Report - www.pukedafa.com/dafapoker.exe

Report Overview

Submitted URL
www.pukedafa.com/dafapoker.exe
IP
154.215.214.118
ASN
#134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
Submitted
2023-06-03 10:10:13
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.pukedafa.com	unknown	2023-03-12	2015-05-31	2018-08-23	1.7 kB	4.5 kB	154.215.214.118
img.1275a.xyz	unknown	2023-05-10	2023-05-15	2023-05-27	443 B	274 B	103.166.246.24
lxbd2.com	unknown	2023-05-27	2023-05-27	2023-06-02	880 B	170 kB	172.83.155.45
7788bb.xyz	unknown	2023-05-02	2023-05-02	2023-05-29	420 B	367 kB	23.224.101.36
rijisp99.top	unknown	unknown	No data	No data	3.6 kB	278 kB	122.10.49.30
5976tp1.com	unknown	2023-01-22	2023-01-27	2023-06-01	826 B	1.1 MB	162.250.140.222
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23	2023-06-02	1.8 kB	9.7 kB	104.18.21.226
ocsp.buypass.com	157566	2004-08-13	2017-01-30	2023-06-02	1.7 kB	11 kB	23.36.76.200
595image.com:3188	unknown	unknown	No data	No data	423 B	185 kB	223.113.143.213
n0522.com	unknown	2018-07-18	2021-02-01	2023-06-02	440 B	151 kB	170.178.165.172
qp.ezfxpuo.cn	unknown	2022-08-17	2022-12-14	2023-06-01	419 B	300 kB	218.66.171.122
lexs9.com	unknown	2023-05-28	2023-05-28	2023-06-02	440 B	350 kB	172.83.155.45
ruyi8.oss-accelerate.aliyuncs.com	unknown	unknown	No data	No data	436 B	157 kB	47.254.187.78
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2023-06-02	338 B	1.2 kB	104.18.15.101
img.1228a.xyz	unknown	2023-05-10	2023-05-13	2023-06-02	443 B	274 B	103.166.246.24
u1102.com	unknown	2018-07-18	2021-02-01	2023-06-02	440 B	520 kB	103.170.15.40
uu3192uu.com	unknown	2023-04-18	2023-04-18	2023-06-01	443 B	42 kB	103.170.15.110
img.1137555.com	unknown	2022-11-11	2022-11-11	2023-05-12	445 B	274 B	103.166.246.24
gg228.oss-cn-hangzhou.aliyuncs.com	unknown	2012-04-01	2023-03-22	2023-05-27	883 B	719 kB	47.110.177.136
uu6873uu.com	unknown	2023-04-18	2023-04-29	2023-06-03	443 B	68 kB	103.189.109.49
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-02	4.3 kB	12 kB	104.18.15.101
mrtoss03.com	unknown	2023-05-19	2023-05-19	2023-06-03	886 B	844 B	45.154.214.206
ldbbs.ldmnq.com	unknown	2016-05-19	2022-01-01	2023-06-03	474 B	1.2 MB	218.12.76.170
uu6967uu.com	unknown	2023-04-18	2023-04-29	2023-06-03	443 B	62 kB	103.170.15.105
img.230579.top	unknown	2023-03-28	2023-04-01	2023-06-03	2.7 kB	1.6 kB	103.166.246.24
xinchacha2dv.ocsp-certum.com	unknown	2013-12-19	2022-07-28	2023-06-03	342 B	1.8 kB	23.36.79.17
8499163.com	unknown	2022-10-27	2022-10-27	2023-06-03	422 B	185 kB	23.224.158.157
tscf8.com	unknown	2023-05-28	2019-01-30	2023-06-02	1.8 kB	1.2 MB	172.83.155.45
dvcasha2.ocsp-certum.com	71753	2013-12-19	2014-11-27	2023-06-02	1.0 kB	5.6 kB	23.36.79.17
kvtaaa.top	unknown	2022-05-19	2022-05-19	2023-06-03	882 B	383 kB	104.21.30.227
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	2012-04-01	2022-06-01	2023-06-03	1.8 kB	1.1 MB	120.78.115.86
img.solomon89.xyz	unknown	2023-02-01	2023-02-08	2023-06-03	447 B	274 B	103.166.246.24
n0600.com	unknown	2018-07-18	2021-02-01	2023-06-02	440 B	147 kB	170.178.165.170
165image.com:3188	unknown	unknown	No data	No data	423 B	321 kB	223.113.143.212
uu3233uu.com	unknown	2023-04-18	2023-04-18	2023-06-03	443 B	459 kB	103.189.109.55
1cdn.8b4v.cn	unknown	2020-06-19	2023-04-13	2023-06-03	420 B	375 kB	112.84.131.135
img.1562999.com	unknown	2023-01-05	2023-02-21	2023-06-03	445 B	274 B	103.166.246.24
s2.loli.net	100401	2011-05-28	2021-12-08	2023-06-02	436 B	106 kB	104.26.0.190
img.1257999.com	unknown	2023-01-05	2023-02-15	2023-05-28	445 B	274 B	103.166.246.24
480image.com:3188	unknown	unknown	No data	No data	423 B	274 kB	223.113.143.212
uu8281uu.com	unknown	2023-04-18	2023-04-28	2023-06-01	443 B	633 kB	103.189.109.68
pic.picnewsss.com	unknown	2022-06-14	2022-06-14	2023-06-01	870 B	27 kB	143.92.56.131
uu6522uu.com	unknown	2023-04-18	2023-04-25	2023-06-02	443 B	684 kB	103.189.109.49
kvkaa.com	unknown	2022-05-19	2022-05-19	2023-06-03	884 B	0 B	0.0.0.0
img.1278999.com	unknown	2023-01-05	2023-02-16	2023-06-01	445 B	274 B	103.166.246.24
6651tp.com	unknown	2021-07-19	2021-07-19	2023-05-31	833 B	904 kB	162.250.141.134
kki.kdfe8.com	unknown	2023-03-22	2023-03-22	2023-06-02	1.3 kB	1.1 kB	0.0.0.0
aaaaa557.com	unknown	2023-03-26	2023-04-04	2023-06-03	443 B	739 kB	103.170.15.110
kvklll.top	unknown	2022-08-16	2022-08-17	2023-06-02	441 B	333 kB	104.21.50.72
7780tp.com	unknown	2022-06-22	2022-06-29	2023-06-02	841 B	655 kB	156.232.91.102
gd1.alicdn.com	124694	2008-06-25	2013-05-14	2023-05-11	489 B	110 kB	47.246.44.252
kvhgg.com	unknown	2022-08-23	2022-08-23	2023-06-02	440 B	422 B	45.154.214.219
n0611.com	unknown	2018-07-18	2021-02-01	2023-06-02	440 B	458 kB	170.178.165.171
xcvd.cd55a66dddsa.com	unknown	2023-05-10	2023-05-19	2023-06-03	426 B	226 kB	52.184.82.137
files.backmoestream.xyz	unknown	2022-05-11	2022-08-15	2023-06-03	6.6 kB	3.9 MB	103.166.246.24
aaaaa663.com	unknown	2023-03-26	2023-03-31	2023-06-01	443 B	962 kB	103.189.109.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-03 10:09:55	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	rijisp99.top/static/js/home.js	38 kB	2023-03-07	2024-04-26
Pretty URL rijisp99.top/static/js/home.js IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:35 Last Seen2024-04-26 04:34:07 Times Seen1936 Hash 97e311d35a4aa0ba09575a8dc989660b 8166b5f8ba52aa57ab23321a8ddc8d0118f1e590 1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311 Loading...

	rijisp99.top/	262 B	2023-03-07	2023-10-26
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04:05 Last Seen2023-10-26 16:58:07 Times Seen26 Hash 6ff1f9457507c6dabc22713f9c57c290 27cca6757a56be5b17ec8904000863707fb3433d 53dea84c58abe8ae4fb0f70e9d39a47d5c33aa51d5c6c431c109eabbc5f2b9e3 Loading...

	rijisp99.top/	125 B	2023-03-07	2024-04-21
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04:05 Last Seen2024-04-21 01:08:22 Times Seen289 Hash 682f41fdbfeddfd82194bdf1a00400c9 2822feb74ea599caba9c55a0ebf403464d91b4ae f6f09ff47141227d512c4724a5159d3e314ed8c8becbeb937079430c73ba9ce8 Loading...

	rijisp99.top/	425 B	2023-03-07	2024-02-21
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:31:15 Last Seen2024-02-21 12:53:00 Times Seen43 Hash 6d0b0096c24f1d3fbdda3660d8b6e708 22481813c19798d76f5d5abb21dd9e94c07e8a41 59b3921026c6b9cc5ffb669bcdd284d884e8b6e9a2f88c1da35d9107f5a336ea Loading...

	rijisp99.top/	359 B	2023-03-07	2024-04-01
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:20:46 Last Seen2024-04-01 22:17:55 Times Seen102 Hash 8c40c42f668740f44b320f81e388c63d 19d367c34e11e1b403cb361e47dee764f53c9f10 cd38db20078cff278724989a654911abb2da7d143665e525eb786b9005dfa3ba Loading...

	rijisp99.top/template/shafa888/js/jquery.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL rijisp99.top/template/shafa888/js/jquery.min.js IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 22:31:30 Times Seen118760 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	rijisp99.top/template/shafa888/js/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-04-26
Pretty URL rijisp99.top/template/shafa888/js/jquery.lazyload.min.js IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-26 05:30:16 Times Seen4077 Hash 112c8d1b40b3e62e883c743e9d71e0bf 338318e930487b2791a7bcf53ad4601630cc41e2 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e Loading...

	rijisp99.top/	254 B	2023-03-29	2023-06-04
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:20:34 Last Seen2023-06-04 04:52:20 Times Seen3 Hash ff2ca9a1b9b4404b53ac25d806a63232 83d6e764a1731e4169d3ae2cf6f817db95c6eae8 dad8c848419d66d5983e27cd9e4bd6f78fda609025ac0836a032edd52f9f5ecb Loading...

	rijisp99.top/	254 B	2023-06-03	2023-06-04
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 12:10:47 Last Seen2023-06-04 04:52:20 Times Seen2 Hash edcc95da0a137f64a5c0de86e757007c 28da64d7adff883db04bde6423ba631ec6cf7cea b165ce84a3e8eba15d115cf4c34c06dd796d844013b96b184c6d21b9678c7e77 Loading...

	rijisp99.top/	254 B	2023-06-03	2023-10-16
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 12:10:47 Last Seen2023-10-16 20:21:07 Times Seen6 Hash 2a5c84f0116ee01822669482cd18ea53 74efd78f6dc0ab13146f595c45166e2c6254682a ec78c4ea81d6ba27df1563ae48713f128b8664667e7f564ea14b29f4fcd60f24 Loading...

	www.pukedafa.com/dafapoker.exe	51 B	2023-06-03	2023-06-03
Pretty URL www.pukedafa.com/dafapoker.exe IP 154.215.214.118 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 12:10:47 Last Seen2023-06-03 12:10:47 Times Seen1 Hash 3f57871d55a9f9089f4f10c44c6b16eb 0850045ccc49b8d45d7ef689ac26c364b406d289 0a3d716555abe9b386ca55350c4eb6925868ae836ec6afff14154e25ffa89838 Loading...

	www.pukedafa.com/common.js	1.5 kB	2023-06-03	2023-06-04
Pretty URL www.pukedafa.com/common.js IP 154.215.214.118 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-03 12:10:47 Last Seen2023-06-04 04:52:20 Times Seen4 Hash 9ce4397e668e4b20baefffe09b118648 56584f44667c321db45b88da5bbecede508e9465 617f40cdc50704b34c4be18c2408f237472e2aa32bb7153ec269870f63cbfa53 Loading...

	www.pukedafa.com/tj.js	518 B	2023-06-03	2023-06-04
Pretty URL www.pukedafa.com/tj.js IP 154.215.214.118 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-03 12:10:47 Last Seen2023-06-04 04:52:20 Times Seen4 Hash dcfe3c0073e43efb1ee69fc156c890d4 736c7594682a8a7df587375b59c94279d2bfce68 e2204a4d7b6afcf0db79ee64b1ffac2d51b9d89f46c422499fc8793068467849 Loading...

	rijisp99.top/	0 B	2023-03-07	2024-04-26
Pretty URL rijisp99.top/ IP 122.10.49.30 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 23:12:53 Times Seen37104290 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2c3b906d8ffa7ecfb326536ba7bdd5d3	462 B	2023-06-03	2023-06-03
Pretty Observations First Seen2023-06-03 12:10:47 Last Seen2023-06-03 12:10:47 Times Seen1 Hash 2c3b906d8ffa7ecfb326536ba7bdd5d3 d60edf29faaf07c379e9fdd00141263faf62c795 ecebb40f9fc7fa0f57caa7a01adc7b23ef3d447ea2799855ffdf92fa755e2827 Loading...

		Size	First Seen	Last Seen
	#1 Write - e5fcf11d0be8340bb97db77899aa6f48	443 B	2023-06-03	2023-06-03
Pretty Observations First Seen2023-06-03 12:10:47 Last Seen2023-06-03 12:10:47 Times Seen1 Hash e5fcf11d0be8340bb97db77899aa6f48 5796e489b762b3eb8d7a6f4886d63631a477787a d11cfb06dd1c0b19fdf92ece2cb9bbffbbdaaf2ab0fa019c3f58c96735ffda57 Loading...

