET HTTP/2 tscf8.com/d41aeed3b9aa52d7fcd37a6dbed93ace.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT
File type GIF image data, version 89a, 300 x 150\012- data
Size 328 kB (328392 bytes)
Hash 4327bd9255dda82e60a738be21ad18d8
6f29578f4f34d6dd485d157e06a995ed56b41f04
a953a5d6d991316d2d5879d74ba56a01d7b2156adc26424a9104ec3754d54344
GET /d41aeed3b9aa52d7fcd37a6dbed93ace.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: image/gif
content-length: 328392
last-modified: Tue, 18 Apr 2023 13:28:19 GMT
etag: "643e9af3-502c8"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 66171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmWrxkd%2FtygCJ2DXtcJd70fhA5kDwvZq4hjyieRHZj7livpTen%2Fdc8Wki1dohpeYCq1cCyVYAYgLLUN%2FweknFHvVNA94qauC1LbLyhuh%2B5gte6ZyiDD357wmzCpE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b459284ec3b1-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
lexs9.com/252e17588d12bd9ea6849d64377f250a.gif
172.83.155.45200 OK 350 kB URL GET HTTP/2 lexs9.com/252e17588d12bd9ea6849d64377f250a.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjectlexs9.com
Fingerprint24:51:4A:21:30:1E:9B:D4:37:EA:7D:A1:40:DC:F7:CE:0D:E6:35:AF
ValiditySun, 28 May 2023 07:05:52 GMT - Sat, 26 Aug 2023 07:05:51 GMT
File type GIF image data, version 89a, 960 x 100\012- data
Size 350 kB (349674 bytes)
Hash 854b9743826284e72be8c38af6fc2b7c
b9fe5e3dbdcd3fab67483af42e28432061a4e8da
0d7e3389d5d3ca8ef69aab3690b6b7d8c5356a714374f982d8bfbb720c68213d
GET /252e17588d12bd9ea6849d64377f250a.gif HTTP/1.1
Host: lexs9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:59 GMT
content-type: image/gif
content-length: 349674
last-modified: Sun, 18 Dec 2022 07:01:55 GMT
etag: "639ebae3-555ea"
expires: Sat, 03 Jun 2023 22:09:59 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIazj%2FBCJgzSrqgMBIc6IgyqNM%2BeAAOUwCRaNzce6%2FUQDShkjjTrdAC851nhNU8jclcs3lsxI8zMbC5zzJnAhqEJLwBTeZ0ejstnn%2BNRzwBXa%2B42gooeourz73UQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b4e8dc970937-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
tscf8.com/8f48f887e0c4110a67ca8e85bd201a8a.gif
172.83.155.45200 OK 486 kB URL GET HTTP/2 tscf8.com/8f48f887e0c4110a67ca8e85bd201a8a.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT
File type GIF image data, version 89a, 960 x 100\012- data
Size 486 kB (485451 bytes)
Hash c32fc22899b5bdfcc45976f5519a98ed
35ade236cc82bb09a86be58be6805315178e9bb1
73d57d938f63728e69df2c0236986dc3af3ca4105977af8436d2712fb3fa97c1
GET /8f48f887e0c4110a67ca8e85bd201a8a.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: image/gif
content-length: 485451
last-modified: Tue, 18 Apr 2023 13:28:32 GMT
etag: "643e9b00-7684b"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1028429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHL3biJXo4Usk8GlbGG6jJRx%2BWvVianSqQ0AFIEKk8sHVcg3LSytRk8tLARF%2FfJBWMotYAJpB8rnhc8gh2j7OUPlyHS6JYOasE8mzJ4NBeoLL43%2Bw21QzjWe0FAI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b458ebc4c382-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
tscf8.com/68a7807de3933bf7079116fa9df99e6f.gif
172.83.155.45200 OK 366 kB URL GET HTTP/2 tscf8.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 66170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPA8zSf4N1T7zY0ZELF5pYGM%2BJfOl%2F%2FlWFiMR6%2Fneeoz1TVKmCHQlyqFN%2FGjbTLl9WToThZyNWjhM6KzLUh4YvuAcDVbShHH031VSkdol3ZVrk1IEX4DnoeBvBXR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b45a5f0c30c5-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
5976tp1.com/rj1.gif
162.250.140.222200 OK 842 kB IP 162.250.140.222:443
Certificate IssuerLet's Encrypt
Subject5976tp1.com
Fingerprint68:F4:8F:28:4A:23:A8:A6:A7:9F:D5:A9:C7:5D:E5:05:5C:BA:46:EB
ValiditySat, 22 Apr 2023 05:00:03 GMT - Fri, 21 Jul 2023 05:00:02 GMT
File type GIF image data, version 89a, 960 x 100\012- data
Size 842 kB (841478 bytes)
Hash 43ca1d0e2b769938780f779ce9a13ff8
9c582f36f0319e306925a5fdfcacf8a0d9fc721e
56acdc1c8e09caa4b313a580152649555923d690806faeb00e822979c2f1e1e4
GET /rj1.gif HTTP/1.1
Host: 5976tp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Jun 2023 10:11:04 GMT
Content-Type: image/gif
Content-Length: 841478
Connection: keep-alive
Last-Modified: Sun, 21 May 2023 23:16:38 GMT
ETag: "646aa656-cd706"
Expires: Tue, 20 Jun 2023 23:16:58 GMT
Cache-Control: max-age=2592000
Via: 162.250.140.218
CDN-Cache: HIT
Accept-Ranges: bytes
img.1562999.com/images/646dbd70e71655cbe682fc33.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1562999.com/images/646dbd70e71655cbe682fc33.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject1562999.com
Fingerprint25:84:CA:05:B9:DA:F4:B0:24:76:A3:48:3E:89:14:F2:D0:87:7A:90
ValidityTue, 28 Mar 2023 10:34:53 GMT - Mon, 26 Jun 2023 10:34:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/646dbd70e71655cbe682fc33.gif HTTP/1.1
Host: img.1562999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s=
X-Firefox-Spdy: h2
img.1275a.xyz/images/645b9526753dd994a618e5b9.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1275a.xyz/images/645b9526753dd994a618e5b9.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject1275a.xyz
Fingerprint14:FB:49:F7:F9:3B:FD:4A:F1:FA:64:4E:9F:54:77:CF:53:19:6E:0A
ValidityWed, 10 May 2023 08:26:50 GMT - Tue, 08 Aug 2023 08:26:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/645b9526753dd994a618e5b9.gif HTTP/1.1
Host: img.1275a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc=
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash cbfa5dfbc1f1cf636a51a796efa50712
57b61511764563ac85fcf8278c8b6cbab2f16d6b
e8c76dc38c952242400ffdcff5b5441f34bed545e932fb69d1c8eddabea91cc3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 06:50:27 GMT
Expires: Wed, 07 Jun 2023 06:50:26 GMT
Etag: "57b61511764563ac85fcf8278c8b6cbab2f16d6b"
Cache-Control: max-age=333024,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724d89b21b505-OSL
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash f4455c93e96b5c4a638b3908be3feb3a
83f7df9f77a8adb65bf3d32218640334ed90b1eb
460aa010af79016bd437f8f6c9e004041fc33fcc3afbf561ab2de3009fae4f5a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 20:10:17 GMT
Expires: Thu, 08 Jun 2023 20:10:16 GMT
Etag: "83f7df9f77a8adb65bf3d32218640334ed90b1eb"
Cache-Control: max-age=467414,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724d89ee51c12-OSL
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash d37eb636be4d41806631092ef3648c4d
6ba8ad25f3fc4b81923e285431dcf9a887e6da2c
919eed0b379810d31c933f64fea603f3791f145a8e2b4e824e119f19cc9b4761
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Jun 2023 00:45:49 GMT
Expires: Sat, 10 Jun 2023 00:45:48 GMT
Etag: "6ba8ad25f3fc4b81923e285431dcf9a887e6da2c"
Cache-Control: max-age=570346,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724d89e58b51d-OSL
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 611ef35dd2c0f8264abfbe440093ea3f
04a259b898d72aae1fb7004df97c1bd937935a2c
1c7aa677a06ae40709f53f5b8e3c7f432b48a889b72ce00a2e76e20a08a153cc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 03:34:43 GMT
Expires: Wed, 07 Jun 2023 03:34:42 GMT
Etag: "04a259b898d72aae1fb7004df97c1bd937935a2c"
Cache-Control: max-age=321280,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724d898611c0a-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash 0ae93eb9c22416be706c95b1f6d2fc52
680453b41b06e4c4bbc7e1298be1135946c9c428
f66fa59dbf1168ac4d3a46687b4a921e5a06d07b0f91ba043c0ef41e470f06f3
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 07 Jun 2023 07:59:55 GMT
ETag: "680453b41b06e4c4bbc7e1298be1135946c9c428"
Last-Modified: Sat, 03 Jun 2023 07:59:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2027
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1724d93ee60b65-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash 0ae93eb9c22416be706c95b1f6d2fc52
680453b41b06e4c4bbc7e1298be1135946c9c428
f66fa59dbf1168ac4d3a46687b4a921e5a06d07b0f91ba043c0ef41e470f06f3
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 07 Jun 2023 07:59:55 GMT
ETag: "680453b41b06e4c4bbc7e1298be1135946c9c428"
Last-Modified: Sat, 03 Jun 2023 07:59:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2027
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1724d938bc1c06-OSL
ocsp.buypass.com/
23.36.76.200 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 792c6c63f37bb26bb842ff4dec05b66e
fc3f303ee7f7169004db545765e6954f836be9af
36d605ce87afe01489252d80476736b76c7ce37b8cc715a0594459841cd88f4c
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 8b680b9a-c8d6-42c0-97ba-8a3429cb2607
Content-Length: 1701
Date: Sat, 03 Jun 2023 10:10:01 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.200 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash cb6763eb05f89867eeb054bcbd286c3d
15e5e46e07c79ca5126ed738ebd57e38f1a8bb5d