HTTP Transactions (123)

	URL	IP	Response	Size
	www.pukedafa.com/	154.215.214.118		570 B
URL www.pukedafa.com/ IP 154.215.214.118:0 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (883), with CRLF line terminators Size 570 B (570 bytes) Hash d7b1ed5bc37c86ab5748b978fb1ffa56 e519912229c0a757098d8c7c3102adbcc55debcf 4750c40b9af22c7b01fffc00489a155399add21c56c0f366b794945d643ff2a7 HTTP Headers `GET / HTTP/1.1 Host: www.pukedafa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 03 Jun 2023 10:09:55 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip`

	www.pukedafa.com/dafapoker.exe	154.215.214.118	200 OK	570 B
URL User Request GET HTTP/1.1 www.pukedafa.com/dafapoker.exe IP 154.215.214.118:80 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (883), with CRLF line terminators Size 570 B (570 bytes) Hash d7b1ed5bc37c86ab5748b978fb1ffa56 e519912229c0a757098d8c7c3102adbcc55debcf 4750c40b9af22c7b01fffc00489a155399add21c56c0f366b794945d643ff2a7 HTTP Headers `GET /dafapoker.exe HTTP/1.1 Host: www.pukedafa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 03 Jun 2023 10:09:55 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip`

	www.pukedafa.com/common.js	154.215.214.118	200 OK	683 B
URL GET HTTP/1.1 www.pukedafa.com/common.js IP 154.215.214.118:80 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD Requested by http://www.pukedafa.com/dafapoker.exe File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators Size 683 B (683 bytes) Hash 9ce4397e668e4b20baefffe09b118648 56584f44667c321db45b88da5bbecede508e9465 617f40cdc50704b34c4be18c2408f237472e2aa32bb7153ec269870f63cbfa53 HTTP Headers `GET /common.js HTTP/1.1 Host: www.pukedafa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.pukedafa.com/dafapoker.exe Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 03 Jun 2023 10:09:56 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip`

	www.pukedafa.com/tj.js	154.215.214.118	200 OK	518 B
URL GET HTTP/1.1 www.pukedafa.com/tj.js IP 154.215.214.118:80 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD Requested by http://www.pukedafa.com/dafapoker.exe File type ASCII text, with CRLF line terminators Size 518 B (518 bytes) Hash dcfe3c0073e43efb1ee69fc156c890d4 736c7594682a8a7df587375b59c94279d2bfce68 e2204a4d7b6afcf0db79ee64b1ffac2d51b9d89f46c422499fc8793068467849 HTTP Headers `GET /tj.js HTTP/1.1 Host: www.pukedafa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.pukedafa.com/dafapoker.exe Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 03 Jun 2023 10:09:56 GMT Content-Type: application/x-javascript Content-Length: 518 Connection: keep-alive`

	www.pukedafa.com/favicon.ico	154.215.214.118	200 OK	1.2 kB
URL GET HTTP/1.1 www.pukedafa.com/favicon.ico IP 154.215.214.118:80 ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD Requested by http://www.pukedafa.com/dafapoker.exe File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash 7ef1f0a0093460fe46bb691578c07c95 2da3ffbbf4737ce4dae9488359de34034d1ebfbd 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c HTTP Headers `GET /favicon.ico HTTP/1.1 Host: www.pukedafa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.pukedafa.com/dafapoker.exe Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 03 Jun 2023 10:09:56 GMT Content-Type: image/x-icon Content-Length: 1150 Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT Connection: keep-alive ETag: "4e0d81df-47e" Expires: Thu, 08 Jun 2023 10:09:56 GMT Cache-Control: max-age=432000 Accept-Ranges: bytes`

	rijisp99.top/template/shafa888/image/loading.svg	122.10.49.30	200 OK	506 B
URL GET HTTP/2 rijisp99.top/template/shafa888/image/loading.svg IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text Size 506 B (506 bytes) Hash bb36cf278bc5f407c3a64054c13dbbdf ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2 fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff HTTP Headers `GET /template/shafa888/image/loading.svg HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: image/svg+xml content-length: 506 last-modified: Fri, 10 Dec 2021 11:26:37 GMT etag: "61b3396d-1fa" strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	rijisp99.top/template/shafa888/css/bootstrap.min.css	122.10.49.30	200 OK	27 kB
URL GET HTTP/2 rijisp99.top/template/shafa888/css/bootstrap.min.css IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type gzip compressed data, from Unix\012- data Size 27 kB (26765 bytes) Hash 768d8cf1eea3c2de4a4ad86a017955a9 1a745f700efc26fae5ffdabc497b57c62c555f68 d12b897441046a179d5467207d9705998132677c0d7f9a48cfa579d4183355ea HTTP Headers `GET /template/shafa888/css/bootstrap.min.css HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: text/css last-modified: Fri, 10 Dec 2021 13:24:24 GMT vary: Accept-Encoding etag: W/"61b35508-23af3" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	rijisp99.top/template/shafa888/css/common.css	122.10.49.30	200 OK	2.7 kB
URL GET HTTP/2 rijisp99.top/template/shafa888/css/common.css IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type gzip compressed data, from Unix\012- data Size 2.7 kB (2692 bytes) Hash f99134471308a94d27a2b146f91d3449 01e52be659dbf37a19957cad86bb6ba32bff27be 0cb804ac8a8014dd76d6000fe3b72e3e43a31b66e25008d15f2aea078ebc8bef HTTP Headers `GET /template/shafa888/css/common.css HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: text/css last-modified: Sun, 12 Dec 2021 11:12:44 GMT vary: Accept-Encoding etag: W/"61b5d92c-2288" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	rijisp99.top/template/shafa888/js/jquery.min.js	122.10.49.30	200 OK	38 kB
URL GET HTTP/2 rijisp99.top/template/shafa888/js/jquery.min.js IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type gzip compressed data, from Unix\012- data Size 38 kB (38507 bytes) Hash 10b57a5979d39bfa06186d75ba8b1b74 aee3cf802cf5069c934cea737e20555eb534c80d 448300d36c035dfa90fd7d2e4b1e32654bed3fcd31de12167d935666ba8aeb89 HTTP Headers `GET /template/shafa888/js/jquery.min.js HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: application/javascript last-modified: Fri, 10 Dec 2021 11:25:34 GMT vary: Accept-Encoding etag: W/"61b3392e-17b8b" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	mrtoss03.com/3c52792939dec2a456e9f2a839a41642.gif	45.154.214.206	301 Moved Permanently	162 B
URL GET HTTP/2 mrtoss03.com/3c52792939dec2a456e9f2a839a41642.gif IP 45.154.214.206:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectmrtoss03.com Fingerprint85:10:5F:78:DF:6F:D2:9D:0D:34:F3:7F:BF:CE:D3:6F:1F:BD:8A:A4 ValidityFri, 19 May 2023 10:06:18 GMT - Thu, 17 Aug 2023 10:06:17 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1 Host: mrtoss03.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx date: Sat, 03 Jun 2023 10:09:59 GMT content-type: text/html content-length: 162 location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2`

	mrtoss03.com/d816a0142aeb37814a5d77cfd510e67b.gif	45.154.214.206	301 Moved Permanently	162 B
URL GET HTTP/2 mrtoss03.com/d816a0142aeb37814a5d77cfd510e67b.gif IP 45.154.214.206:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectmrtoss03.com Fingerprint85:10:5F:78:DF:6F:D2:9D:0D:34:F3:7F:BF:CE:D3:6F:1F:BD:8A:A4 ValidityFri, 19 May 2023 10:06:18 GMT - Thu, 17 Aug 2023 10:06:17 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1 Host: mrtoss03.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx date: Sat, 03 Jun 2023 10:09:59 GMT content-type: text/html content-length: 162 location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2`

	tscf8.com/ba306bc87113a557ede08dd27e77f7a3.gif	172.83.155.45	200 OK	49 kB
URL GET HTTP/2 tscf8.com/ba306bc87113a557ede08dd27e77f7a3.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjecttscf8.com Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59 ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT File type GIF image data, version 89a, 200 x 200\012- data Size 49 kB (48550 bytes) Hash dcba8203c9183f2e83272957160fbd88 66dc3d5f3078891dd482f9596e7164f028c83c3f f1a72472741925196d6383e1338dcc8066f2bfbe15c8c2802c6b88803ed1c184 HTTP Headers `GET /ba306bc87113a557ede08dd27e77f7a3.gif HTTP/1.1 Host: tscf8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: image/gif content-length: 48550 last-modified: Sat, 22 Apr 2023 13:05:24 GMT etag: "6443db94-bda6" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 257620 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3M7Lw3%2FtjoZKIKUbXL4t38vUEZ9Ea5hZ%2FngHk4ib03fvO49eoGzsHz8%2FfYV1VBdO8B7r7omYTR3i6uciKdIrgXO%2FGdoxz%2BrO2NwP6lpEh%2FXpNcl2obDbgEBWtdS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding cf-ray: 7d16b45b289f283e-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	5976tp1.com/rj2.gif	162.250.140.222	200 OK	253 kB
URL GET HTTP/1.1 5976tp1.com/rj2.gif IP 162.250.140.222:443 ASN #62587 ANT-CLOUD Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject5976tp1.com Fingerprint68:F4:8F:28:4A:23:A8:A6:A7:9F:D5:A9:C7:5D:E5:05:5C:BA:46:EB ValiditySat, 22 Apr 2023 05:00:03 GMT - Fri, 21 Jul 2023 05:00:02 GMT File type GIF image data, version 89a, 700 x 400\012- data Size 253 kB (252778 bytes) Hash 746b9fbc33073e687d8850ab3aaf7775 f3eaad228afe9d8ddfe8a6fece152f5c773aeeaa a578a5aa63693e3669f03b9bb0cd3ec4ac311bf78a284a45373e2ed01833a6b8 HTTP Headers `GET /rj2.gif HTTP/1.1 Host: 5976tp1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: openresty Date: Sat, 03 Jun 2023 10:11:04 GMT Content-Type: image/gif Content-Length: 252778 Connection: keep-alive Last-Modified: Sun, 21 May 2023 23:16:39 GMT ETag: "646aa657-3db6a" Expires: Tue, 20 Jun 2023 23:22:15 GMT Cache-Control: max-age=2592000 Via: 162.250.140.218 CDN-Cache: HIT Accept-Ranges: bytes`

	tscf8.com/d41aeed3b9aa52d7fcd37a6dbed93ace.gif	172.83.155.45	200 OK	328 kB
URL GET HTTP/2 tscf8.com/d41aeed3b9aa52d7fcd37a6dbed93ace.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjecttscf8.com Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59 ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT File type GIF image data, version 89a, 300 x 150\012- data Size 328 kB (328392 bytes) Hash 4327bd9255dda82e60a738be21ad18d8 6f29578f4f34d6dd485d157e06a995ed56b41f04 a953a5d6d991316d2d5879d74ba56a01d7b2156adc26424a9104ec3754d54344 HTTP Headers `GET /d41aeed3b9aa52d7fcd37a6dbed93ace.gif HTTP/1.1 Host: tscf8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: image/gif content-length: 328392 last-modified: Tue, 18 Apr 2023 13:28:19 GMT etag: "643e9af3-502c8" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 66171 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmWrxkd%2FtygCJ2DXtcJd70fhA5kDwvZq4hjyieRHZj7livpTen%2Fdc8Wki1dohpeYCq1cCyVYAYgLLUN%2FweknFHvVNA94qauC1LbLyhuh%2B5gte6ZyiDD357wmzCpE"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding cf-ray: 7d16b459284ec3b1-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	lexs9.com/252e17588d12bd9ea6849d64377f250a.gif	172.83.155.45	200 OK	350 kB
URL GET HTTP/2 lexs9.com/252e17588d12bd9ea6849d64377f250a.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectlexs9.com Fingerprint24:51:4A:21:30:1E:9B:D4:37:EA:7D:A1:40:DC:F7:CE:0D:E6:35:AF ValiditySun, 28 May 2023 07:05:52 GMT - Sat, 26 Aug 2023 07:05:51 GMT File type GIF image data, version 89a, 960 x 100\012- data Size 350 kB (349674 bytes) Hash 854b9743826284e72be8c38af6fc2b7c b9fe5e3dbdcd3fab67483af42e28432061a4e8da 0d7e3389d5d3ca8ef69aab3690b6b7d8c5356a714374f982d8bfbb720c68213d HTTP Headers `GET /252e17588d12bd9ea6849d64377f250a.gif HTTP/1.1 Host: lexs9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:59 GMT content-type: image/gif content-length: 349674 last-modified: Sun, 18 Dec 2022 07:01:55 GMT etag: "639ebae3-555ea" expires: Sat, 03 Jun 2023 22:09:59 GMT cache-control: max-age=43200 cf-cache-status: EXPIRED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIazj%2FBCJgzSrqgMBIc6IgyqNM%2BeAAOUwCRaNzce6%2FUQDShkjjTrdAC851nhNU8jclcs3lsxI8zMbC5zzJnAhqEJLwBTeZ0ejstnn%2BNRzwBXa%2B42gooeourz73UQ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding cf-ray: 7d16b4e8dc970937-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	tscf8.com/8f48f887e0c4110a67ca8e85bd201a8a.gif	172.83.155.45	200 OK	486 kB
URL GET HTTP/2 tscf8.com/8f48f887e0c4110a67ca8e85bd201a8a.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjecttscf8.com Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59 ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT File type GIF image data, version 89a, 960 x 100\012- data Size 486 kB (485451 bytes) Hash c32fc22899b5bdfcc45976f5519a98ed 35ade236cc82bb09a86be58be6805315178e9bb1 73d57d938f63728e69df2c0236986dc3af3ca4105977af8436d2712fb3fa97c1 HTTP Headers `GET /8f48f887e0c4110a67ca8e85bd201a8a.gif HTTP/1.1 Host: tscf8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: image/gif content-length: 485451 last-modified: Tue, 18 Apr 2023 13:28:32 GMT etag: "643e9b00-7684b" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 1028429 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHL3biJXo4Usk8GlbGG6jJRx%2BWvVianSqQ0AFIEKk8sHVcg3LSytRk8tLARF%2FfJBWMotYAJpB8rnhc8gh2j7OUPlyHS6JYOasE8mzJ4NBeoLL43%2Bw21QzjWe0FAI"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding cf-ray: 7d16b458ebc4c382-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	tscf8.com/68a7807de3933bf7079116fa9df99e6f.gif	172.83.155.45	200 OK	366 kB
URL GET HTTP/2 tscf8.com/68a7807de3933bf7079116fa9df99e6f.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjecttscf8.com Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59 ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 366 kB (366444 bytes) Hash 86371c51bf2086f3a40f0e438246b662 9da793de9c620485ee91b88413b256c69dc774c5 8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf HTTP Headers `GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1 Host: tscf8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: image/gif content-length: 366444 last-modified: Fri, 19 Aug 2022 17:02:28 GMT etag: "62ffc224-5976c" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 66170 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPA8zSf4N1T7zY0ZELF5pYGM%2BJfOl%2F%2FlWFiMR6%2Fneeoz1TVKmCHQlyqFN%2FGjbTLl9WToThZyNWjhM6KzLUh4YvuAcDVbShHH031VSkdol3ZVrk1IEX4DnoeBvBXR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding cf-ray: 7d16b45a5f0c30c5-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	5976tp1.com/rj1.gif	162.250.140.222	200 OK	842 kB
URL GET HTTP/1.1 5976tp1.com/rj1.gif IP 162.250.140.222:443 ASN #62587 ANT-CLOUD Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject5976tp1.com Fingerprint68:F4:8F:28:4A:23:A8:A6:A7:9F:D5:A9:C7:5D:E5:05:5C:BA:46:EB ValiditySat, 22 Apr 2023 05:00:03 GMT - Fri, 21 Jul 2023 05:00:02 GMT File type GIF image data, version 89a, 960 x 100\012- data Size 842 kB (841478 bytes) Hash 43ca1d0e2b769938780f779ce9a13ff8 9c582f36f0319e306925a5fdfcacf8a0d9fc721e 56acdc1c8e09caa4b313a580152649555923d690806faeb00e822979c2f1e1e4 HTTP Headers `GET /rj1.gif HTTP/1.1 Host: 5976tp1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: openresty Date: Sat, 03 Jun 2023 10:11:04 GMT Content-Type: image/gif Content-Length: 841478 Connection: keep-alive Last-Modified: Sun, 21 May 2023 23:16:38 GMT ETag: "646aa656-cd706" Expires: Tue, 20 Jun 2023 23:16:58 GMT Cache-Control: max-age=2592000 Via: 162.250.140.218 CDN-Cache: HIT Accept-Ranges: bytes`

	img.1562999.com/images/646dbd70e71655cbe682fc33.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.1562999.com/images/646dbd70e71655cbe682fc33.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject1562999.com Fingerprint25:84:CA:05:B9:DA:F4:B0:24:76:A3:48:3E:89:14:F2:D0:87:7A:90 ValidityTue, 28 Mar 2023 10:34:53 GMT - Mon, 26 Jun 2023 10:34:52 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/646dbd70e71655cbe682fc33.gif HTTP/1.1 Host: img.1562999.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s= X-Firefox-Spdy: h2`

	img.1275a.xyz/images/645b9526753dd994a618e5b9.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.1275a.xyz/images/645b9526753dd994a618e5b9.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject1275a.xyz Fingerprint14:FB:49:F7:F9:3B:FD:4A:F1:FA:64:4E:9F:54:77:CF:53:19:6E:0A ValidityWed, 10 May 2023 08:26:50 GMT - Tue, 08 Aug 2023 08:26:49 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/645b9526753dd994a618e5b9.gif HTTP/1.1 Host: img.1275a.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc= X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash cbfa5dfbc1f1cf636a51a796efa50712 57b61511764563ac85fcf8278c8b6cbab2f16d6b e8c76dc38c952242400ffdcff5b5441f34bed545e932fb69d1c8eddabea91cc3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 31 May 2023 06:50:27 GMT Expires: Wed, 07 Jun 2023 06:50:26 GMT Etag: "57b61511764563ac85fcf8278c8b6cbab2f16d6b" Cache-Control: max-age=333024,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724d89b21b505-OSL`

	ocsp.sectigo.com/	104.18.15.101		471 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash f4455c93e96b5c4a638b3908be3feb3a 83f7df9f77a8adb65bf3d32218640334ed90b1eb 460aa010af79016bd437f8f6c9e004041fc33fcc3afbf561ab2de3009fae4f5a HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 01 Jun 2023 20:10:17 GMT Expires: Thu, 08 Jun 2023 20:10:16 GMT Etag: "83f7df9f77a8adb65bf3d32218640334ed90b1eb" Cache-Control: max-age=467414,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724d89ee51c12-OSL`

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash d37eb636be4d41806631092ef3648c4d 6ba8ad25f3fc4b81923e285431dcf9a887e6da2c 919eed0b379810d31c933f64fea603f3791f145a8e2b4e824e119f19cc9b4761 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 03 Jun 2023 00:45:49 GMT Expires: Sat, 10 Jun 2023 00:45:48 GMT Etag: "6ba8ad25f3fc4b81923e285431dcf9a887e6da2c" Cache-Control: max-age=570346,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724d89e58b51d-OSL`

	ocsp.sectigo.com/	104.18.15.101		471 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 611ef35dd2c0f8264abfbe440093ea3f 04a259b898d72aae1fb7004df97c1bd937935a2c 1c7aa677a06ae40709f53f5b8e3c7f432b48a889b72ce00a2e76e20a08a153cc HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Wed, 31 May 2023 03:34:43 GMT Expires: Wed, 07 Jun 2023 03:34:42 GMT Etag: "04a259b898d72aae1fb7004df97c1bd937935a2c" Cache-Control: max-age=321280,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724d898611c0a-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 0ae93eb9c22416be706c95b1f6d2fc52 680453b41b06e4c4bbc7e1298be1135946c9c428 f66fa59dbf1168ac4d3a46687b4a921e5a06d07b0f91ba043c0ef41e470f06f3 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Wed, 07 Jun 2023 07:59:55 GMT ETag: "680453b41b06e4c4bbc7e1298be1135946c9c428" Last-Modified: Sat, 03 Jun 2023 07:59:56 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2027 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d1724d93ee60b65-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 0ae93eb9c22416be706c95b1f6d2fc52 680453b41b06e4c4bbc7e1298be1135946c9c428 f66fa59dbf1168ac4d3a46687b4a921e5a06d07b0f91ba043c0ef41e470f06f3 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Wed, 07 Jun 2023 07:59:55 GMT ETag: "680453b41b06e4c4bbc7e1298be1135946c9c428" Last-Modified: Sat, 03 Jun 2023 07:59:56 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2027 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d1724d938bc1c06-OSL`

	ocsp.buypass.com/	23.36.76.200		1.7 kB
URL ocsp.buypass.com/ IP 23.36.76.200:0 ASN #20940 Akamai International B.V. File type data Size 1.7 kB (1701 bytes) Hash 792c6c63f37bb26bb842ff4dec05b66e fc3f303ee7f7169004db545765e6954f836be9af 36d605ce87afe01489252d80476736b76c7ce37b8cc715a0594459841cd88f4c HTTP Headers `POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: 8b680b9a-c8d6-42c0-97ba-8a3429cb2607 Content-Length: 1701 Date: Sat, 03 Jun 2023 10:10:01 GMT Connection: keep-alive`

	ocsp.buypass.com/	23.36.76.200		1.7 kB
URL ocsp.buypass.com/ IP 23.36.76.200:0 ASN #20940 Akamai International B.V. File type data Size 1.7 kB (1701 bytes) Hash cb6763eb05f89867eeb054bcbd286c3d 15e5e46e07c79ca5126ed738ebd57e38f1a8bb5d a17b0ad19fc6e1ab73ea8343310826dd9840a8c7ddb3b076f62b5b85e03fbd99 HTTP Headers `POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: 24ec0e23-a7d1-4f75-b399-85c9398e0ef2 Content-Length: 1701 Date: Sat, 03 Jun 2023 10:10:01 GMT Connection: keep-alive`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 09ae2c841d47247f671aa1ae1e5e73be fe90152b2164d1c7e5582d5f2c9d02ca799e65c4 20fa3d10e61565c0d33988dfcd05c25a91927d88f6bc25ea2bb92ce0526c265a HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Wed, 07 Jun 2023 07:21:57 GMT ETag: "fe90152b2164d1c7e5582d5f2c9d02ca799e65c4" Last-Modified: Sat, 03 Jun 2023 07:21:58 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1166 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d1724d97f2a0b65-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 09ae2c841d47247f671aa1ae1e5e73be fe90152b2164d1c7e5582d5f2c9d02ca799e65c4 20fa3d10e61565c0d33988dfcd05c25a91927d88f6bc25ea2bb92ce0526c265a HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Wed, 07 Jun 2023 07:21:57 GMT ETag: "fe90152b2164d1c7e5582d5f2c9d02ca799e65c4" Last-Modified: Sat, 03 Jun 2023 07:21:58 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1166 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d1724d9892e1c06-OSL`

	ocsp.buypass.com/	23.36.76.200		1.7 kB
URL ocsp.buypass.com/ IP 23.36.76.200:0 ASN #20940 Akamai International B.V. File type data Size 1.7 kB (1701 bytes) Hash 14c877bd8da2e7387a4d7e546dbacac0 e95f844ff09570c7b8cd9ebc48344931f4cdce86 8fe3fda8110d6319f68e957e78467ee7e6bf31cf86bb8fc7b1e481027632ee7b HTTP Headers `POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: 32b519e7-577f-4298-a3d3-3bd741f11b6c Content-Length: 1701 Date: Sat, 03 Jun 2023 10:10:01 GMT Connection: keep-alive`

	img.230579.top/images/643294ec9a38bad37dec7432.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.230579.top/images/643294ec9a38bad37dec7432.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject230579.top FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/643294ec9a38bad37dec7432.gif HTTP/1.1 Host: img.230579.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M= X-Firefox-Spdy: h2`

	img.230579.top/images/642a9e6fd57a7adb5d2e2657.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.230579.top/images/642a9e6fd57a7adb5d2e2657.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject230579.top FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/642a9e6fd57a7adb5d2e2657.gif HTTP/1.1 Host: img.230579.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc= X-Firefox-Spdy: h2`

	img.230579.top/images/642b9094ffc757b20fc4283c.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.230579.top/images/642b9094ffc757b20fc4283c.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject230579.top FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/642b9094ffc757b20fc4283c.gif HTTP/1.1 Host: img.230579.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g= X-Firefox-Spdy: h2`

	img.230579.top/images/643133a4f8dd876d9019eb9c.gif	103.166.246.24		0 B
URL GET img.230579.top/images/643133a4f8dd876d9019eb9c.gif IP 103.166.246.24:0 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject230579.top FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/643133a4f8dd876d9019eb9c.gif HTTP/1.1 Host: img.230579.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM= X-Firefox-Spdy: h2`

	img.230579.top/images/642b9094ffc757b20fc42839.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.230579.top/images/642b9094ffc757b20fc42839.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject230579.top FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/642b9094ffc757b20fc42839.gif HTTP/1.1 Host: img.230579.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8= X-Firefox-Spdy: h2`

	img.230579.top/images/642ffae50483127e9b602a4c.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.230579.top/images/642ffae50483127e9b602a4c.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject230579.top FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/642ffae50483127e9b602a4c.gif HTTP/1.1 Host: img.230579.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg= X-Firefox-Spdy: h2`

	aaaaa557.com/ce2f4bab11474be0b5807de2d72e789e.gif	103.170.15.110	200 OK	739 kB
URL GET HTTP/1.1 aaaaa557.com/ce2f4bab11474be0b5807de2d72e789e.gif IP 103.170.15.110:443 ASN #7483 Skycloud Computing co., Ltd. Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectaaaaa557.com FingerprintDF:8E:21:88:56:F8:88:46:F2:46:7B:29:83:AB:5D:86:79:06:6F:C2 ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 739 kB (738702 bytes) Hash a8601033be5a80806bf825cb781b4954 b622626b2bd8550f9631f49258938c53ac30597a 87bbcc2c1cd8bae1e8f3cf8fe66f7ed5cd724ed7afcd4c841919e793871186c7 HTTP Headers `GET /ce2f4bab11474be0b5807de2d72e789e.gif HTTP/1.1 Host: aaaaa557.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "64314d3c-b458e" Date: Tue, 30 May 2023 22:39:21 GMT Content-Type: image/gif Server: nginx Last-Modified: Sat, 08 Apr 2023 11:17:16 GMT Accept-Ranges: bytes X-Cache: HIT from yd11_13-cdn-g01-la2-40 Content-Length: 738702`