a17b0ad19fc6e1ab73ea8343310826dd9840a8c7ddb3b076f62b5b85e03fbd99
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 24ec0e23-a7d1-4f75-b399-85c9398e0ef2
Content-Length: 1701
Date: Sat, 03 Jun 2023 10:10:01 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash 09ae2c841d47247f671aa1ae1e5e73be
fe90152b2164d1c7e5582d5f2c9d02ca799e65c4
20fa3d10e61565c0d33988dfcd05c25a91927d88f6bc25ea2bb92ce0526c265a
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 07 Jun 2023 07:21:57 GMT
ETag: "fe90152b2164d1c7e5582d5f2c9d02ca799e65c4"
Last-Modified: Sat, 03 Jun 2023 07:21:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1166
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1724d97f2a0b65-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash 09ae2c841d47247f671aa1ae1e5e73be
fe90152b2164d1c7e5582d5f2c9d02ca799e65c4
20fa3d10e61565c0d33988dfcd05c25a91927d88f6bc25ea2bb92ce0526c265a
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 07 Jun 2023 07:21:57 GMT
ETag: "fe90152b2164d1c7e5582d5f2c9d02ca799e65c4"
Last-Modified: Sat, 03 Jun 2023 07:21:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1166
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1724d9892e1c06-OSL
ocsp.buypass.com/
23.36.76.200 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 14c877bd8da2e7387a4d7e546dbacac0
e95f844ff09570c7b8cd9ebc48344931f4cdce86
8fe3fda8110d6319f68e957e78467ee7e6bf31cf86bb8fc7b1e481027632ee7b
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 32b519e7-577f-4298-a3d3-3bd741f11b6c
Content-Length: 1701
Date: Sat, 03 Jun 2023 10:10:01 GMT
Connection: keep-alive
img.230579.top/images/643294ec9a38bad37dec7432.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.230579.top/images/643294ec9a38bad37dec7432.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/643294ec9a38bad37dec7432.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M=
X-Firefox-Spdy: h2
img.230579.top/images/642a9e6fd57a7adb5d2e2657.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.230579.top/images/642a9e6fd57a7adb5d2e2657.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/642a9e6fd57a7adb5d2e2657.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc=
X-Firefox-Spdy: h2
img.230579.top/images/642b9094ffc757b20fc4283c.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.230579.top/images/642b9094ffc757b20fc4283c.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/642b9094ffc757b20fc4283c.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g=
X-Firefox-Spdy: h2
img.230579.top/images/643133a4f8dd876d9019eb9c.gif
103.166.246.24 0 B URL GET img.230579.top/images/643133a4f8dd876d9019eb9c.gif
IP 103.166.246.24:0
Certificate IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/643133a4f8dd876d9019eb9c.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM=
X-Firefox-Spdy: h2
img.230579.top/images/642b9094ffc757b20fc42839.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.230579.top/images/642b9094ffc757b20fc42839.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/642b9094ffc757b20fc42839.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8=
X-Firefox-Spdy: h2
img.230579.top/images/642ffae50483127e9b602a4c.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.230579.top/images/642ffae50483127e9b602a4c.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/642ffae50483127e9b602a4c.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg=
X-Firefox-Spdy: h2
aaaaa557.com/ce2f4bab11474be0b5807de2d72e789e.gif
103.170.15.110200 OK 739 kB URL GET HTTP/1.1 aaaaa557.com/ce2f4bab11474be0b5807de2d72e789e.gif
IP 103.170.15.110:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subjectaaaaa557.com
FingerprintDF:8E:21:88:56:F8:88:46:F2:46:7B:29:83:AB:5D:86:79:06:6F:C2
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 739 kB (738702 bytes)
Hash a8601033be5a80806bf825cb781b4954
b622626b2bd8550f9631f49258938c53ac30597a
87bbcc2c1cd8bae1e8f3cf8fe66f7ed5cd724ed7afcd4c841919e793871186c7
GET /ce2f4bab11474be0b5807de2d72e789e.gif HTTP/1.1
Host: aaaaa557.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64314d3c-b458e"
Date: Tue, 30 May 2023 22:39:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 08 Apr 2023 11:17:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 738702
7780tp.com/7780/320x180.gif
156.232.91.102200 OK 87 kB URL GET HTTP/1.1 7780tp.com/7780/320x180.gif
IP 156.232.91.102:443
Certificate IssuerLet's Encrypt
Subject7780tp.com
Fingerprint03:AB:D9:FF:90:DB:06:69:20:8E:9F:FB:34:BF:6C:88:45:CF:DC:EC
ValidityWed, 26 Apr 2023 11:27:04 GMT - Tue, 25 Jul 2023 11:27:03 GMT
File type GIF image data, version 89a, 320 x 180\012- data
Hash 56a97e424439af14adfdef573a081ec5
b3e99823f6e1cf9110d91ac1ebc95723e074aece
1a9e611f9867d469f93c6fcebd7ee9a492a0a6378206112fb8d99e0eed93f113
GET /7780/320x180.gif HTTP/1.1
Host: 7780tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Jun 2023 10:02:58 GMT
Content-Type: image/gif
Content-Length: 87071
Connection: keep-alive
Last-Modified: Thu, 11 May 2023 08:17:51 GMT
ETag: "645ca4af-1541f"
Expires: Fri, 16 Jun 2023 09:00:02 GMT
Cache-Control: max-age=2592000
Via: 156.232.91.98
CDN-Cache: HIT
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 32960695ce15fd87da4d75465d606cec
07efca23ead074a2859a4929bcaffcdef58a17e9
338e19c0d905780e55d3dc58fbe6be80deb8d6141cbdf81a2e8becb4a87fb98d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=876
Date: Sat, 03 Jun 2023 10:10:02 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 32960695ce15fd87da4d75465d606cec
07efca23ead074a2859a4929bcaffcdef58a17e9
338e19c0d905780e55d3dc58fbe6be80deb8d6141cbdf81a2e8becb4a87fb98d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=874
Date: Sat, 03 Jun 2023 10:10:02 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash a94280a1226be3eb05382cb3bfb61b6b
952c07b451dab296d43954c7a9ee834b865accbc
0573eb21e678e1690e4facdbd0944071efb80519b98c748c1a03bdfaf82e03b4
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 03 Jun 2023 10:10:02 GMT
Connection: keep-alive
X-N: S
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash bc9fbe3b5fa463c57da84dff595e06b1
1c80c5086e98a5caa54be115bdfc957352059147
16a71d98f91d774011fb9e36e4671ae88021918ab8d3470c7863220491045c81
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 07 Jun 2023 08:47:42 GMT
ETag: "1c80c5086e98a5caa54be115bdfc957352059147"
Last-Modified: Sat, 03 Jun 2023 08:47:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 318
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1724dc79b40b65-OSL
gd1.alicdn.com/imgextra/i1/2208061819557/O1CN01RVwfEJ2KTA1ezf80q_!!2208061819557-1-chatting.gif
47.246.44.252200 OK 110 kB URL GET HTTP/2 gd1.alicdn.com/imgextra/i1/2208061819557/O1CN01RVwfEJ2KTA1ezf80q_!!2208061819557-1-chatting.gif
IP 47.246.44.252:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1
ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT
File type GIF image data, version 89a, 640 x 350\012- data
Size 110 kB (109731 bytes)
Hash 449fd13df14283ab282650fc30e08d4c
d577488cbd493bc4d8ae0166899ee84ac0edb6d9
b46a2a3dcfe316c2a1efcb16da5f9eecc675b5a29e9d267edf131ad448f4d86b
GET /imgextra/i1/2208061819557/O1CN01RVwfEJ2KTA1ezf80q_!!2208061819557-1-chatting.gif HTTP/1.1
Host: gd1.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 109731
date: Mon, 27 Mar 2023 06:51:20 GMT
last-modified: Sun, 26 Mar 2023 05:34:08 GMT
picasso-ret-code: SUCCESS
request-time: 0.043
traceid: 2ff6149816798998800772146e
expires: Tue, 26 Mar 2024 06:51:20 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1679899880
via: cache36.l2us1[0,1,200-0,H], cache7.l2us1[3,0], cache7.se1[0,0,200-0,H], cache7.se1[3,0]
access-control-allow-origin: *
age: 5887122
x-cache: HIT TCP_HIT dirn:11:387469370
x-swift-savetime: Mon, 27 Mar 2023 11:02:29 GMT
x-swift-cachetime: 31520931
timing-allow-origin: *
eagleid: 2ff62c9b16857870023302931e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash 625a485e59302c3993ad9b04aef07d5d
7e24e6f8847672d2253043f6e323db396990b7f0
95e7edf2cea7db574d907a9330d5104410100323754236645f02263728b244c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 02:16:12 GMT
Expires: Thu, 08 Jun 2023 02:16:11 GMT
Etag: "7e24e6f8847672d2253043f6e323db396990b7f0"
Cache-Control: max-age=402968,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724dcab2fb51d-OSL
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 6c39602171b0433af8424502a2044fc0
4e05dbaa9b03643dd3c76c6ce56fa5a831c674e8
092f2cd38e1711f3308e44929b73ea0c86453414b54e2b80318e3badbe6731ee
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 05:04:19 GMT
Expires: Wed, 07 Jun 2023 05:04:18 GMT
Etag: "4e05dbaa9b03643dd3c76c6ce56fa5a831c674e8"
Cache-Control: max-age=326655,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724dc8836b505-OSL
kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
104.21.30.227200 OK 186 kB URL GET HTTP/2 kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 104.21.30.227:443
Certificate IssuerLet's Encrypt
Subjectkvtaaa.top
Fingerprint0D:10:61:B2:9C:B7:5B:11:48:FE:30:9D:A0:C3:41:C0:9A:71:F5:F7
ValidityTue, 18 Apr 2023 00:50:54 GMT - Mon, 17 Jul 2023 00:50:53 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rijisp99.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Tue, 20 Jun 2023 18:52:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1091849
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyKl7tWgSp9lTpXBwbzW61o9i17FtxF5pEbtdkmqebZ9TOBtvmN9d3F5lemAgiqwaaF6hq4TskyN8XXb8VvExAiVx3x%2BRAlMt3xf4zNPFHssR0i2toLaVoXs20nG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1724dcfdb7b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash e2f6bf013c3219a84ab5fac6c0778cbe
95d5578924ab31863010b4b9e0b6d7ebc8b59fad
813500752c66b02846ee89505415bc99034275c2cfb90b6069afdf4ccecc0c3d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Jun 2023 12:53:51 GMT
Expires: Fri, 09 Jun 2023 12:53:50 GMT
Etag: "95d5578924ab31863010b4b9e0b6d7ebc8b59fad"
Cache-Control: max-age=527628,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724d8984db521-OSL
img.1278999.com/images/6465a9a5ad790c9dd633a120.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1278999.com/images/6465a9a5ad790c9dd633a120.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject1278999.com
Fingerprint7F:A5:42:8A:9F:BA:36:D1:78:67:CE:2F:9C:95:B5:DE:45:4E:41:07
ValidityTue, 28 Mar 2023 10:27:33 GMT - Mon, 26 Jun 2023 10:27:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6465a9a5ad790c9dd633a120.gif HTTP/1.1
Host: img.1278999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk=
X-Firefox-Spdy: h2
kvhgg.com/e593267fcb1425d0f87746d7e7c45ef6.gif
45.154.214.219301 Moved Permanently 162 B URL GET HTTP/2 kvhgg.com/e593267fcb1425d0f87746d7e7c45ef6.gif
IP 45.154.214.219:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjectkvhgg.com
FingerprintC9:70:03:15:7B:A1:99:AA:70:9F:A8:AD:B3:F7:59:F5:D9:6B:82:94
ValidityFri, 19 May 2023 11:08:29 GMT - Thu, 17 Aug 2023 11:08:28 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e593267fcb1425d0f87746d7e7c45ef6.gif HTTP/1.1
Host: kvhgg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: text/html
content-length: 162
location: https://kvklll.top/e593267fcb1425d0f87746d7e7c45ef6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
104.21.30.227200 OK 196 kB URL GET HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP 104.21.30.227:443
Certificate IssuerLet's Encrypt
Subjectkvtaaa.top
Fingerprint0D:10:61:B2:9C:B7:5B:11:48:FE:30:9D:A0:C3:41:C0:9A:71:F5:F7
ValidityTue, 18 Apr 2023 00:50:54 GMT - Mon, 17 Jul 2023 00:50:53 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rijisp99.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Mon, 03 Jul 2023 06:37:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12756
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2mA83izUxZqR8UYobb29uM1dCNjTJJivTTX3RpRsy1fuw25ro5gtrOh%2FD2atP1HPgZiGAaL0%2FU%2BXJ%2FtwoyLGYyH9m1ksL%2B0%2Bp4SqAZODVsSs1xsUqvfYDZ0M9NN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1724dd9e9ab518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.1137555.com/images/63d20595239ee5d2c56a786b.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1137555.com/images/63d20595239ee5d2c56a786b.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject1137555.com
Fingerprint5E:A1:1C:1D:D0:5D:ED:7C:45:D6:9E:63:CD:3C:F9:A1:0B:73:E3:1A
ValidityTue, 28 Mar 2023 10:09:03 GMT - Mon, 26 Jun 2023 10:09:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/63d20595239ee5d2c56a786b.gif HTTP/1.1
Host: img.1137555.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww=
X-Firefox-Spdy: h2
xinchacha2dv.ocsp-certum.com/
23.36.79.17 1.5 kB URL xinchacha2dv.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash e1f42b45d0ffef3b62a822a47380737d
460fbd49de52c8fcfec07642e71156ad407742cf
041e38217d707a8f12f3f9ea2158f777cccc91f39f649cfd7f7e0850c175f05a
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=234
Date: Sat, 03 Jun 2023 10:10:02 GMT
Connection: keep-alive
X-N: S
img.solomon89.xyz/images/642027dc61e3f8384b97c16f.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.solomon89.xyz/images/642027dc61e3f8384b97c16f.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectsolomon89.xyz
FingerprintFD:61:48:08:8D:6E:37:B2:71:ED:72:64:8B:70:60:F4:F6:C0:38:82
ValidityTue, 28 Mar 2023 11:18:33 GMT - Mon, 26 Jun 2023 11:18:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/642027dc61e3f8384b97c16f.gif HTTP/1.1
Host: img.solomon89.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20=
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash ccfc5d72aa7fb55577ec9dfe7a1f238e
38fb8a827d144c0ef77d04ca2f2312cea8adf157
6791fcd17ecac67602c85c42a6760ac0b9d461b8fce65fec35cdf3d7a66cf25a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 05:08:45 GMT
Expires: Thu, 08 Jun 2023 05:08:44 GMT
Etag: "38fb8a827d144c0ef77d04ca2f2312cea8adf157"
Cache-Control: max-age=413321,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724dcba161c12-OSL
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash 55966d9fd30a6edf0e78028cb565b11a
94deba0336494580996d6d4e7854b4fc5b9e642c
ce1a0825f05f4767e91572f85108d57a4e47016fd568f893377a2f62231b4a92
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 11:53:11 GMT
Expires: Wed, 07 Jun 2023 11:53:10 GMT
Etag: "94deba0336494580996d6d4e7854b4fc5b9e642c"
Cache-Control: max-age=351187,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724ddc99db505-OSL
ocsp.buypass.com/
23.36.76.200 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 7d0b362aa77460d6ef2bf1f1b679e5ee
e34e79d2df85923795df5c7e2e8e2f4b808f9317
bb9eaebe4832689c35602d2f1a3dda216bb136eddc43afb408f4d0fe75b667e5
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ababe02a-f12c-4dd9-97ab-4e53ce2feec8
Content-Length: 1701
Date: Sat, 03 Jun 2023 10:10:02 GMT
Connection: keep-alive
6651tp.com/960x8011.gif
162.250.141.134200 OK 232 kB IP 162.250.141.134:443
Certificate IssuerLet's Encrypt
Subject6651tp.com
Fingerprint17:66:4F:C9:73:C0:1F:BE:38:35:32:69:0B:47:5B:70:BE:82:DF:86
ValidityTue, 11 Apr 2023 18:24:23 GMT - Mon, 10 Jul 2023 18:24:22 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 232 kB (231704 bytes)
Hash 1a7ceda3b44ace07bcd06a4eb7fe8b1f
cb2a8d2593e6de5c808f2a8e25ce39aa17f57551
30258ea16c5e7c4778b6dfb8aaf3e270d2b6d3ea6992a6174c2d254affb20a31
GET /960x8011.gif HTTP/1.1
Host: 6651tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Jun 2023 10:13:14 GMT
Content-Type: image/gif
Content-Length: 231704
Connection: keep-alive
Last-Modified: Tue, 11 Apr 2023 08:12:41 GMT
ETag: "64351679-38918"
Expires: Wed, 28 Jun 2023 10:20:49 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.130
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CDN-Cache: HIT
Accept-Ranges: bytes
ruyi8.oss-accelerate.aliyuncs.com/tu/1.abc
47.254.187.78200 OK 157 kB URL GET HTTP/1.1 ruyi8.oss-accelerate.aliyuncs.com/tu/1.abc
IP 47.254.187.78:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-eu-central-1.aliyuncs.com
FingerprintDA:18:69:4C:8B:82:70:86:A9:16:CD:3D:78:02:BA:9D:A4:62:13:5C
ValidityMon, 30 Jan 2023 02:31:08 GMT - Sat, 02 Mar 2024 02:31:07 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 157 kB (156604 bytes)
Hash a4236e0ea04ee6db809bbfa9f0c44fc1
285cb0fd4da57cff16ca2ce328806dcd7f6d789f
1fcd494ddbf89898b764eb31c2f7cdef41b9ac1b679d1c38c99e093d889136df
GET /tu/1.abc HTTP/1.1
Host: ruyi8.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 156604
Connection: keep-alive
x-oss-request-id: 647B117A84758F9A4BA8331F
Accept-Ranges: bytes
ETag: "A4236E0EA04EE6DB809BBFA9F0C44FC1"
Last-Modified: Mon, 29 May 2023 11:52:12 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13751824796241125410
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: pCNuDqBO5tuAm7+p8MRPwQ==
x-oss-server-time: 2
gg228.oss-cn-hangzhou.aliyuncs.com/ky200200a.gif
47.110.177.136200 OK 286 kB URL GET HTTP/1.1 gg228.oss-cn-hangzhou.aliyuncs.com/ky200200a.gif
IP 47.110.177.136:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-hangzhou.aliyuncs.com
Fingerprint1D:79:0F:5A:99:E6:4D:DC:A2:70:A6:80:16:6D:82:2B:62:EA:34:B8
ValidityWed, 15 Feb 2023 06:06:07 GMT - Mon, 18 Mar 2024 06:06:06 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Size 286 kB (285553 bytes)
Hash bbd1070d797386f40b83b31d555901cf
c7b01e26d4fed5ff8267e9766b340abcdc114447
f9b6170043ff2c2aba58abe338fd5aba832a7a7cc23be33c6f5fcba209400713
GET /ky200200a.gif HTTP/1.1
Host: gg228.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: image/gif
Content-Length: 285553
Connection: keep-alive
x-oss-request-id: 647B11796F8C263330AD3D38