	7780tp.com/7780/320x180.gif	156.232.91.102	200 OK	87 kB
URL GET HTTP/1.1 7780tp.com/7780/320x180.gif IP 156.232.91.102:443 ASN #62587 ANT-CLOUD Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject7780tp.com Fingerprint03:AB:D9:FF:90:DB:06:69:20:8E:9F:FB:34:BF:6C:88:45:CF:DC:EC ValidityWed, 26 Apr 2023 11:27:04 GMT - Tue, 25 Jul 2023 11:27:03 GMT File type GIF image data, version 89a, 320 x 180\012- data Size 87 kB (87071 bytes) Hash 56a97e424439af14adfdef573a081ec5 b3e99823f6e1cf9110d91ac1ebc95723e074aece 1a9e611f9867d469f93c6fcebd7ee9a492a0a6378206112fb8d99e0eed93f113 HTTP Headers `GET /7780/320x180.gif HTTP/1.1 Host: 7780tp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: openresty Date: Sat, 03 Jun 2023 10:02:58 GMT Content-Type: image/gif Content-Length: 87071 Connection: keep-alive Last-Modified: Thu, 11 May 2023 08:17:51 GMT ETag: "645ca4af-1541f" Expires: Fri, 16 Jun 2023 09:00:02 GMT Cache-Control: max-age=2592000 Via: 156.232.91.98 CDN-Cache: HIT Accept-Ranges: bytes`

	dvcasha2.ocsp-certum.com/	23.36.79.17		1.6 kB
URL dvcasha2.ocsp-certum.com/ IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 1.6 kB (1599 bytes) Hash 32960695ce15fd87da4d75465d606cec 07efca23ead074a2859a4929bcaffcdef58a17e9 338e19c0d905780e55d3dc58fbe6be80deb8d6141cbdf81a2e8becb4a87fb98d HTTP Headers `POST / HTTP/1.1 Host: dvcasha2.ocsp-certum.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 1599 X-Cached: HIT Strict-Transport-Security: max-age=63072000,includeSubDomains,preload Cache-Control: max-age=876 Date: Sat, 03 Jun 2023 10:10:02 GMT Connection: keep-alive X-N: S`

	dvcasha2.ocsp-certum.com/	23.36.79.17		1.6 kB
URL dvcasha2.ocsp-certum.com/ IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 1.6 kB (1599 bytes) Hash 32960695ce15fd87da4d75465d606cec 07efca23ead074a2859a4929bcaffcdef58a17e9 338e19c0d905780e55d3dc58fbe6be80deb8d6141cbdf81a2e8becb4a87fb98d HTTP Headers `POST / HTTP/1.1 Host: dvcasha2.ocsp-certum.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 1599 X-Cached: HIT Strict-Transport-Security: max-age=63072000,includeSubDomains,preload Cache-Control: max-age=874 Date: Sat, 03 Jun 2023 10:10:02 GMT Connection: keep-alive X-N: S`

	dvcasha2.ocsp-certum.com/	23.36.79.17		1.6 kB
URL dvcasha2.ocsp-certum.com/ IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 1.6 kB (1599 bytes) Hash a94280a1226be3eb05382cb3bfb61b6b 952c07b451dab296d43954c7a9ee834b865accbc 0573eb21e678e1690e4facdbd0944071efb80519b98c748c1a03bdfaf82e03b4 HTTP Headers `POST / HTTP/1.1 Host: dvcasha2.ocsp-certum.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 1599 X-Cached: HIT Strict-Transport-Security: max-age=63072000,includeSubDomains,preload Cache-Control: max-age=900 Date: Sat, 03 Jun 2023 10:10:02 GMT Connection: keep-alive X-N: S`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash bc9fbe3b5fa463c57da84dff595e06b1 1c80c5086e98a5caa54be115bdfc957352059147 16a71d98f91d774011fb9e36e4671ae88021918ab8d3470c7863220491045c81 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Wed, 07 Jun 2023 08:47:42 GMT ETag: "1c80c5086e98a5caa54be115bdfc957352059147" Last-Modified: Sat, 03 Jun 2023 08:47:43 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 318 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d1724dc79b40b65-OSL`

	gd1.alicdn.com/imgextra/i1/2208061819557/O1CN01RVwfEJ2KTA1ezf80q_!!2208061819557-1-chatting.gif	47.246.44.252	200 OK	110 kB
URL GET HTTP/2 gd1.alicdn.com/imgextra/i1/2208061819557/O1CN01RVwfEJ2KTA1ezf80q_!!2208061819557-1-chatting.gif IP 47.246.44.252:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 110 kB (109731 bytes) Hash 449fd13df14283ab282650fc30e08d4c d577488cbd493bc4d8ae0166899ee84ac0edb6d9 b46a2a3dcfe316c2a1efcb16da5f9eecc675b5a29e9d267edf131ad448f4d86b HTTP Headers `GET /imgextra/i1/2208061819557/O1CN01RVwfEJ2KTA1ezf80q_!!2208061819557-1-chatting.gif HTTP/1.1 Host: gd1.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Tengine content-type: image/gif content-length: 109731 date: Mon, 27 Mar 2023 06:51:20 GMT last-modified: Sun, 26 Mar 2023 05:34:08 GMT picasso-ret-code: SUCCESS request-time: 0.043 traceid: 2ff6149816798998800772146e expires: Tue, 26 Mar 2024 06:51:20 GMT cache-control: max-age=31536000 ali-swift-global-savetime: 1679899880 via: cache36.l2us1[0,1,200-0,H], cache7.l2us1[3,0], cache7.se1[0,0,200-0,H], cache7.se1[3,0] access-control-allow-origin: * age: 5887122 x-cache: HIT TCP_HIT dirn:11:387469370 x-swift-savetime: Mon, 27 Mar 2023 11:02:29 GMT x-swift-cachetime: 31520931 timing-allow-origin: * eagleid: 2ff62c9b16857870023302931e X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 625a485e59302c3993ad9b04aef07d5d 7e24e6f8847672d2253043f6e323db396990b7f0 95e7edf2cea7db574d907a9330d5104410100323754236645f02263728b244c0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Thu, 01 Jun 2023 02:16:12 GMT Expires: Thu, 08 Jun 2023 02:16:11 GMT Etag: "7e24e6f8847672d2253043f6e323db396990b7f0" Cache-Control: max-age=402968,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724dcab2fb51d-OSL`

	ocsp.sectigo.com/	104.18.15.101		471 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 6c39602171b0433af8424502a2044fc0 4e05dbaa9b03643dd3c76c6ce56fa5a831c674e8 092f2cd38e1711f3308e44929b73ea0c86453414b54e2b80318e3badbe6731ee HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Wed, 31 May 2023 05:04:19 GMT Expires: Wed, 07 Jun 2023 05:04:18 GMT Etag: "4e05dbaa9b03643dd3c76c6ce56fa5a831c674e8" Cache-Control: max-age=326655,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724dc8836b505-OSL`

	kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif	104.21.30.227	200 OK	186 kB
URL GET HTTP/2 kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif IP 104.21.30.227:443 ASN #13335 CLOUDFLARENET Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectkvtaaa.top Fingerprint0D:10:61:B2:9C:B7:5B:11:48:FE:30:9D:A0:C3:41:C0:9A:71:F5:F7 ValidityTue, 18 Apr 2023 00:50:54 GMT - Mon, 17 Jul 2023 00:50:53 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 186 kB (185463 bytes) Hash 07d436db9009e187330d91ffc5c77745 a7944de8f44192fe6bee6e6584d03966d0ffe8b8 75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2 HTTP Headers `GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1 Host: kvtaaa.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rijisp99.top/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 185463 last-modified: Mon, 13 Jun 2022 10:10:31 GMT etag: "62a70d17-2d477" expires: Tue, 20 Jun 2023 18:52:33 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 1091849 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyKl7tWgSp9lTpXBwbzW61o9i17FtxF5pEbtdkmqebZ9TOBtvmN9d3F5lemAgiqwaaF6hq4TskyN8XXb8VvExAiVx3x%2BRAlMt3xf4zNPFHssR0i2toLaVoXs20nG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d1724dcfdb7b518-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash e2f6bf013c3219a84ab5fac6c0778cbe 95d5578924ab31863010b4b9e0b6d7ebc8b59fad 813500752c66b02846ee89505415bc99034275c2cfb90b6069afdf4ccecc0c3d HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 02 Jun 2023 12:53:51 GMT Expires: Fri, 09 Jun 2023 12:53:50 GMT Etag: "95d5578924ab31863010b4b9e0b6d7ebc8b59fad" Cache-Control: max-age=527628,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724d8984db521-OSL`

	img.1278999.com/images/6465a9a5ad790c9dd633a120.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.1278999.com/images/6465a9a5ad790c9dd633a120.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject1278999.com Fingerprint7F:A5:42:8A:9F:BA:36:D1:78:67:CE:2F:9C:95:B5:DE:45:4E:41:07 ValidityTue, 28 Mar 2023 10:27:33 GMT - Mon, 26 Jun 2023 10:27:32 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/6465a9a5ad790c9dd633a120.gif HTTP/1.1 Host: img.1278999.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk= X-Firefox-Spdy: h2`

	kvhgg.com/e593267fcb1425d0f87746d7e7c45ef6.gif	45.154.214.219	301 Moved Permanently	162 B
URL GET HTTP/2 kvhgg.com/e593267fcb1425d0f87746d7e7c45ef6.gif IP 45.154.214.219:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectkvhgg.com FingerprintC9:70:03:15:7B:A1:99:AA:70:9F:A8:AD:B3:F7:59:F5:D9:6B:82:94 ValidityFri, 19 May 2023 11:08:29 GMT - Thu, 17 Aug 2023 11:08:28 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /e593267fcb1425d0f87746d7e7c45ef6.gif HTTP/1.1 Host: kvhgg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: text/html content-length: 162 location: https://kvklll.top/e593267fcb1425d0f87746d7e7c45ef6.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2`

	kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif	104.21.30.227	200 OK	196 kB
URL GET HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif IP 104.21.30.227:443 ASN #13335 CLOUDFLARENET Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectkvtaaa.top Fingerprint0D:10:61:B2:9C:B7:5B:11:48:FE:30:9D:A0:C3:41:C0:9A:71:F5:F7 ValidityTue, 18 Apr 2023 00:50:54 GMT - Mon, 17 Jul 2023 00:50:53 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 196 kB (196497 bytes) Hash d00955c977d5037971037e8636e6e3fc 543dd6c4ba60647bdd10cdaa77487a688f3a13e5 ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24 HTTP Headers `GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1 Host: kvtaaa.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rijisp99.top/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 196497 last-modified: Mon, 01 Aug 2022 10:55:20 GMT etag: "62e7b118-2ff91" expires: Mon, 03 Jul 2023 06:37:26 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 12756 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2mA83izUxZqR8UYobb29uM1dCNjTJJivTTX3RpRsy1fuw25ro5gtrOh%2FD2atP1HPgZiGAaL0%2FU%2BXJ%2FtwoyLGYyH9m1ksL%2B0%2Bp4SqAZODVsSs1xsUqvfYDZ0M9NN"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d1724dd9e9ab518-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.1137555.com/images/63d20595239ee5d2c56a786b.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.1137555.com/images/63d20595239ee5d2c56a786b.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject1137555.com Fingerprint5E:A1:1C:1D:D0:5D:ED:7C:45:D6:9E:63:CD:3C:F9:A1:0B:73:E3:1A ValidityTue, 28 Mar 2023 10:09:03 GMT - Mon, 26 Jun 2023 10:09:02 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/63d20595239ee5d2c56a786b.gif HTTP/1.1 Host: img.1137555.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww= X-Firefox-Spdy: h2`

	xinchacha2dv.ocsp-certum.com/	23.36.79.17		1.5 kB
URL xinchacha2dv.ocsp-certum.com/ IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 1.5 kB (1538 bytes) Hash e1f42b45d0ffef3b62a822a47380737d 460fbd49de52c8fcfec07642e71156ad407742cf 041e38217d707a8f12f3f9ea2158f777cccc91f39f649cfd7f7e0850c175f05a HTTP Headers `POST / HTTP/1.1 Host: xinchacha2dv.ocsp-certum.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 1538 X-Cached: HIT Strict-Transport-Security: max-age=63072000,includeSubDomains,preload Cache-Control: max-age=234 Date: Sat, 03 Jun 2023 10:10:02 GMT Connection: keep-alive X-N: S`

	img.solomon89.xyz/images/642027dc61e3f8384b97c16f.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.solomon89.xyz/images/642027dc61e3f8384b97c16f.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectsolomon89.xyz FingerprintFD:61:48:08:8D:6E:37:B2:71:ED:72:64:8B:70:60:F4:F6:C0:38:82 ValidityTue, 28 Mar 2023 11:18:33 GMT - Mon, 26 Jun 2023 11:18:32 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/642027dc61e3f8384b97c16f.gif HTTP/1.1 Host: img.solomon89.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20= X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash ccfc5d72aa7fb55577ec9dfe7a1f238e 38fb8a827d144c0ef77d04ca2f2312cea8adf157 6791fcd17ecac67602c85c42a6760ac0b9d461b8fce65fec35cdf3d7a66cf25a HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Thu, 01 Jun 2023 05:08:45 GMT Expires: Thu, 08 Jun 2023 05:08:44 GMT Etag: "38fb8a827d144c0ef77d04ca2f2312cea8adf157" Cache-Control: max-age=413321,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724dcba161c12-OSL`