Accept-Ranges: bytes
ETag: "BBD1070D797386F40B83B31D555901CF"
Last-Modified: Thu, 16 Mar 2023 08:09:09 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17651800536869536973
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: u9EHDXlzhvQLg7MdVVkBzw==
x-oss-server-time: 1
s2.loli.net/2023/05/26/hpBo3Ruxgk2CZ6m.jpg
104.26.0.190200 OK 105 kB URL GET HTTP/2 s2.loli.net/2023/05/26/hpBo3Ruxgk2CZ6m.jpg
IP 104.26.0.190:443
Certificate IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1072x716, components 3\012- data
Size 105 kB (104727 bytes)
Hash ca22fa65a734a5e05e364e0539367141
ca3311a4cc0a82201c49b96f64fae789fe3c8bc3
5d03bef1fcaaea0aec822fa7c7893664078162eff10f35a82ffe9ca977bb2da4
GET /2023/05/26/hpBo3Ruxgk2CZ6m.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/jpeg
content-length: 104727
last-modified: Fri, 26 May 2023 10:54:48 GMT
etag: "64708ff8-19917"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN47mYb1FL%2B2NRUREUCU6vdB5N5UYFBSBLUViHC1rme0L%2FqgyEPaa4XdcSem%2F3nmmcqjlnO9Zv7LQraYdQjh4j5lWd7MZCArP45h1g77PTCFMWnh1qOdMtPEQaN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1724dcb9891c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash c12e3a4e6cf6fd566ccf95e646a76cb6
941cd4bdb225b4ddaea54ecf43c88e8c337d53f0
1681eb7ea28223b45a6672c13d8eb594b114cf9b9601c92d5684b253058c93c3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 23:55:24 GMT
Expires: Tue, 06 Jun 2023 23:55:23 GMT
Etag: "941cd4bdb225b4ddaea54ecf43c88e8c337d53f0"
Cache-Control: max-age=308120,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724dd6c2bb51d-OSL
n0611.com/12e44894b32240f988466faa21690705.gif
170.178.165.171200 OK 457 kB URL GET HTTP/1.1 n0611.com/12e44894b32240f988466faa21690705.gif
IP 170.178.165.171:443
Certificate IssuerSectigo Limited
Subjectn0611.com
FingerprintCA:7A:6E:12:FC:81:69:FB:76:A2:5E:F7:D6:52:B6:A7:52:5A:06:F9
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 457 kB (457422 bytes)
Hash 1d99213864d9c08ffb5d82569e65bd2a
6c40b94c0524a03567a4e530db69c31e2b369fa1
24f1516a9d5b53898e2df30a6f2c0492ab71ab9c01b2e5cef7f9eceb1ef4abff
GET /12e44894b32240f988466faa21690705.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 457422
Content-Type: image/gif
Date: Sat, 03 Jun 2023 06:38:16 GMT
ETag: "1685774296"
Last-Modified: Sat, 03 Jun 2023 06:38:16 GMT
Server: nginx
X-Cache: HIT, policy, memory
7780tp.com/7780/980x80.gif
156.232.91.102200 OK 567 kB URL GET HTTP/1.1 7780tp.com/7780/980x80.gif
IP 156.232.91.102:443
Certificate IssuerLet's Encrypt
Subject7780tp.com
Fingerprint03:AB:D9:FF:90:DB:06:69:20:8E:9F:FB:34:BF:6C:88:45:CF:DC:EC
ValidityWed, 26 Apr 2023 11:27:04 GMT - Tue, 25 Jul 2023 11:27:03 GMT
File type GIF image data, version 89a, 980 x 80\012- data
Size 567 kB (566969 bytes)
Hash e30a6253fde9acd308cebb7cc81d66bc
79b3c27fb3a122a36fc8e51d4164c66228785b54
aebc80512d20c0c97a147e4dc4c842423dd9bedd55985404bd2820a941147efb
GET /7780/980x80.gif HTTP/1.1
Host: 7780tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Jun 2023 10:02:58 GMT
Content-Type: image/gif
Content-Length: 566969
Connection: keep-alive
Last-Modified: Sun, 02 Apr 2023 07:20:52 GMT
ETag: "64292cd4-8a6b9"
Expires: Fri, 16 Jun 2023 09:39:23 GMT
Cache-Control: max-age=2592000
Via: 156.232.91.98
CDN-Cache: HIT
Accept-Ranges: bytes
ocsp.buypass.com/
23.36.76.200 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 15d07c29eb484eba95f6f94deda9e6a8
810d7801da8d34fb23c2e2c2b6e2617191c23c93
71e0c8bf59940086450ac63d862fd1ff0d2f29d191adfcd5b16ec7d8d4d5c6ae
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 7d0f10e7-cb13-4a91-97c9-656cba761854
Content-Length: 1701
Date: Sat, 03 Jun 2023 10:10:02 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash 4f5bc7858e58af75565901e42e60f28d
b4071b59e8216c5f540b9965f9f0f6f5ab756100
a1b9084b6fc25c52cf0ffd1d2e69b6447fe3f3b0dc3ac581f9022f84f683b372
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 18:56:35 GMT
Expires: Wed, 07 Jun 2023 18:56:34 GMT
Etag: "b4071b59e8216c5f540b9965f9f0f6f5ab756100"
Cache-Control: max-age=376910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724df4fd9b521-OSL
6651tp.com/320x180.gif
162.250.141.134200 OK 672 kB IP 162.250.141.134:443
Certificate IssuerLet's Encrypt
Subject6651tp.com
Fingerprint17:66:4F:C9:73:C0:1F:BE:38:35:32:69:0B:47:5B:70:BE:82:DF:86
ValidityTue, 11 Apr 2023 18:24:23 GMT - Mon, 10 Jul 2023 18:24:22 GMT
File type GIF image data, version 89a, 320 x 180\012- data
Size 672 kB (671614 bytes)
Hash 8e09ed2a50e1c26af382671759acf817
72aa83dd9245aab780d7d9f2e49c3ff4d55bc7fb
16c9aa7d280e0ee9b1a456131bc7f0946bb0da752a44d4933b76e3df212f9119
GET /320x180.gif HTTP/1.1
Host: 6651tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Jun 2023 10:13:14 GMT
Content-Type: image/gif
Content-Length: 671614
Connection: keep-alive
Last-Modified: Wed, 24 May 2023 07:10:09 GMT
ETag: "646db851-a3f7e"
Expires: Wed, 28 Jun 2023 10:21:46 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.130
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CDN-Cache: HIT
Accept-Ranges: bytes
zerossl.ocsp.sectigo.com/
104.18.15.101 727 B URL zerossl.ocsp.sectigo.com/
IP 104.18.15.101:0
Hash fe5a153bc93fa604c6a3e2db2477bb88
a7926c530d391838bbd601ee4898ecb2564537d7
1d82d41c4305dc6235c7a3e70c8628d0b401036afe7f762e031ccfc04d376833
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 02 Jun 2023 20:28:19 GMT
Expires: Fri, 09 Jun 2023 20:28:18 GMT
Etag: "a7926c530d391838bbd601ee4898ecb2564537d7"
Cache-Control: max-age=554895,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724dfdff2b4fd-OSL
img.1228a.xyz/images/645b9532753dd994a618e5ba.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1228a.xyz/images/645b9532753dd994a618e5ba.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject1228a.xyz
FingerprintEA:9E:B0:B9:66:C6:2B:CB:41:EA:39:06:06:FC:C9:07:8F:40:95:6B
ValidityWed, 10 May 2023 08:22:10 GMT - Tue, 08 Aug 2023 08:22:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/645b9532753dd994a618e5ba.gif HTTP/1.1
Host: img.1228a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U=
X-Firefox-Spdy: h2
lxbd2.com/5c7fdf1df9d36afce7ceff765bb44824.gif
172.83.155.45200 OK 101 kB URL GET HTTP/2 lxbd2.com/5c7fdf1df9d36afce7ceff765bb44824.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjectlxbd2.com
FingerprintBD:68:BB:10:EC:8E:2A:1F:A1:F9:FA:FF:FA:77:AD:C7:B1:FE:FE:D2
ValiditySat, 27 May 2023 09:34:51 GMT - Fri, 25 Aug 2023 09:34:50 GMT
File type GIF image data, version 89a, 750 x 120\012- data
Size 101 kB (100926 bytes)
Hash 5df9b7ca12d1dc320200e1376ecf7802
5fb72296c9be81d2676993d747d9ad5364d6032d
2a7cd3ea5c9f26a4e28a01287355065fd2f93ce172b9e8792dec0c1bbfd10ed2
GET /5c7fdf1df9d36afce7ceff765bb44824.gif HTTP/1.1
Host: lxbd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 100926
last-modified: Fri, 31 Mar 2023 06:51:08 GMT
etag: "642682dc-18a3e"
expires: Sat, 03 Jun 2023 22:10:02 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 272611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlMadDb6t%2FybZvmcGePO5OMtpff31QmvemvMGrg1pm3Q62PDBtMrYGIgFShWk6CsecOA%2F6MHqya5LmYSUG7whDM2DbDgC0%2BQh658L5zSXC0WA3NGby2SwCyTqgF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7d1715354b97c5a8-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
xcvd.cd55a66dddsa.com/img/33.gif
52.184.82.137200 OK 225 kB URL GET HTTP/2 xcvd.cd55a66dddsa.com/img/33.gif
IP 52.184.82.137:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subjectxcvd.cd55a66dddsa.com
Fingerprint08:F5:23:A9:3B:08:E4:BB:6D:38:F8:99:29:58:A6:13:A1:A1:AD:60
ValidityWed, 10 May 2023 04:32:11 GMT - Tue, 08 Aug 2023 04:32:10 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 225 kB (225364 bytes)
Hash 523239ea45690f5fd1f118e2d34c4348
79b5152594acfcb846516ab0bf1cb24a344664b8
34f3cd5fc17a9b4a84b8c8ef605d0b915508f855e27bdebbdb8fa32f07b775c8
GET /img/33.gif HTTP/1.1
Host: xcvd.cd55a66dddsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 225364
last-modified: Sat, 08 Apr 2023 09:43:55 GMT
etag: "6431375b-37054"
expires: Sat, 24 Jun 2023 06:16:27 GMT
cache-control: max-age=2592000
via: cdn-node-a9-new-hk-07
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kvklll.top/e593267fcb1425d0f87746d7e7c45ef6.gif
104.21.50.72200 OK 332 kB URL GET HTTP/2 kvklll.top/e593267fcb1425d0f87746d7e7c45ef6.gif
IP 104.21.50.72:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:F8:A2:32:06:9A:E1:A6:E5:C9:61:2A:74:85:8A:59:C5:BE:0B:81
ValidityFri, 10 Feb 2023 00:00:00 GMT - Sat, 10 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 332 kB (332163 bytes)
Hash 236ff29278548307e60d31758ba5f6bc
9ba74fd46d025e65ecdfe95f21e0c00fa3f6f311
316fdaec342556eae29e38c5e6d67e8b5dffc5272f0857a735b97bdf2e722749
GET /e593267fcb1425d0f87746d7e7c45ef6.gif HTTP/1.1
Host: kvklll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rijisp99.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 332163
last-modified: Fri, 19 May 2023 12:32:01 GMT
etag: "64676c41-51183"
expires: Wed, 28 Jun 2023 23:20:42 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 384561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FkHpTTjg5J3E4KLAgl3QRhxmLhT%2F3Z83PcpW%2BroMxiW8TBB%2FXWORFevx%2F3eznqLOwyToDiLYkFSjXzB3a0sIH6gwvTHg1tHLnPNlNxPTcjxgMqF%2BbsK2EDoyQTc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1724e0f9b11c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash ccdca839c867e5843309e49366dbb573
19b1d8009ebc13128b6760ed41b2ad6e9075b1f6
9b3841b303a1df5e52f06ef61ba1fdf52a7045ccc3279a500a3c35b388f4ae67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 18:17:58 GMT
Expires: Wed, 07 Jun 2023 18:17:57 GMT
Etag: "19b1d8009ebc13128b6760ed41b2ad6e9075b1f6"
Cache-Control: max-age=374273,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724dfdc771c12-OSL
lxbd2.com/6b4bc2393b34f569886385798f04319d.gif
172.83.155.45200 OK 68 kB URL GET HTTP/2 lxbd2.com/6b4bc2393b34f569886385798f04319d.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Certificate IssuerLet's Encrypt
Subjectlxbd2.com
FingerprintBD:68:BB:10:EC:8E:2A:1F:A1:F9:FA:FF:FA:77:AD:C7:B1:FE:FE:D2
ValiditySat, 27 May 2023 09:34:51 GMT - Fri, 25 Aug 2023 09:34:50 GMT
File type GIF image data, version 89a, 300 x 200\012- data
Hash 8fe8a3221d6c69d2dfa96070eeaf7947
2e3d9f6307f2b435471ca22f3a2662a586a93b73
f2a244eb1748c34fb59c94b4576147ab29247b93edc1c77536c68aa4bbcdf368
GET /6b4bc2393b34f569886385798f04319d.gif HTTP/1.1
Host: lxbd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 67829
last-modified: Fri, 31 Mar 2023 06:50:35 GMT
etag: "642682bb-108f5"
expires: Sat, 03 Jun 2023 22:10:02 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 66171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX%2BQOUm%2FVM8XpU05%2Bpd1v%2FwpIXlfnjstcyCHU2WkiaImDDrKEvTkL1D95MZASlC01iR7PFYbCJxnqO82T3J4sHOBqHk9wHklm6WVqqyx8RZNRiCNJNOduzQqfwhj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b458ec86309a-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-2022290039/se-1.jpg
143.92.56.131200 OK 27 kB URL GET HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg
IP 143.92.56.131:443
ASN #64050 BGPNET Global ASN
Certificate IssuerBuypass AS-983163327
Subjectpic.picnewsss.com
FingerprintF2:4D:96:5D:C9:D0:18:10:BB:58:F4:9C:BE:C0:89:89:C4:2E:8E:DC
ValidityThu, 01 Jun 2023 16:42:33 GMT - Mon, 27 Nov 2023 22:59:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Fri, 02 Jun 2023 15:28:58 GMT
etag: "1685784715"
expires: Sun, 02 Jul 2023 15:28:58 GMT
last-modified: Sat, 03 Jun 2023 09:31:55 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2
u1102.com/6b33eac17ca549eeb56d49f51671ccad.gif
103.170.15.40200 OK 519 kB URL GET HTTP/2 u1102.com/6b33eac17ca549eeb56d49f51671ccad.gif
IP 103.170.15.40:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subjectu1102.com
FingerprintC9:2F:EB:1B:9D:87:04:4A:6A:E4:D8:15:7B:AC:4A:E5:72:03:19:18
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 519 kB (519306 bytes)
Hash 5e530dbf8e7dfab35b57c9cbe75f14cc
de94895cb8bff889d9d0ed0f9c21999831c42c45
ee1b4f206d897fa560b1a87eef7f2a8047ea49d2703c68c985d7263b86c0a8c3
GET /6b33eac17ca549eeb56d49f51671ccad.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6479c5e2-7ec8a"
server: nginx
date: Fri, 02 Jun 2023 16:40:57 GMT
content-type: image/gif
last-modified: Fri, 02 Jun 2023 10:35:14 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-30
content-length: 519306
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/js/js1911-200x200.gif
120.78.115.86200 OK 225 kB URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js/js1911-200x200.gif
IP 120.78.115.86:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Size 225 kB (225026 bytes)
Hash d0ec0f9c3f6bea10c3932dc6c67e95f3
d90ff84ffd8c75172e3d72f5fbc641e8cba869c6
1237fd778d6bb08a35af656bdcb2cbec947f6a725014ec7775d6509644deab90
GET /js/js1911-200x200.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: image/gif
Content-Length: 225026
Connection: keep-alive
x-oss-request-id: 647B1179FC90F337300F42C8
Accept-Ranges: bytes
ETag: "D0EC0F9C3F6BEA10C3932DC6C67E95F3"
Last-Modified: Mon, 19 Dec 2022 08:37:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16580088513556850248
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 0OwPnD9r6hDDky3Gxn6V8w==
x-oss-server-time: 2
img.1257999.com/images/643e3092bd9c74225d2ef3c5.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1257999.com/images/643e3092bd9c74225d2ef3c5.gif
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subject1257999.com
Fingerprint1D:6F:D7:93:CA:8C:0B:64:E2:13:FB:66:5F:8E:E3:84:C8:31:D5:4D
ValidityTue, 28 Mar 2023 10:25:12 GMT - Mon, 26 Jun 2023 10:25:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/643e3092bd9c74225d2ef3c5.gif HTTP/1.1
Host: img.1257999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U=
X-Firefox-Spdy: h2
gg228.oss-cn-hangzhou.aliyuncs.com/ky96080a.gif
47.110.177.136200 OK 432 kB URL GET HTTP/1.1 gg228.oss-cn-hangzhou.aliyuncs.com/ky96080a.gif
IP 47.110.177.136:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-hangzhou.aliyuncs.com
Fingerprint1D:79:0F:5A:99:E6:4D:DC:A2:70:A6:80:16:6D:82:2B:62:EA:34:B8
ValidityWed, 15 Feb 2023 06:06:07 GMT - Mon, 18 Mar 2024 06:06:06 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky96080a.gif HTTP/1.1
Host: gg228.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 647B11796172673934EC341E
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Thu, 16 Mar 2023 08:09:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 2
n0600.com/bd81aad5216a4e07ab45c538058b3902.gif
170.178.165.170200 OK 147 kB URL GET HTTP/1.1 n0600.com/bd81aad5216a4e07ab45c538058b3902.gif
IP 170.178.165.170:443
Certificate IssuerSectigo Limited
Subjectn0600.com
Fingerprint70:AB:4F:80:64:F7:41:4A:A2:9D:0D:9F:6A:C4:3C:08:91:70:72:26
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 300 x 174\012- data
Size 147 kB (146978 bytes)
Hash 2474bd5cd51790f79a1d6fe23df8c20d
502322cdce707b7b6965704347bff1d0a9b46f75
ff7a874e2a3fbde76c0e18b537e9ffe4f4153238aee602436ced11e1b91c45c3
GET /bd81aad5216a4e07ab45c538058b3902.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 146978
Content-Type: image/gif
Date: Sat, 03 Jun 2023 06:38:18 GMT
ETag: "1685774298"
Last-Modified: Sat, 03 Jun 2023 06:38:18 GMT
Server: nginx
X-Cache: HIT, policy, memory
uu3233uu.com/5fb1cf4917544e70a92604cde7f821ee.gif
103.189.109.55200 OK 459 kB URL GET HTTP/1.1 uu3233uu.com/5fb1cf4917544e70a92604cde7f821ee.gif
IP 103.189.109.55:443
Certificate IssuerSectigo Limited
Subjectuu3233uu.com
Fingerprint70:E8:D7:1F:CD:35:19:CB:9D:B3:67:2C:51:0A:F3:ED:B0:AC:28:84
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 459 kB (458890 bytes)
Hash 0d9ad28c5daf9529a41a915bc83b15e3
8d19d6430caf76c6008672013af3021cb1c4288a
646a48b96f107a014723f4110c31191a2f456b89b2e0e9b148b4e74c6a1dd7e6
GET /5fb1cf4917544e70a92604cde7f821ee.gif HTTP/1.1
Host: uu3233uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464df8b-7008a"
Date: Wed, 17 May 2023 14:09:57 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 14:07:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-045
Content-Length: 458890
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8=
103.166.246.24200 OK 87 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 300 x 180\012- data
Hash 6ab41074ec623faecacd283fcf6f010c
89a63ba187f7a0b80d617e8bee2b0ac440732a7b
06899f1196ff83503fbd559986b6ac885797255cdc49defaa99406b61d0e2330
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 87116
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uu6522uu.com/6b6c4101b455403ba373ae5ca973d112.gif
103.189.109.49200 OK 684 kB URL GET HTTP/1.1 uu6522uu.com/6b6c4101b455403ba373ae5ca973d112.gif
IP 103.189.109.49:443
Certificate IssuerSectigo Limited
Subjectuu6522uu.com
Fingerprint9F:A9:31:A7:D5:FB:5E:B7:92:CE:97:32:BA:FB:88:86:69:E0:1B:B7
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683707 bytes)
Hash f49046a5e6117c50b0d0acf38d5771fd
ff89f0896c5bbbbe248aceccfc404f8282df55a6
656acf8e658dd3ae0a4fff74ac88c58c6d06687b1ccb379a9a211c439f095493
GET /6b6c4101b455403ba373ae5ca973d112.gif HTTP/1.1
Host: uu6522uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64563e9d-a6ebb"
Date: Sun, 28 May 2023 03:29:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 May 2023 11:48:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-039
Content-Length: 683707
595image.com:3188/960x120.gif
223.113.143.213200 OK 185 kB URL GET HTTP/1.1 595image.com:3188/960x120.gif
IP 223.113.143.213:3188
ASN #56046 China Mobile communications corporation
Certificate IssuerUnizeto Technologies S.A.