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 55966d9fd30a6edf0e78028cb565b11a 94deba0336494580996d6d4e7854b4fc5b9e642c ce1a0825f05f4767e91572f85108d57a4e47016fd568f893377a2f62231b4a92 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 31 May 2023 11:53:11 GMT Expires: Wed, 07 Jun 2023 11:53:10 GMT Etag: "94deba0336494580996d6d4e7854b4fc5b9e642c" Cache-Control: max-age=351187,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724ddc99db505-OSL`

	ocsp.buypass.com/	23.36.76.200		1.7 kB
URL ocsp.buypass.com/ IP 23.36.76.200:0 ASN #20940 Akamai International B.V. File type data Size 1.7 kB (1701 bytes) Hash 7d0b362aa77460d6ef2bf1f1b679e5ee e34e79d2df85923795df5c7e2e8e2f4b808f9317 bb9eaebe4832689c35602d2f1a3dda216bb136eddc43afb408f4d0fe75b667e5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: ababe02a-f12c-4dd9-97ab-4e53ce2feec8 Content-Length: 1701 Date: Sat, 03 Jun 2023 10:10:02 GMT Connection: keep-alive`

	6651tp.com/960x8011.gif	162.250.141.134	200 OK	232 kB
URL GET HTTP/1.1 6651tp.com/960x8011.gif IP 162.250.141.134:443 ASN #62587 ANT-CLOUD Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject6651tp.com Fingerprint17:66:4F:C9:73:C0:1F:BE:38:35:32:69:0B:47:5B:70:BE:82:DF:86 ValidityTue, 11 Apr 2023 18:24:23 GMT - Mon, 10 Jul 2023 18:24:22 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 232 kB (231704 bytes) Hash 1a7ceda3b44ace07bcd06a4eb7fe8b1f cb2a8d2593e6de5c808f2a8e25ce39aa17f57551 30258ea16c5e7c4778b6dfb8aaf3e270d2b6d3ea6992a6174c2d254affb20a31 HTTP Headers `GET /960x8011.gif HTTP/1.1 Host: 6651tp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: openresty Date: Sat, 03 Jun 2023 10:13:14 GMT Content-Type: image/gif Content-Length: 231704 Connection: keep-alive Last-Modified: Tue, 11 Apr 2023 08:12:41 GMT ETag: "64351679-38918" Expires: Wed, 28 Jun 2023 10:20:49 GMT Cache-Control: max-age=2592000 Via: 162.250.141.130 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload CDN-Cache: HIT Accept-Ranges: bytes`

	ruyi8.oss-accelerate.aliyuncs.com/tu/1.abc	47.254.187.78	200 OK	157 kB
URL GET HTTP/1.1 ruyi8.oss-accelerate.aliyuncs.com/tu/1.abc IP 47.254.187.78:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-eu-central-1.aliyuncs.com FingerprintDA:18:69:4C:8B:82:70:86:A9:16:CD:3D:78:02:BA:9D:A4:62:13:5C ValidityMon, 30 Jan 2023 02:31:08 GMT - Sat, 02 Mar 2024 02:31:07 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 157 kB (156604 bytes) Hash a4236e0ea04ee6db809bbfa9f0c44fc1 285cb0fd4da57cff16ca2ce328806dcd7f6d789f 1fcd494ddbf89898b764eb31c2f7cdef41b9ac1b679d1c38c99e093d889136df HTTP Headers `GET /tu/1.abc HTTP/1.1 Host: ruyi8.oss-accelerate.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 156604 Connection: keep-alive x-oss-request-id: 647B117A84758F9A4BA8331F Accept-Ranges: bytes ETag: "A4236E0EA04EE6DB809BBFA9F0C44FC1" Last-Modified: Mon, 29 May 2023 11:52:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13751824796241125410 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: pCNuDqBO5tuAm7+p8MRPwQ== x-oss-server-time: 2

	gg228.oss-cn-hangzhou.aliyuncs.com/ky200200a.gif	47.110.177.136	200 OK	286 kB
URL GET HTTP/1.1 gg228.oss-cn-hangzhou.aliyuncs.com/ky200200a.gif IP 47.110.177.136:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-hangzhou.aliyuncs.com Fingerprint1D:79:0F:5A:99:E6:4D:DC:A2:70:A6:80:16:6D:82:2B:62:EA:34:B8 ValidityWed, 15 Feb 2023 06:06:07 GMT - Mon, 18 Mar 2024 06:06:06 GMT File type GIF image data, version 89a, 200 x 200\012- data Size 286 kB (285553 bytes) Hash bbd1070d797386f40b83b31d555901cf c7b01e26d4fed5ff8267e9766b340abcdc114447 f9b6170043ff2c2aba58abe338fd5aba832a7a7cc23be33c6f5fcba209400713 HTTP Headers `GET /ky200200a.gif HTTP/1.1 Host: gg228.oss-cn-hangzhou.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: image/gif Content-Length: 285553 Connection: keep-alive x-oss-request-id: 647B11796F8C263330AD3D38 Accept-Ranges: bytes ETag: "BBD1070D797386F40B83B31D555901CF" Last-Modified: Thu, 16 Mar 2023 08:09:09 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17651800536869536973 x-oss-storage-class: Standard x-oss-ec: 0048-00000105 Content-Disposition: attachment x-oss-force-download: true Content-MD5: u9EHDXlzhvQLg7MdVVkBzw== x-oss-server-time: 1

	s2.loli.net/2023/05/26/hpBo3Ruxgk2CZ6m.jpg	104.26.0.190	200 OK	105 kB
URL GET HTTP/2 s2.loli.net/2023/05/26/hpBo3Ruxgk2CZ6m.jpg IP 104.26.0.190:443 ASN #13335 CLOUDFLARENET Requested by https://rijisp99.top/ Certificate IssuerCloudflare, Inc. Subjectloli.net FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1 ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1072x716, components 3\012- data Size 105 kB (104727 bytes) Hash ca22fa65a734a5e05e364e0539367141 ca3311a4cc0a82201c49b96f64fae789fe3c8bc3 5d03bef1fcaaea0aec822fa7c7893664078162eff10f35a82ffe9ca977bb2da4 HTTP Headers `GET /2023/05/26/hpBo3Ruxgk2CZ6m.jpg HTTP/1.1 Host: s2.loli.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/jpeg content-length: 104727 last-modified: Fri, 26 May 2023 10:54:48 GMT etag: "64708ff8-19917" strict-transport-security: max-age=31536000; includeSubDomains; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block vary: Accept, Accept-Encoding access-control-allow-origin: * timing-allow-origin: * cf-cache-status: BYPASS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN47mYb1FL%2B2NRUREUCU6vdB5N5UYFBSBLUViHC1rme0L%2FqgyEPaa4XdcSem%2F3nmmcqjlnO9Zv7LQraYdQjh4j5lWd7MZCArP45h1g77PTCFMWnh1qOdMtPEQaN1"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d1724dcb9891c16-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash c12e3a4e6cf6fd566ccf95e646a76cb6 941cd4bdb225b4ddaea54ecf43c88e8c337d53f0 1681eb7ea28223b45a6672c13d8eb594b114cf9b9601c92d5684b253058c93c3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 30 May 2023 23:55:24 GMT Expires: Tue, 06 Jun 2023 23:55:23 GMT Etag: "941cd4bdb225b4ddaea54ecf43c88e8c337d53f0" Cache-Control: max-age=308120,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724dd6c2bb51d-OSL`

	n0611.com/12e44894b32240f988466faa21690705.gif	170.178.165.171	200 OK	457 kB
URL GET HTTP/1.1 n0611.com/12e44894b32240f988466faa21690705.gif IP 170.178.165.171:443 ASN #46844 ST-BGP Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectn0611.com FingerprintCA:7A:6E:12:FC:81:69:FB:76:A2:5E:F7:D6:52:B6:A7:52:5A:06:F9 ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 457 kB (457422 bytes) Hash 1d99213864d9c08ffb5d82569e65bd2a 6c40b94c0524a03567a4e530db69c31e2b369fa1 24f1516a9d5b53898e2df30a6f2c0492ab71ab9c01b2e5cef7f9eceb1ef4abff HTTP Headers `GET /12e44894b32240f988466faa21690705.gif HTTP/1.1 Host: n0611.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 457422 Content-Type: image/gif Date: Sat, 03 Jun 2023 06:38:16 GMT ETag: "1685774296" Last-Modified: Sat, 03 Jun 2023 06:38:16 GMT Server: nginx X-Cache: HIT, policy, memory`

	7780tp.com/7780/980x80.gif	156.232.91.102	200 OK	567 kB
URL GET HTTP/1.1 7780tp.com/7780/980x80.gif IP 156.232.91.102:443 ASN #62587 ANT-CLOUD Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject7780tp.com Fingerprint03:AB:D9:FF:90:DB:06:69:20:8E:9F:FB:34:BF:6C:88:45:CF:DC:EC ValidityWed, 26 Apr 2023 11:27:04 GMT - Tue, 25 Jul 2023 11:27:03 GMT File type GIF image data, version 89a, 980 x 80\012- data Size 567 kB (566969 bytes) Hash e30a6253fde9acd308cebb7cc81d66bc 79b3c27fb3a122a36fc8e51d4164c66228785b54 aebc80512d20c0c97a147e4dc4c842423dd9bedd55985404bd2820a941147efb HTTP Headers `GET /7780/980x80.gif HTTP/1.1 Host: 7780tp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: openresty Date: Sat, 03 Jun 2023 10:02:58 GMT Content-Type: image/gif Content-Length: 566969 Connection: keep-alive Last-Modified: Sun, 02 Apr 2023 07:20:52 GMT ETag: "64292cd4-8a6b9" Expires: Fri, 16 Jun 2023 09:39:23 GMT Cache-Control: max-age=2592000 Via: 156.232.91.98 CDN-Cache: HIT Accept-Ranges: bytes`

	ocsp.buypass.com/	23.36.76.200		1.7 kB
URL ocsp.buypass.com/ IP 23.36.76.200:0 ASN #20940 Akamai International B.V. File type data Size 1.7 kB (1701 bytes) Hash 15d07c29eb484eba95f6f94deda9e6a8 810d7801da8d34fb23c2e2c2b6e2617191c23c93 71e0c8bf59940086450ac63d862fd1ff0d2f29d191adfcd5b16ec7d8d4d5c6ae HTTP Headers `POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: 7d0f10e7-cb13-4a91-97c9-656cba761854 Content-Length: 1701 Date: Sat, 03 Jun 2023 10:10:02 GMT Connection: keep-alive`

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 4f5bc7858e58af75565901e42e60f28d b4071b59e8216c5f540b9965f9f0f6f5ab756100 a1b9084b6fc25c52cf0ffd1d2e69b6447fe3f3b0dc3ac581f9022f84f683b372 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 31 May 2023 18:56:35 GMT Expires: Wed, 07 Jun 2023 18:56:34 GMT Etag: "b4071b59e8216c5f540b9965f9f0f6f5ab756100" Cache-Control: max-age=376910,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724df4fd9b521-OSL`