Subject225image.com
Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED
ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 185 kB (184991 bytes)
Hash f3142a120ee01ba9856a4587b419607e
0d590166dc2458fbfd077d6ac75381a7bc1203ac
31d7984bc007f48066a4fe3115ef3cd90450fa65349034eb9eaffcf7cf223e69
GET /960x120.gif HTTP/1.1
Host: 595image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 184991
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:25:24 GMT
ETag: "63d68fe4-2d29f"
Expires: Sat, 01 Jul 2023 02:24:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
n0522.com/933c5004b2eb43788e4f93145bd0835b.gif
170.178.165.172200 OK 150 kB URL GET HTTP/1.1 n0522.com/933c5004b2eb43788e4f93145bd0835b.gif
IP 170.178.165.172:443
Certificate IssuerSectigo Limited
Subjectn0522.com
FingerprintDE:E0:00:37:E8:CA:25:E2:8B:FA:51:98:48:D3:04:89:19:7C:F3:F7
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 516 x 290\012- data
Size 150 kB (150396 bytes)
Hash a4470e9edcd635d0b5e919d870afe80a
1fe162725ed0eb6d88c86ace55e1fba51d4a9571
1d56af37713016ba37aa0a28cc203e3b079e74268177f77022369f0a31fe83b6
GET /933c5004b2eb43788e4f93145bd0835b.gif HTTP/1.1
Host: n0522.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 150396
Content-Type: image/gif
Date: Fri, 02 Jun 2023 10:47:38 GMT
ETag: "1685786757"
Last-Modified: Sat, 03 Jun 2023 10:05:57 GMT
Server: nginx
X-Cache: HIT, policy, memory
1cdn.8b4v.cn/wns96080a.gif
112.84.131.135200 OK 374 kB URL GET HTTP/1.1 1cdn.8b4v.cn/wns96080a.gif
IP 112.84.131.135:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerSectigo Limited
Subject1cdn.8b4v.cn
Fingerprint90:2B:E9:98:30:96:6B:87:97:34:B5:C0:36:9A:12:91:81:E6:AF:12
ValidityThu, 13 Apr 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 374 kB (374505 bytes)
Hash 61f0a03d052a9fa7c45384a259b5ba2e
d4ee20f085c53882170bf84dedc1f41995e1bd40
e1861e6ff229839c7d15fb0b166069fe773aad508c8d174661a7437e2b45632b
GET /wns96080a.gif HTTP/1.1
Host: 1cdn.8b4v.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Thu, 13 Apr 2023 06:46:54 GMT
Etag: "61f0a03d052a9fa7c45384a259b5ba2e"
Content-Type: image/gif
Date: Mon, 29 May 2023 02:11:01 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 8121941456025080816
x-cos-request-id: NjQ3NDA5YjVfOWQ0ZmI3MDlfYTk1MV9jNjM5OTIz
Content-Length: 374505
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12526051587254206559
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600
7788bb.xyz/8499/960x80.gif
23.224.101.36200 OK 366 kB URL GET HTTP/2 7788bb.xyz/8499/960x80.gif
IP 23.224.101.36:443
Certificate IssuerLet's Encrypt
Subject7788bb.xyz
Fingerprint6D:6E:97:68:A4:F8:F5:A6:1B:E6:CD:40:06:97:D5:56:ED:90:87:14
ValidityTue, 02 May 2023 12:03:54 GMT - Mon, 31 Jul 2023 12:03:53 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 366 kB (366380 bytes)
Hash c4ab0620dc7d27a4ef0c24959e8be6fd
ff877344f31c9cc5e77d225b2999e6980ceb7ff5
f9ec3633ef5a1043335f8100bc09141d23ce601584d7fe8291a331230730d886
GET /8499/960x80.gif HTTP/1.1
Host: 7788bb.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 366380
last-modified: Mon, 22 May 2023 14:21:41 GMT
etag: "5972c-5fc48fd56e78b"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/sz/kg96080a.gif
120.78.115.86200 OK 346 kB URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/sz/kg96080a.gif
IP 120.78.115.86:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 346 kB (345602 bytes)
Hash 6310bd0194df289f34539ff2dfc8a250
960461384c89fb7407b76f72fe1fa519c7cfb60f
faac27a9fb02215321fba3507add99cfa9d4acb02144d8e229436c128e9caa12
GET /sz/kg96080a.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:01 GMT
Content-Type: image/gif
Content-Length: 345602
Connection: keep-alive
x-oss-request-id: 647B1179ABB6AF39365EE606
Accept-Ranges: bytes
ETag: "6310BD0194DF289F34539FF2DFC8A250"
Last-Modified: Thu, 16 Mar 2023 07:41:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2217501445958086142
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: YxC9AZTfKJ80U5/y38iiUA==
x-oss-server-time: 2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg=
103.166.246.24200 OK 200 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 200 kB (199929 bytes)
Hash aab369250902e2f68bd2126779811d66
79b3ead5cb93b7f9705ef78a3061c2535027cfb8
66f0bf6e982d3d6e63906739822dd1b0c1769c10e9fd5ff1ecf5573d48f6d671
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 199929
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s=
103.166.246.24200 OK 132 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 750 x 120\012- data
Size 132 kB (131670 bytes)
Hash 22e2ef5f2d98a6e398a59df21954887c
b03ad066b2ccd18686fd9c41c115348e1cda554c
a325f92d6e949ddc0048ff058ab35c58f3fca81d68a4120f807e818ff07742bc
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 131670
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
8499163.com/8499/150x150.gif
23.224.158.157200 OK 185 kB URL GET HTTP/2 8499163.com/8499/150x150.gif
IP 23.224.158.157:443
Certificate IssuerZeroSSL
Subject8499163.com
Fingerprint4A:A2:41:31:43:59:11:0E:A6:A9:3D:D9:04:12:85:48:F2:DA:FA:0E
ValidityMon, 01 May 2023 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (184880 bytes)
Hash 4ebc1ef9412271c425fae6d17b011e9e
5c6c6f2363a621cc32fdfec4b6c2a46a3b356f43
b665c5d297cf180123da9be8c683fbe5b286bc6b9a19cd01bca66ffebbdd3c98
GET /8499/150x150.gif HTTP/1.1
Host: 8499163.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 184880
last-modified: Mon, 22 May 2023 14:21:41 GMT
etag: "2d230-5fc48fd54ff42"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
120.78.115.86200 OK 394 kB URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP 120.78.115.86:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 394 kB (394237 bytes)
Hash 03123a07739f511b3306d13415cd72b1
6dbf38767657a15b922e4d153f46fe4829e012cb
72b3fa6461c39eace9c154e56b66b437457ecde50ae7c615cd923e442d058cdd
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 394237
Connection: keep-alive
x-oss-request-id: 647B117A0CFA3C3338AE60C6
Accept-Ranges: bytes
ETag: "03123A07739F511B3306D13415CD72B1"
Last-Modified: Tue, 20 Dec 2022 14:44:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13376170837400656090
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: AxI6B3OfURszBtE0Fc1ysQ==
x-oss-server-time: 1
uu6873uu.com/20d88f7e916542b9b4c9f4f5910969db.gif
103.189.109.49200 OK 68 kB URL GET HTTP/1.1 uu6873uu.com/20d88f7e916542b9b4c9f4f5910969db.gif
IP 103.189.109.49:443
Certificate IssuerSectigo Limited
Subjectuu6873uu.com
FingerprintE3:AF:46:82:FD:05:8D:B1:FC:8D:9A:D0:7E:29:BC:33:DB:74:42:6E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 320 x 185\012- data
Hash 412efd4c174f40664a459ef6b89219b3
dcca5c856e68b135891edb51477ca37ef34860b1
b2c4bb577ab339920d952b0f29a2ceafc931fd08ab3d61b9513e3dae2b2487e1
GET /20d88f7e916542b9b4c9f4f5910969db.gif HTTP/1.1
Host: uu6873uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "643d17d0-1079f"
Date: Tue, 02 May 2023 21:56:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 17 Apr 2023 09:56:32 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-039
Content-Length: 67487
sz88.oss-cn-shenzhen.aliyuncs.com/1212/js1991-640x350.gif
120.78.115.86200 OK 125 kB URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/1212/js1991-640x350.gif
IP 120.78.115.86:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT
File type GIF image data, version 89a, 640 x 350\012- data
Size 125 kB (125084 bytes)
Hash 380d2fde37e41685f17ce0a2246e79ec
168e6edc77ade0271747b0208f16a60b42b26d45
952c8e574f3fbee2cdd1841ca94e35ee96739a6f936b6c7d8ba7992cee8ff5e7
GET /1212/js1991-640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 125084
Connection: keep-alive
x-oss-request-id: 647B117AE6819C36312DDCF5
Accept-Ranges: bytes
ETag: "380D2FDE37E41685F17CE0A2246E79EC"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18155944982965718549
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: OA0v3jfkFoXxfOCiJG557A==
x-oss-server-time: 1
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g=
103.166.246.24200 OK 133 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 750 x 150\012- data
Size 133 kB (133111 bytes)
Hash 32c9324608dfdd5f660114816a434f9f
81f4adf25b288530d9c891d66575c9745f876528
cf75fb79f56d9dcc2fb7f96cffc6c5d423291b1c118e7585c36b21621e46f0ab
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 133111
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uu3192uu.com/8d1696e8a97e40889c60414751e6d552.gif
103.170.15.110200 OK 41 kB URL GET HTTP/1.1 uu3192uu.com/8d1696e8a97e40889c60414751e6d552.gif
IP 103.170.15.110:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subjectuu3192uu.com
Fingerprint91:8D:95:7C:E9:CF:60:1C:1D:3A:8A:FB:6F:BB:C1:99:D5:03:97:AD
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 230 x 140\012- data
Hash e8e35f37b82543924f5e6abfef6feb5d
5e65ff74495a72c9f04ecf22a2535a1bb13379ef
24576ed9459ac4476d07bc47632319c473a5de6739405e1053310e0559fda46e
GET /8d1696e8a97e40889c60414751e6d552.gif HTTP/1.1
Host: uu3192uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d525-a1b7"
Date: Wed, 17 May 2023 13:49:26 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:22:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 41399
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc=
103.166.246.24200 OK 446 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 446 kB (446035 bytes)
Hash 77b0be767751e755a6e98fba543252fe
fe42138b223252be210c84353a2c2de8f64b4c30
c8619727e9dedf0181e4f467af3bbfc87e27685d2d98d2cae86ed1912dc24d71
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 446035
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
480image.com:3188/960x120.gif
223.113.143.212200 OK 273 kB URL GET HTTP/1.1 480image.com:3188/960x120.gif
IP 223.113.143.212:3188
ASN #56046 China Mobile communications corporation
Certificate IssuerUnizeto Technologies S.A.
Subject225image.com
Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED
ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 273 kB (273172 bytes)
Hash 2fc90155de3a1513c9c11c4505d06f38
67f4b3f125fa219752d4d3e17b20b6604d6e2d66
07cba4260504d122bec8d26416eb6c68c358e00985f9405d115f895302cb1b29
GET /960x120.gif HTTP/1.1
Host: 480image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 273172
Connection: keep-alive
Last-Modified: Wed, 10 May 2023 09:13:10 GMT
ETag: "645b6026-42b14"
Expires: Sat, 01 Jul 2023 02:24:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U=
103.166.246.24200 OK 54 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 320 x 185\012- data
Hash 3379207755438f33f9c71d205458c925
62be0aea7da26f3dd9af13f74272915f557ed661
f372dc3e7318bdbb617104817ef1bf1c4313ba9ffe43c2d75bae12b539fc9187
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 53571
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
165image.com:3188/960x120.gif
223.113.143.212200 OK 320 kB URL GET HTTP/1.1 165image.com:3188/960x120.gif
IP 223.113.143.212:3188
ASN #56046 China Mobile communications corporation
Certificate IssuerUnizeto Technologies S.A.
Subject225image.com
Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED
ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 320 kB (320428 bytes)
Hash c390e662e4ea0464507113e0dcf86fd7
a9bc1d431a0171255a726768fd8718bdf30db160
da84fe627571bc04b06be062cc2538cbc998859dbd3a7a617a267b6f79abc344
GET /960x120.gif HTTP/1.1
Host: 165image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 320428
Connection: keep-alive
Last-Modified: Wed, 17 May 2023 09:50:47 GMT
ETag: "6464a377-4e3ac"
Expires: Sat, 01 Jul 2023 02:24:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
qp.ezfxpuo.cn/960X120.gif
218.66.171.122200 OK 300 kB URL GET HTTP/2 qp.ezfxpuo.cn/960X120.gif
IP 218.66.171.122:443
Certificate IssuerLet's Encrypt
Subjectqp.ezfxpuo.cn
FingerprintF4:1C:25:65:EF:FC:97:9F:38:0D:FD:20:14:82:51:75:F7:3A:DA:49
ValidityFri, 02 Jun 2023 06:58:39 GMT - Thu, 31 Aug 2023 06:58:38 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 300 kB (299855 bytes)
Hash 4c64bf295081458ad3700c9cc4c3ee78
09113584eb19d0edb9363b921f894de33589f652
7ef4c78bec68484c1e8201d56c366547e431fa1803058d0ae8665b5f40a1d8aa
GET /960X120.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 299855
x-oss-request-id: 642E5DC97E084E313641DCAA
etag: "4C64BF295081458AD3700C9CC4C3EE78"
last-modified: Wed, 05 Apr 2023 20:45:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3336747947822169821
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: TGS/KVCBRYrTcAycxMPueA==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww=
103.166.246.24200 OK 343 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 343 kB (343002 bytes)
Hash ce862703bd3a6fd9e7acc3c32453fe84
c27754e24547e935314ba986477cd326628af7e4
eb9f779660b2713488854f27a211239724bb29b842e939424ec882b51520350b
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 343002
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk=
103.166.246.24200 OK 495 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 750 x 160\012- data
Size 495 kB (494617 bytes)
Hash d5d5324c12a0ea09c716b02010dd17b0
aefe46da96b36ef3b26c2590031a96060f9671e6
44e18c1116c534659f221ccfe7eff27d46c9f1d67433304430d67948296581ea
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:02 GMT
content-type: image/gif
content-length: 494617
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc=
103.166.246.24200 OK 396 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 396 kB (395616 bytes)
Hash 0ddeeaa6972b4416c73b988ee2861253
96567e31255c3ed006298cd1f9c13f8437483a38
3712339d6ba9dcea67f0b9dc0f5e39a74f9388b4760891a7a02ff6aa45f5bd4d
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 395616
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U=
103.166.246.24200 OK 522 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 750 x 160\012- data
Size 522 kB (522273 bytes)
Hash c91bf37b8fb1a5c9c75fcaf488fa67a8
f627f58122140a73b3145a0736f34b350cf23e19
f43dd2f3980c4c1a8a8f23b05bbc31090ef8658d63f2060c7895cef36d1a3917
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 522273
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M=
103.166.246.24200 OK 533 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 640 x 350\012- data
Size 533 kB (532916 bytes)
Hash 4d4bd87b6d31fa6d4119c952aab9fd34
d1c0993fd2c1e33d957e651967636f25836c979f
af254c9643ecb75dc6cd535b9dbacb2d523635aeab9db178b78e788d27b3ab3f
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 532916
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uu8281uu.com/6947029e8e464b94aa3abcca342e7fc4.gif
103.189.109.68200 OK 633 kB URL GET HTTP/1.1 uu8281uu.com/6947029e8e464b94aa3abcca342e7fc4.gif
IP 103.189.109.68:443
Certificate IssuerSectigo Limited
Subjectuu8281uu.com
FingerprintF8:28:1D:4A:74:6C:A8:A8:EB:7D:08:F4:44:70:E2:B9:D5:C6:49:91
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 633 kB (632756 bytes)
Hash 2d88b2384764e1e8d03524c56386454c
a584aea1fde95d50b124489172ba8e8f911cccfb
c2bee53de473b7d22cf187570d803ff240c699bf5a08c67abc7962a44fcf7e57
GET /6947029e8e464b94aa3abcca342e7fc4.gif HTTP/1.1
Host: uu8281uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "646c6ebe-9a7b4"
Date: Tue, 23 May 2023 19:56:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 23 May 2023 07:43:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-058
Content-Length: 632756
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20=
103.166.246.24200 OK 537 kB URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20=
IP 103.166.246.24:443
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 537 kB (537085 bytes)
Hash a985b32d9284523398e828a150d8a8df
65ffa1c33ed93b402580e7b2897a9c44a7c6986f
714ce4dec23b2310cb60e9681ce47f7601c1a38f3bbd952d080a5be6dc1bf306
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:10:03 GMT
content-type: image/gif
content-length: 537085
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 400ff3bc8080de393e79864b82240f73
844fc4d38bc37093b4ec70396ca6ed24882066f6
3f3f19f2eda778faebedbb2e36a57510093e39f21770cdbc1e9c4e2b9ec9f421
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Jun 2023 00:11:50 GMT
Expires: Sat, 10 Jun 2023 00:11:49 GMT
Etag: "844fc4d38bc37093b4ec70396ca6ed24882066f6"
Cache-Control: max-age=568376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d1724e81eceb505-OSL
ldbbs.ldmnq.com/bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif
218.12.76.170200 OK 1.2 MB URL GET HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif
IP 218.12.76.170:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerBeijing Xinchacha Credit Management Co., Ltd.