	6651tp.com/320x180.gif	162.250.141.134	200 OK	672 kB
URL GET HTTP/1.1 6651tp.com/320x180.gif IP 162.250.141.134:443 ASN #62587 ANT-CLOUD Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject6651tp.com Fingerprint17:66:4F:C9:73:C0:1F:BE:38:35:32:69:0B:47:5B:70:BE:82:DF:86 ValidityTue, 11 Apr 2023 18:24:23 GMT - Mon, 10 Jul 2023 18:24:22 GMT File type GIF image data, version 89a, 320 x 180\012- data Size 672 kB (671614 bytes) Hash 8e09ed2a50e1c26af382671759acf817 72aa83dd9245aab780d7d9f2e49c3ff4d55bc7fb 16c9aa7d280e0ee9b1a456131bc7f0946bb0da752a44d4933b76e3df212f9119 HTTP Headers `GET /320x180.gif HTTP/1.1 Host: 6651tp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: openresty Date: Sat, 03 Jun 2023 10:13:14 GMT Content-Type: image/gif Content-Length: 671614 Connection: keep-alive Last-Modified: Wed, 24 May 2023 07:10:09 GMT ETag: "646db851-a3f7e" Expires: Wed, 28 Jun 2023 10:21:46 GMT Cache-Control: max-age=2592000 Via: 162.250.141.130 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload CDN-Cache: HIT Accept-Ranges: bytes`

	zerossl.ocsp.sectigo.com/	104.18.15.101		727 B
URL zerossl.ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 727 B (727 bytes) Hash fe5a153bc93fa604c6a3e2db2477bb88 a7926c530d391838bbd601ee4898ecb2564537d7 1d82d41c4305dc6235c7a3e70c8628d0b401036afe7f762e031ccfc04d376833 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: application/ocsp-response Content-Length: 727 Connection: keep-alive Last-Modified: Fri, 02 Jun 2023 20:28:19 GMT Expires: Fri, 09 Jun 2023 20:28:18 GMT Etag: "a7926c530d391838bbd601ee4898ecb2564537d7" Cache-Control: max-age=554895,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724dfdff2b4fd-OSL`

	img.1228a.xyz/images/645b9532753dd994a618e5ba.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.1228a.xyz/images/645b9532753dd994a618e5ba.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject1228a.xyz FingerprintEA:9E:B0:B9:66:C6:2B:CB:41:EA:39:06:06:FC:C9:07:8F:40:95:6B ValidityWed, 10 May 2023 08:22:10 GMT - Tue, 08 Aug 2023 08:22:09 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/645b9532753dd994a618e5ba.gif HTTP/1.1 Host: img.1228a.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U= X-Firefox-Spdy: h2`

	lxbd2.com/5c7fdf1df9d36afce7ceff765bb44824.gif	172.83.155.45	200 OK	101 kB
URL GET HTTP/2 lxbd2.com/5c7fdf1df9d36afce7ceff765bb44824.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectlxbd2.com FingerprintBD:68:BB:10:EC:8E:2A:1F:A1:F9:FA:FF:FA:77:AD:C7:B1:FE:FE:D2 ValiditySat, 27 May 2023 09:34:51 GMT - Fri, 25 Aug 2023 09:34:50 GMT File type GIF image data, version 89a, 750 x 120\012- data Size 101 kB (100926 bytes) Hash 5df9b7ca12d1dc320200e1376ecf7802 5fb72296c9be81d2676993d747d9ad5364d6032d 2a7cd3ea5c9f26a4e28a01287355065fd2f93ce172b9e8792dec0c1bbfd10ed2 HTTP Headers `GET /5c7fdf1df9d36afce7ceff765bb44824.gif HTTP/1.1 Host: lxbd2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 100926 last-modified: Fri, 31 Mar 2023 06:51:08 GMT etag: "642682dc-18a3e" expires: Sat, 03 Jun 2023 22:10:02 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 272611 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlMadDb6t%2FybZvmcGePO5OMtpff31QmvemvMGrg1pm3Q62PDBtMrYGIgFShWk6CsecOA%2F6MHqya5LmYSUG7whDM2DbDgC0%2BQh658L5zSXC0WA3NGby2SwCyTqgF4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray: 7d1715354b97c5a8-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	xcvd.cd55a66dddsa.com/img/33.gif	52.184.82.137	200 OK	225 kB
URL GET HTTP/2 xcvd.cd55a66dddsa.com/img/33.gif IP 52.184.82.137:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectxcvd.cd55a66dddsa.com Fingerprint08:F5:23:A9:3B:08:E4:BB:6D:38:F8:99:29:58:A6:13:A1:A1:AD:60 ValidityWed, 10 May 2023 04:32:11 GMT - Tue, 08 Aug 2023 04:32:10 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 225 kB (225364 bytes) Hash 523239ea45690f5fd1f118e2d34c4348 79b5152594acfcb846516ab0bf1cb24a344664b8 34f3cd5fc17a9b4a84b8c8ef605d0b915508f855e27bdebbdb8fa32f07b775c8 HTTP Headers `GET /img/33.gif HTTP/1.1 Host: xcvd.cd55a66dddsa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: openresty date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 225364 last-modified: Sat, 08 Apr 2023 09:43:55 GMT etag: "6431375b-37054" expires: Sat, 24 Jun 2023 06:16:27 GMT cache-control: max-age=2592000 via: cdn-node-a9-new-hk-07 cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	kvklll.top/e593267fcb1425d0f87746d7e7c45ef6.gif	104.21.50.72	200 OK	332 kB
URL GET HTTP/2 kvklll.top/e593267fcb1425d0f87746d7e7c45ef6.gif IP 104.21.50.72:443 ASN #13335 CLOUDFLARENET Requested by https://rijisp99.top/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint3B:F8:A2:32:06:9A:E1:A6:E5:C9:61:2A:74:85:8A:59:C5:BE:0B:81 ValidityFri, 10 Feb 2023 00:00:00 GMT - Sat, 10 Feb 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 332 kB (332163 bytes) Hash 236ff29278548307e60d31758ba5f6bc 9ba74fd46d025e65ecdfe95f21e0c00fa3f6f311 316fdaec342556eae29e38c5e6d67e8b5dffc5272f0857a735b97bdf2e722749 HTTP Headers `GET /e593267fcb1425d0f87746d7e7c45ef6.gif HTTP/1.1 Host: kvklll.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rijisp99.top/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 332163 last-modified: Fri, 19 May 2023 12:32:01 GMT etag: "64676c41-51183" expires: Wed, 28 Jun 2023 23:20:42 GMT cache-control: max-age=16070400 cf-cache-status: HIT age: 384561 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FkHpTTjg5J3E4KLAgl3QRhxmLhT%2F3Z83PcpW%2BroMxiW8TBB%2FXWORFevx%2F3eznqLOwyToDiLYkFSjXzB3a0sIH6gwvTHg1tHLnPNlNxPTcjxgMqF%2BbsK2EDoyQTc"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d1724e0f9b11c06-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.15.101		472 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash ccdca839c867e5843309e49366dbb573 19b1d8009ebc13128b6760ed41b2ad6e9075b1f6 9b3841b303a1df5e52f06ef61ba1fdf52a7045ccc3279a500a3c35b388f4ae67 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:03 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 31 May 2023 18:17:58 GMT Expires: Wed, 07 Jun 2023 18:17:57 GMT Etag: "19b1d8009ebc13128b6760ed41b2ad6e9075b1f6" Cache-Control: max-age=374273,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724dfdc771c12-OSL`

	lxbd2.com/6b4bc2393b34f569886385798f04319d.gif	172.83.155.45	200 OK	68 kB
URL GET HTTP/2 lxbd2.com/6b4bc2393b34f569886385798f04319d.gif IP 172.83.155.45:443 ASN #201106 Spartan Host Ltd Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectlxbd2.com FingerprintBD:68:BB:10:EC:8E:2A:1F:A1:F9:FA:FF:FA:77:AD:C7:B1:FE:FE:D2 ValiditySat, 27 May 2023 09:34:51 GMT - Fri, 25 Aug 2023 09:34:50 GMT File type GIF image data, version 89a, 300 x 200\012- data Size 68 kB (67829 bytes) Hash 8fe8a3221d6c69d2dfa96070eeaf7947 2e3d9f6307f2b435471ca22f3a2662a586a93b73 f2a244eb1748c34fb59c94b4576147ab29247b93edc1c77536c68aa4bbcdf368 HTTP Headers `GET /6b4bc2393b34f569886385798f04319d.gif HTTP/1.1 Host: lxbd2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 67829 last-modified: Fri, 31 Mar 2023 06:50:35 GMT etag: "642682bb-108f5" expires: Sat, 03 Jun 2023 22:10:02 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 66171 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX%2BQOUm%2FVM8XpU05%2Bpd1v%2FwpIXlfnjstcyCHU2WkiaImDDrKEvTkL1D95MZASlC01iR7PFYbCJxnqO82T3J4sHOBqHk9wHklm6WVqqyx8RZNRiCNJNOduzQqfwhj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding cf-ray: 7d16b458ec86309a-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	pic.picnewsss.com/tu-2022290039/se-1.jpg	143.92.56.131	200 OK	27 kB
URL GET HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg IP 143.92.56.131:443 ASN #64050 BGPNET Global ASN Requested by https://rijisp99.top/ Certificate IssuerBuypass AS-983163327 Subjectpic.picnewsss.com FingerprintF2:4D:96:5D:C9:D0:18:10:BB:58:F4:9C:BE:C0:89:89:C4:2E:8E:DC ValidityThu, 01 Jun 2023 16:42:33 GMT - Mon, 27 Nov 2023 22:59:00 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data Size 27 kB (26754 bytes) Hash d7603dc1b229c08999abed67adb502ac 54c441cd973289db604c2ee8a9b7121616c1a871 b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e HTTP Headers `GET /tu-2022290039/se-1.jpg HTTP/1.1 Host: pic.picnewsss.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=2592000 content-type: image/jpeg date: Fri, 02 Jun 2023 15:28:58 GMT etag: "1685784715" expires: Sun, 02 Jul 2023 15:28:58 GMT last-modified: Sat, 03 Jun 2023 09:31:55 GMT server: nginx x-cache: HIT, policy, memory content-length: 26754 X-Firefox-Spdy: h2`

	u1102.com/6b33eac17ca549eeb56d49f51671ccad.gif	103.170.15.40	200 OK	519 kB
URL GET HTTP/2 u1102.com/6b33eac17ca549eeb56d49f51671ccad.gif IP 103.170.15.40:443 ASN #7483 Skycloud Computing co., Ltd. Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectu1102.com FingerprintC9:2F:EB:1B:9D:87:04:4A:6A:E4:D8:15:7B:AC:4A:E5:72:03:19:18 ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 519 kB (519306 bytes) Hash 5e530dbf8e7dfab35b57c9cbe75f14cc de94895cb8bff889d9d0ed0f9c21999831c42c45 ee1b4f206d897fa560b1a87eef7f2a8047ea49d2703c68c985d7263b86c0a8c3 HTTP Headers `GET /6b33eac17ca549eeb56d49f51671ccad.gif HTTP/1.1 Host: u1102.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK cache-control: max-age=86400 etag: "6479c5e2-7ec8a" server: nginx date: Fri, 02 Jun 2023 16:40:57 GMT content-type: image/gif last-modified: Fri, 02 Jun 2023 10:35:14 GMT accept-ranges: bytes x-cache: HIT from yd11_02-cdn-g01-la2-30 content-length: 519306 X-Firefox-Spdy: h2`

	sz88.oss-cn-shenzhen.aliyuncs.com/js/js1911-200x200.gif	120.78.115.86	200 OK	225 kB
URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js/js1911-200x200.gif IP 120.78.115.86:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 200 x 200\012- data Size 225 kB (225026 bytes) Hash d0ec0f9c3f6bea10c3932dc6c67e95f3 d90ff84ffd8c75172e3d72f5fbc641e8cba869c6 1237fd778d6bb08a35af656bdcb2cbec947f6a725014ec7775d6509644deab90 HTTP Headers `GET /js/js1911-200x200.gif HTTP/1.1 Host: sz88.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: image/gif Content-Length: 225026 Connection: keep-alive x-oss-request-id: 647B1179FC90F337300F42C8 Accept-Ranges: bytes ETag: "D0EC0F9C3F6BEA10C3932DC6C67E95F3" Last-Modified: Mon, 19 Dec 2022 08:37:35 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 16580088513556850248 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 0OwPnD9r6hDDky3Gxn6V8w== x-oss-server-time: 2

	img.1257999.com/images/643e3092bd9c74225d2ef3c5.gif	103.166.246.24	302 Found	0 B
URL GET HTTP/2 img.1257999.com/images/643e3092bd9c74225d2ef3c5.gif IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject1257999.com Fingerprint1D:6F:D7:93:CA:8C:0B:64:E2:13:FB:66:5F:8E:E3:84:C8:31:D5:4D ValidityTue, 28 Mar 2023 10:25:12 GMT - Mon, 26 Jun 2023 10:25:11 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /images/643e3092bd9c74225d2ef3c5.gif HTTP/1.1 Host: img.1257999.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-length: 0 referrer-policy: no-referrer cache-control: max-age=1800 location: https://files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U= X-Firefox-Spdy: h2`

	gg228.oss-cn-hangzhou.aliyuncs.com/ky96080a.gif	47.110.177.136	200 OK	432 kB
URL GET HTTP/1.1 gg228.oss-cn-hangzhou.aliyuncs.com/ky96080a.gif IP 47.110.177.136:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-hangzhou.aliyuncs.com Fingerprint1D:79:0F:5A:99:E6:4D:DC:A2:70:A6:80:16:6D:82:2B:62:EA:34:B8 ValidityWed, 15 Feb 2023 06:06:07 GMT - Mon, 18 Mar 2024 06:06:06 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 432 kB (432195 bytes) Hash 66560dc1fbaeb67885a45dd7dc5831e1 38584ed6146b3cd7f220a7cf5db732f462cf1474 5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32 HTTP Headers `GET /ky96080a.gif HTTP/1.1 Host: gg228.oss-cn-hangzhou.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: image/gif Content-Length: 432195 Connection: keep-alive x-oss-request-id: 647B11796172673934EC341E Accept-Ranges: bytes ETag: "66560DC1FBAEB67885A45DD7DC5831E1" Last-Modified: Thu, 16 Mar 2023 08:09:11 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 15586424114477953781 x-oss-storage-class: Standard x-oss-ec: 0048-00000105 Content-Disposition: attachment x-oss-force-download: true Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q== x-oss-server-time: 2

	n0600.com/bd81aad5216a4e07ab45c538058b3902.gif	170.178.165.170	200 OK	147 kB
URL GET HTTP/1.1 n0600.com/bd81aad5216a4e07ab45c538058b3902.gif IP 170.178.165.170:443 ASN #46844 ST-BGP Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectn0600.com Fingerprint70:AB:4F:80:64:F7:41:4A:A2:9D:0D:9F:6A:C4:3C:08:91:70:72:26 ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT File type GIF image data, version 89a, 300 x 174\012- data Size 147 kB (146978 bytes) Hash 2474bd5cd51790f79a1d6fe23df8c20d 502322cdce707b7b6965704347bff1d0a9b46f75 ff7a874e2a3fbde76c0e18b537e9ffe4f4153238aee602436ced11e1b91c45c3 HTTP Headers `GET /bd81aad5216a4e07ab45c538058b3902.gif HTTP/1.1 Host: n0600.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 146978 Content-Type: image/gif Date: Sat, 03 Jun 2023 06:38:18 GMT ETag: "1685774298" Last-Modified: Sat, 03 Jun 2023 06:38:18 GMT Server: nginx X-Cache: HIT, policy, memory`

	uu3233uu.com/5fb1cf4917544e70a92604cde7f821ee.gif	103.189.109.55	200 OK	459 kB
URL GET HTTP/1.1 uu3233uu.com/5fb1cf4917544e70a92604cde7f821ee.gif IP 103.189.109.55:443 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectuu3233uu.com Fingerprint70:E8:D7:1F:CD:35:19:CB:9D:B3:67:2C:51:0A:F3:ED:B0:AC:28:84 ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 459 kB (458890 bytes) Hash 0d9ad28c5daf9529a41a915bc83b15e3 8d19d6430caf76c6008672013af3021cb1c4288a 646a48b96f107a014723f4110c31191a2f456b89b2e0e9b148b4e74c6a1dd7e6 HTTP Headers `GET /5fb1cf4917544e70a92604cde7f821ee.gif HTTP/1.1 Host: uu3233uu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "6464df8b-7008a" Date: Wed, 17 May 2023 14:09:57 GMT Content-Type: image/gif Server: nginx Last-Modified: Wed, 17 May 2023 14:07:07 GMT Accept-Ranges: bytes X-Cache: HIT from ty8z2-cdnb109-045 Content-Length: 458890`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8=	103.166.246.24	200 OK	87 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 300 x 180\012- data Size 87 kB (87116 bytes) Hash 6ab41074ec623faecacd283fcf6f010c 89a63ba187f7a0b80d617e8bee2b0ac440732a7b 06899f1196ff83503fbd559986b6ac885797255cdc49defaa99406b61d0e2330 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDbH+rSMx36GfW55nseM57kTVqM6E6TSEhfhKNX5SYEuAJeT/jRUhvk8afMB6UN0R8= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 87116 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	uu6522uu.com/6b6c4101b455403ba373ae5ca973d112.gif	103.189.109.49	200 OK	684 kB
URL GET HTTP/1.1 uu6522uu.com/6b6c4101b455403ba373ae5ca973d112.gif IP 103.189.109.49:443 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectuu6522uu.com Fingerprint9F:A9:31:A7:D5:FB:5E:B7:92:CE:97:32:BA:FB:88:86:69:E0:1B:B7 ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 684 kB (683707 bytes) Hash f49046a5e6117c50b0d0acf38d5771fd ff89f0896c5bbbbe248aceccfc404f8282df55a6 656acf8e658dd3ae0a4fff74ac88c58c6d06687b1ccb379a9a211c439f095493 HTTP Headers `GET /6b6c4101b455403ba373ae5ca973d112.gif HTTP/1.1 Host: uu6522uu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "64563e9d-a6ebb" Date: Sun, 28 May 2023 03:29:55 GMT Content-Type: image/gif Server: nginx Last-Modified: Sat, 06 May 2023 11:48:45 GMT Accept-Ranges: bytes X-Cache: HIT from ty8z2-cdnb109-039 Content-Length: 683707`

	595image.com:3188/960x120.gif	223.113.143.213	200 OK	185 kB
URL GET HTTP/1.1 595image.com:3188/960x120.gif IP 223.113.143.213:3188 ASN #56046 China Mobile communications corporation Requested by https://rijisp99.top/ Certificate IssuerUnizeto Technologies S.A. Subject225image.com Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 185 kB (184991 bytes) Hash f3142a120ee01ba9856a4587b419607e 0d590166dc2458fbfd077d6ac75381a7bc1203ac 31d7984bc007f48066a4fe3115ef3cd90450fa65349034eb9eaffcf7cf223e69 HTTP Headers `GET /960x120.gif HTTP/1.1 Host: 595image.com:3188 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 184991 Connection: keep-alive Last-Modified: Sun, 29 Jan 2023 15:25:24 GMT ETag: "63d68fe4-2d29f" Expires: Sat, 01 Jul 2023 02:24:13 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	n0522.com/933c5004b2eb43788e4f93145bd0835b.gif	170.178.165.172	200 OK	150 kB
URL GET HTTP/1.1 n0522.com/933c5004b2eb43788e4f93145bd0835b.gif IP 170.178.165.172:443 ASN #46844 ST-BGP Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectn0522.com FingerprintDE:E0:00:37:E8:CA:25:E2:8B:FA:51:98:48:D3:04:89:19:7C:F3:F7 ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT File type GIF image data, version 89a, 516 x 290\012- data Size 150 kB (150396 bytes) Hash a4470e9edcd635d0b5e919d870afe80a 1fe162725ed0eb6d88c86ace55e1fba51d4a9571 1d56af37713016ba37aa0a28cc203e3b079e74268177f77022369f0a31fe83b6 HTTP Headers `GET /933c5004b2eb43788e4f93145bd0835b.gif HTTP/1.1 Host: n0522.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 150396 Content-Type: image/gif Date: Fri, 02 Jun 2023 10:47:38 GMT ETag: "1685786757" Last-Modified: Sat, 03 Jun 2023 10:05:57 GMT Server: nginx X-Cache: HIT, policy, memory`

	1cdn.8b4v.cn/wns96080a.gif	112.84.131.135	200 OK	374 kB
URL GET HTTP/1.1 1cdn.8b4v.cn/wns96080a.gif IP 112.84.131.135:443 ASN #4837 CHINA UNICOM China169 Backbone Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subject1cdn.8b4v.cn Fingerprint90:2B:E9:98:30:96:6B:87:97:34:B5:C0:36:9A:12:91:81:E6:AF:12 ValidityThu, 13 Apr 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 374 kB (374505 bytes) Hash 61f0a03d052a9fa7c45384a259b5ba2e d4ee20f085c53882170bf84dedc1f41995e1bd40 e1861e6ff229839c7d15fb0b166069fe773aad508c8d174661a7437e2b45632b HTTP Headers `GET /wns96080a.gif HTTP/1.1 Host: 1cdn.8b4v.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Last-Modified: Thu, 13 Apr 2023 06:46:54 GMT Etag: "61f0a03d052a9fa7c45384a259b5ba2e" Content-Type: image/gif Date: Mon, 29 May 2023 02:11:01 GMT Server: tencent-cos x-cos-hash-crc64ecma: 8121941456025080816 x-cos-request-id: NjQ3NDA5YjVfOWQ0ZmI3MDlfYTk1MV9jNjM5OTIz Content-Length: 374505 Accept-Ranges: bytes X-NWS-LOG-UUID: 12526051587254206559 Connection: keep-alive X-Cache-Lookup: Cache Hit Cache-Control: max-age=3600`

	7788bb.xyz/8499/960x80.gif	23.224.101.36	200 OK	366 kB
URL GET HTTP/2 7788bb.xyz/8499/960x80.gif IP 23.224.101.36:443 ASN #40065 CNSERVERS Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subject7788bb.xyz Fingerprint6D:6E:97:68:A4:F8:F5:A6:1B:E6:CD:40:06:97:D5:56:ED:90:87:14 ValidityTue, 02 May 2023 12:03:54 GMT - Mon, 31 Jul 2023 12:03:53 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 366 kB (366380 bytes) Hash c4ab0620dc7d27a4ef0c24959e8be6fd ff877344f31c9cc5e77d225b2999e6980ceb7ff5 f9ec3633ef5a1043335f8100bc09141d23ce601584d7fe8291a331230730d886 HTTP Headers `GET /8499/960x80.gif HTTP/1.1 Host: 7788bb.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 366380 last-modified: Mon, 22 May 2023 14:21:41 GMT etag: "5972c-5fc48fd56e78b" server: qq.com x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	sz88.oss-cn-shenzhen.aliyuncs.com/sz/kg96080a.gif	120.78.115.86	200 OK	346 kB
URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/sz/kg96080a.gif IP 120.78.115.86:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 346 kB (345602 bytes) Hash 6310bd0194df289f34539ff2dfc8a250 960461384c89fb7407b76f72fe1fa519c7cfb60f faac27a9fb02215321fba3507add99cfa9d4acb02144d8e229436c128e9caa12 HTTP Headers `GET /sz/kg96080a.gif HTTP/1.1 Host: sz88.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:01 GMT Content-Type: image/gif Content-Length: 345602 Connection: keep-alive x-oss-request-id: 647B1179ABB6AF39365EE606 Accept-Ranges: bytes ETag: "6310BD0194DF289F34539FF2DFC8A250" Last-Modified: Thu, 16 Mar 2023 07:41:48 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 2217501445958086142 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: YxC9AZTfKJ80U5/y38iiUA== x-oss-server-time: 2

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg=	103.166.246.24	200 OK	200 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 200 kB (199929 bytes) Hash aab369250902e2f68bd2126779811d66 79b3ead5cb93b7f9705ef78a3061c2535027cfb8 66f0bf6e982d3d6e63906739822dd1b0c1769c10e9fd5ff1ecf5573d48f6d671 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAcZD8/ld/2bVAawTmIqa3ua8lhi9EqhvoawjEIcz3MTeeTzzCdFUDDwgiLq9Qv5Yg= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 199929 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s=	103.166.246.24	200 OK	132 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 750 x 120\012- data Size 132 kB (131670 bytes) Hash 22e2ef5f2d98a6e398a59df21954887c b03ad066b2ccd18686fd9c41c115348e1cda554c a325f92d6e949ddc0048ff058ab35c58f3fca81d68a4120f807e818ff07742bc HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAQN5KOTdCgrz43L7abnUAKWwanQzTXtk4ACGN6J8TqJJ34bphv0ZWc+J9Wu99qB+s= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 131670 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	8499163.com/8499/150x150.gif	23.224.158.157	200 OK	185 kB
URL GET HTTP/2 8499163.com/8499/150x150.gif IP 23.224.158.157:443 ASN #40065 CNSERVERS Requested by https://rijisp99.top/ Certificate IssuerZeroSSL Subject8499163.com Fingerprint4A:A2:41:31:43:59:11:0E:A6:A9:3D:D9:04:12:85:48:F2:DA:FA:0E ValidityMon, 01 May 2023 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT File type GIF image data, version 89a, 150 x 150\012- data Size 185 kB (184880 bytes) Hash 4ebc1ef9412271c425fae6d17b011e9e 5c6c6f2363a621cc32fdfec4b6c2a46a3b356f43 b665c5d297cf180123da9be8c683fbe5b286bc6b9a19cd01bca66ffebbdd3c98 HTTP Headers `GET /8499/150x150.gif HTTP/1.1 Host: 8499163.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 184880 last-modified: Mon, 22 May 2023 14:21:41 GMT etag: "2d230-5fc48fd54ff42" server: qq.com x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif	120.78.115.86	200 OK	394 kB
URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif IP 120.78.115.86:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 394 kB (394237 bytes) Hash 03123a07739f511b3306d13415cd72b1 6dbf38767657a15b922e4d153f46fe4829e012cb 72b3fa6461c39eace9c154e56b66b437457ecde50ae7c615cd923e442d058cdd HTTP Headers `GET /js960x80%20.gif HTTP/1.1 Host: sz88.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 394237 Connection: keep-alive x-oss-request-id: 647B117A0CFA3C3338AE60C6 Accept-Ranges: bytes ETag: "03123A07739F511B3306D13415CD72B1" Last-Modified: Tue, 20 Dec 2022 14:44:22 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13376170837400656090 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: AxI6B3OfURszBtE0Fc1ysQ== x-oss-server-time: 1

	uu6873uu.com/20d88f7e916542b9b4c9f4f5910969db.gif	103.189.109.49	200 OK	68 kB
URL GET HTTP/1.1 uu6873uu.com/20d88f7e916542b9b4c9f4f5910969db.gif IP 103.189.109.49:443 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectuu6873uu.com FingerprintE3:AF:46:82:FD:05:8D:B1:FC:8D:9A:D0:7E:29:BC:33:DB:74:42:6E ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 320 x 185\012- data Size 68 kB (67487 bytes) Hash 412efd4c174f40664a459ef6b89219b3 dcca5c856e68b135891edb51477ca37ef34860b1 b2c4bb577ab339920d952b0f29a2ceafc931fd08ab3d61b9513e3dae2b2487e1 HTTP Headers `GET /20d88f7e916542b9b4c9f4f5910969db.gif HTTP/1.1 Host: uu6873uu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "643d17d0-1079f" Date: Tue, 02 May 2023 21:56:53 GMT Content-Type: image/gif Server: nginx Last-Modified: Mon, 17 Apr 2023 09:56:32 GMT Accept-Ranges: bytes X-Cache: HIT from ty8z2-cdnb109-039 Content-Length: 67487`

	sz88.oss-cn-shenzhen.aliyuncs.com/1212/js1991-640x350.gif	120.78.115.86	200 OK	125 kB
URL GET HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/1212/js1991-640x350.gif IP 120.78.115.86:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://rijisp99.top/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 125 kB (125084 bytes) Hash 380d2fde37e41685f17ce0a2246e79ec 168e6edc77ade0271747b0208f16a60b42b26d45 952c8e574f3fbee2cdd1841ca94e35ee96739a6f936b6c7d8ba7992cee8ff5e7 HTTP Headers `GET /1212/js1991-640x350.gif HTTP/1.1 Host: sz88.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 125084 Connection: keep-alive x-oss-request-id: 647B117AE6819C36312DDCF5 Accept-Ranges: bytes ETag: "380D2FDE37E41685F17CE0A2246E79EC" Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 18155944982965718549 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: OA0v3jfkFoXxfOCiJG557A== x-oss-server-time: 1