Subject*.ldmnq.com
Fingerprint67:C6:22:70:18:8C:8D:1C:18:77:EF:C9:FF:3D:79:77:55:92:98:4A
ValidityMon, 10 Oct 2022 06:12:34 GMT - Tue, 10 Oct 2023 06:12:33 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 10:10:02 GMT
Content-Type: image/gif
Content-Length: 1197751
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-request-id: 00000187EB7CE23794136B91380B9E1B
ETag: "6938343bc2a842c4d2c9c96f4dde0298"
Last-Modified: Fri, 05 May 2023 10:14:58 GMT
Content-Encoding: utf-8
x-amz-storage-class: STANDARD_IA
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSmAfv0AYqNRDfSOQNsAPy33rsnWmMQO
via: CHN-HEshijiazhuang-AREACUCC1-CACHE41[7],CHN-HEshijiazhuang-AREACUCC1-CACHE19[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE92[26],CHN-TJ-GLOBAL1-CACHE3[0,TCP_HIT,23]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
Age: 2503838
Accept-Ranges: bytes
aaaaa663.com/d1f0948f11504a2bb87381310ac056bf.gif
103.189.109.73200 OK 962 kB URL GET HTTP/1.1 aaaaa663.com/d1f0948f11504a2bb87381310ac056bf.gif
IP 103.189.109.73:443
Certificate IssuerSectigo Limited
Subjectaaaaa663.com
Fingerprint2E:76:6A:D5:2A:B4:94:4F:DB:0A:66:D6:87:E8:15:AA:40:35:86:55
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 962 kB (962058 bytes)
Hash e3b41004adb02f54363d484f3bb499cd
9a112c9559839113de0d5e7ffd79b582575af3a1
8a6cbb20ac7ded9c2b63177b1c5b1783f7a0a152108db368d3b3e000c9631d32
GET /d1f0948f11504a2bb87381310ac056bf.gif HTTP/1.1
Host: aaaaa663.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64510e1c-eae0a"
Date: Wed, 10 May 2023 16:01:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 02 May 2023 13:20:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-063
Content-Length: 962058
uu6967uu.com/42a42a8d36c14297bf444b6046914de4.gif
103.170.15.105200 OK 62 kB URL GET HTTP/1.1 uu6967uu.com/42a42a8d36c14297bf444b6046914de4.gif
IP 103.170.15.105:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subjectuu6967uu.com
FingerprintF7:95:45:0E:E3:7C:B1:F9:7B:10:8B:94:82:A9:39:8C:40:B1:02:BA
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 320 x 185\012- data
Hash 8cd79160b02a588153da89cfcee21149
019eeb3f5a58c41d1383813166a6fd15346dddf8
51fd95b9321f0aacf1d59bbd952f1e3eb25fb9a3fbc82f3e1bc7a5b312e95379
GET /42a42a8d36c14297bf444b6046914de4.gif HTTP/1.1
Host: uu6967uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "646c6ea4-f207"
Date: Fri, 26 May 2023 06:37:06 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 23 May 2023 07:43:32 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-35
Content-Length: 61959
rijisp99.top/static/js/home.js
122.10.49.30200 OK 38 kB URL GET HTTP/2 rijisp99.top/static/js/home.js
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/home.js HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
vary: Accept-Encoding
etag: W/"61249190-95a5"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
rijisp99.top/
122.10.49.30200 OK 82 kB IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Requested by http://www.pukedafa.com/dafapoker.exe
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.pukedafa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kki.kdfe8.com/tu-pic/960-100.gif
0.0.0.0 0 B URL GET kki.kdfe8.com/tu-pic/960-100.gif
IP 0.0.0.0:0
Certificate IssuerBuypass AS-983163327
Subjectkki.kdfe8.com
Fingerprint76:7E:1A:66:55:B3:96:2A:4E:6A:78:A8:7E:87:9F:67:05:82:87:E1
ValidityWed, 22 Mar 2023 12:19:06 GMT - Sun, 17 Sep 2023 21:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tu-pic/960-100.gif HTTP/1.1
Host: kki.kdfe8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Sat, 03 Jun 2023 06:08:01 GMT
etag: "1685772500_br"
expires: Mon, 03 Jul 2023 06:08:01 GMT
last-modified: Sat, 03 Jun 2023 06:08:20 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-2022290039/se-2.gif
0.0.0.0 0 B URL GET pic.picnewsss.com/tu-2022290039/se-2.gif
IP 0.0.0.0:0
Certificate IssuerBuypass AS-983163327
Subjectpic.picnewsss.com
FingerprintF2:4D:96:5D:C9:D0:18:10:BB:58:F4:9C:BE:C0:89:89:C4:2E:8E:DC
ValidityThu, 01 Jun 2023 16:42:33 GMT - Mon, 27 Nov 2023 22:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tu-2022290039/se-2.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Sat, 03 Jun 2023 08:48:36 GMT
etag: "1685782116_br"
expires: Mon, 03 Jul 2023 08:48:36 GMT
last-modified: Sat, 03 Jun 2023 08:48:36 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
rijisp99.top/template/shafa888/css/hmlcss.css
122.10.49.30200 OK 83 kB URL GET HTTP/2 rijisp99.top/template/shafa888/css/hmlcss.css
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/shafa888/css/hmlcss.css HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: text/css
last-modified: Sat, 11 Dec 2021 05:47:53 GMT
vary: Accept-Encoding
etag: W/"61b43b89-1430f"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kki.kdfe8.com/tu-2022290039/960-120.gif
0.0.0.0 0 B URL GET kki.kdfe8.com/tu-2022290039/960-120.gif
IP 0.0.0.0:0
Certificate IssuerBuypass AS-983163327
Subjectkki.kdfe8.com
Fingerprint76:7E:1A:66:55:B3:96:2A:4E:6A:78:A8:7E:87:9F:67:05:82:87:E1
ValidityWed, 22 Mar 2023 12:19:06 GMT - Sun, 17 Sep 2023 21:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tu-2022290039/960-120.gif HTTP/1.1
Host: kki.kdfe8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Sat, 03 Jun 2023 08:44:32 GMT
etag: "1685781952_br"
expires: Mon, 03 Jul 2023 08:44:32 GMT
last-modified: Sat, 03 Jun 2023 08:45:52 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
rijisp99.top/template/shafa888/js/jquery.lazyload.min.js
122.10.49.30200 OK 3.4 kB URL GET HTTP/2 rijisp99.top/template/shafa888/js/jquery.lazyload.min.js
IP 122.10.49.30:443
ASN #134548 DXTL Tseung Kwan O Service
Certificate IssuerLet's Encrypt
Subjectwww.rijisp99.top
FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D
ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT
File type ASCII text, with very long lines (3454), with no line terminators
Hash 26b7389c8c27d44000babf0a0f4ee8ea
f6b1f41c8fd2d8d047497f7d749ae24c4a20a43a
9904dce059236d447e88fd9602fe4072ebefbc0f56dc3cbd3fb2eaf520b55e4b
GET /template/shafa888/js/jquery.lazyload.min.js HTTP/1.1
Host: rijisp99.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 10:09:58 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 11:25:33 GMT
vary: Accept-Encoding
etag: W/"61b3392d-d35"
expires: Sat, 03 Jun 2023 22:09:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
0.0.0.0 0 B URL GET kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM=
0.0.0.0 0 B URL GET files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM=
IP 0.0.0.0:0
Certificate IssuerLet's Encrypt
Subjectbackmoestream.xyz
Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D
ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM= HTTP/1.1
Host: files.backmoestream.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
0.0.0.0 0 B URL GET kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
kki.kdfe8.com/wg-2023440066/960-100-1.gif
0.0.0.0 0 B URL GET kki.kdfe8.com/wg-2023440066/960-100-1.gif
IP 0.0.0.0:0
Certificate IssuerBuypass AS-983163327
Subjectkki.kdfe8.com
Fingerprint76:7E:1A:66:55:B3:96:2A:4E:6A:78:A8:7E:87:9F:67:05:82:87:E1
ValidityWed, 22 Mar 2023 12:19:06 GMT - Sun, 17 Sep 2023 21:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wg-2023440066/960-100-1.gif HTTP/1.1
Host: kki.kdfe8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rijisp99.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Sat, 03 Jun 2023 05:55:33 GMT
etag: "1685784270_br"
expires: Mon, 03 Jul 2023 05:55:33 GMT
last-modified: Sat, 03 Jun 2023 09:24:30 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, memory
X-Firefox-Spdy: h2