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g=	103.166.246.24	200 OK	133 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 750 x 150\012- data Size 133 kB (133111 bytes) Hash 32c9324608dfdd5f660114816a434f9f 81f4adf25b288530d9c891d66575c9745f876528 cf75fb79f56d9dcc2fb7f96cffc6c5d423291b1c118e7585c36b21621e46f0ab HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAe/TzwU9gtaH6gKgUqck/eePGdh+5j8DmoZ9MzQIQ3Xw+uJR0yeRmRkGgGcQuHA6g= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 133111 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	uu3192uu.com/8d1696e8a97e40889c60414751e6d552.gif	103.170.15.110	200 OK	41 kB
URL GET HTTP/1.1 uu3192uu.com/8d1696e8a97e40889c60414751e6d552.gif IP 103.170.15.110:443 ASN #7483 Skycloud Computing co., Ltd. Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectuu3192uu.com Fingerprint91:8D:95:7C:E9:CF:60:1C:1D:3A:8A:FB:6F:BB:C1:99:D5:03:97:AD ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 230 x 140\012- data Size 41 kB (41399 bytes) Hash e8e35f37b82543924f5e6abfef6feb5d 5e65ff74495a72c9f04ecf22a2535a1bb13379ef 24576ed9459ac4476d07bc47632319c473a5de6739405e1053310e0559fda46e HTTP Headers `GET /8d1696e8a97e40889c60414751e6d552.gif HTTP/1.1 Host: uu3192uu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "6464d525-a1b7" Date: Wed, 17 May 2023 13:49:26 GMT Content-Type: image/gif Server: nginx Last-Modified: Wed, 17 May 2023 13:22:45 GMT Accept-Ranges: bytes X-Cache: HIT from yd11_13-cdn-g01-la2-40 Content-Length: 41399`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc=	103.166.246.24	200 OK	446 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 446 kB (446035 bytes) Hash 77b0be767751e755a6e98fba543252fe fe42138b223252be210c84353a2c2de8f64b4c30 c8619727e9dedf0181e4f467af3bbfc87e27685d2d98d2cae86ed1912dc24d71 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCqIpI1e2VNDfm2cpqbrvOgHXu8QRjkFNFnAwj9nFKfnMbSVkI2uwKlUdjafc9ssJc= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 446035 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	480image.com:3188/960x120.gif	223.113.143.212	200 OK	273 kB
URL GET HTTP/1.1 480image.com:3188/960x120.gif IP 223.113.143.212:3188 ASN #56046 China Mobile communications corporation Requested by https://rijisp99.top/ Certificate IssuerUnizeto Technologies S.A. Subject225image.com Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 273 kB (273172 bytes) Hash 2fc90155de3a1513c9c11c4505d06f38 67f4b3f125fa219752d4d3e17b20b6604d6e2d66 07cba4260504d122bec8d26416eb6c68c358e00985f9405d115f895302cb1b29 HTTP Headers `GET /960x120.gif HTTP/1.1 Host: 480image.com:3188 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 273172 Connection: keep-alive Last-Modified: Wed, 10 May 2023 09:13:10 GMT ETag: "645b6026-42b14" Expires: Sat, 01 Jul 2023 02:24:13 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U=	103.166.246.24	200 OK	54 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 320 x 185\012- data Size 54 kB (53571 bytes) Hash 3379207755438f33f9c71d205458c925 62be0aea7da26f3dd9af13f74272915f557ed661 f372dc3e7318bdbb617104817ef1bf1c4313ba9ffe43c2d75bae12b539fc9187 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBRGH7aQzZV7bb+CFCNHTspU6w6hH1+18S8VcyErrleAWp36uS8fnboa5EcqN+6j8U= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 53571 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	165image.com:3188/960x120.gif	223.113.143.212	200 OK	320 kB
URL GET HTTP/1.1 165image.com:3188/960x120.gif IP 223.113.143.212:3188 ASN #56046 China Mobile communications corporation Requested by https://rijisp99.top/ Certificate IssuerUnizeto Technologies S.A. Subject225image.com Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 320 kB (320428 bytes) Hash c390e662e4ea0464507113e0dcf86fd7 a9bc1d431a0171255a726768fd8718bdf30db160 da84fe627571bc04b06be062cc2538cbc998859dbd3a7a617a267b6f79abc344 HTTP Headers `GET /960x120.gif HTTP/1.1 Host: 165image.com:3188 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 320428 Connection: keep-alive Last-Modified: Wed, 17 May 2023 09:50:47 GMT ETag: "6464a377-4e3ac" Expires: Sat, 01 Jul 2023 02:24:13 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	qp.ezfxpuo.cn/960X120.gif	218.66.171.122	200 OK	300 kB
URL GET HTTP/2 qp.ezfxpuo.cn/960X120.gif IP 218.66.171.122:443 ASN #133776 Quanzhou Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectqp.ezfxpuo.cn FingerprintF4:1C:25:65:EF:FC:97:9F:38:0D:FD:20:14:82:51:75:F7:3A:DA:49 ValidityFri, 02 Jun 2023 06:58:39 GMT - Thu, 31 Aug 2023 06:58:38 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 300 kB (299855 bytes) Hash 4c64bf295081458ad3700c9cc4c3ee78 09113584eb19d0edb9363b921f894de33589f652 7ef4c78bec68484c1e8201d56c366547e431fa1803058d0ae8665b5f40a1d8aa HTTP Headers `GET /960X120.gif HTTP/1.1 Host: qp.ezfxpuo.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: NgxFence date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 299855 x-oss-request-id: 642E5DC97E084E313641DCAA etag: "4C64BF295081458AD3700C9CC4C3EE78" last-modified: Wed, 05 Apr 2023 20:45:22 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3336747947822169821 x-oss-storage-class: Standard x-oss-server-side-encryption: AES256 content-md5: TGS/KVCBRYrTcAycxMPueA== x-oss-server-time: 1 x-cache: HIT strict-transport-security: max-age=31536000; includeSubdomains; preload accept-ranges: bytes X-Firefox-Spdy: h2

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww=	103.166.246.24	200 OK	343 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 343 kB (343002 bytes) Hash ce862703bd3a6fd9e7acc3c32453fe84 c27754e24547e935314ba986477cd326628af7e4 eb9f779660b2713488854f27a211239724bb29b842e939424ec882b51520350b HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTAn8c/RtolDM2rBgLaiNv//fZqFK+10a4QZA2Q1coA5086I5y8l7KHidsrN4cIOOww= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 343002 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk=	103.166.246.24	200 OK	495 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 750 x 160\012- data Size 495 kB (494617 bytes) Hash d5d5324c12a0ea09c716b02010dd17b0 aefe46da96b36ef3b26c2590031a96060f9671e6 44e18c1116c534659f221ccfe7eff27d46c9f1d67433304430d67948296581ea HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBh6GJ4kyXVZxpr7w2BYVz8eWYLOnGB/LiivfZo0fmVn4t6K5WecMJo9swJjhGfqOk= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:02 GMT content-type: image/gif content-length: 494617 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc=	103.166.246.24	200 OK	396 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 396 kB (395616 bytes) Hash 0ddeeaa6972b4416c73b988ee2861253 96567e31255c3ed006298cd1f9c13f8437483a38 3712339d6ba9dcea67f0b9dc0f5e39a74f9388b4760891a7a02ff6aa45f5bd4d HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDm7JbRT/nawuGvMNobkHEyjPV1/cMWsLOzqJUK7AaWqnmVMuMqA9ev6DTCCPe4xJc= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 395616 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U=	103.166.246.24	200 OK	522 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 750 x 160\012- data Size 522 kB (522273 bytes) Hash c91bf37b8fb1a5c9c75fcaf488fa67a8 f627f58122140a73b3145a0736f34b350cf23e19 f43dd2f3980c4c1a8a8f23b05bbc31090ef8658d63f2060c7895cef36d1a3917 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBg2woj+x+7Sua2Pv7MStbFGCu1aBoSld+0aCVS+Cdpci4ygXb2eKsMIqZ6ygCIQ1U= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 522273 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M=	103.166.246.24	200 OK	533 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 533 kB (532916 bytes) Hash 4d4bd87b6d31fa6d4119c952aab9fd34 d1c0993fd2c1e33d957e651967636f25836c979f af254c9643ecb75dc6cd535b9dbacb2d523635aeab9db178b78e788d27b3ab3f HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTCHDasu2UUItDRybsaJorKMvfaw025fuHQWxc73zbdabGkhplCy/EJ5dmlVVvDVs+M= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 532916 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	uu8281uu.com/6947029e8e464b94aa3abcca342e7fc4.gif	103.189.109.68	200 OK	633 kB
URL GET HTTP/1.1 uu8281uu.com/6947029e8e464b94aa3abcca342e7fc4.gif IP 103.189.109.68:443 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectuu8281uu.com FingerprintF8:28:1D:4A:74:6C:A8:A8:EB:7D:08:F4:44:70:E2:B9:D5:C6:49:91 ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 633 kB (632756 bytes) Hash 2d88b2384764e1e8d03524c56386454c a584aea1fde95d50b124489172ba8e8f911cccfb c2bee53de473b7d22cf187570d803ff240c699bf5a08c67abc7962a44fcf7e57 HTTP Headers `GET /6947029e8e464b94aa3abcca342e7fc4.gif HTTP/1.1 Host: uu8281uu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "646c6ebe-9a7b4" Date: Tue, 23 May 2023 19:56:35 GMT Content-Type: image/gif Server: nginx Last-Modified: Tue, 23 May 2023 07:43:58 GMT Accept-Ranges: bytes X-Cache: HIT from ty8z2-cdnb109-058 Content-Length: 632756`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20=	103.166.246.24	200 OK	537 kB
URL GET HTTP/2 files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20= IP 103.166.246.24:443 ASN #51649 Neko LLC. Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 537 kB (537085 bytes) Hash a985b32d9284523398e828a150d8a8df 65ffa1c33ed93b402580e7b2897a9c44a7c6986f 714ce4dec23b2310cb60e9681ce47f7601c1a38f3bbd952d080a5be6dc1bf306 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTDQqx+bhIyLBMg1/jsGu5zoyeHfyV82qVnNiDbt9htU4Unk6Ve6PCQYqfQXo3upH20= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:10:03 GMT content-type: image/gif content-length: 537085 access-control-allow-origin: * cache-control: max-age=2592000 alt-svc: h3=":443"; ma=86400, h3-27=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.15.101		471 B
URL ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 400ff3bc8080de393e79864b82240f73 844fc4d38bc37093b4ec70396ca6ed24882066f6 3f3f19f2eda778faebedbb2e36a57510093e39f21770cdbc1e9c4e2b9ec9f421 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:04 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 03 Jun 2023 00:11:50 GMT Expires: Sat, 10 Jun 2023 00:11:49 GMT Etag: "844fc4d38bc37093b4ec70396ca6ed24882066f6" Cache-Control: max-age=568376,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d1724e81eceb505-OSL`

	ldbbs.ldmnq.com/bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif	218.12.76.170	200 OK	1.2 MB
URL GET HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif IP 218.12.76.170:443 ASN #4837 CHINA UNICOM China169 Backbone Requested by https://rijisp99.top/ Certificate IssuerBeijing Xinchacha Credit Management Co., Ltd. Subject.ldmnq.com Fingerprint67:C6:22:70:18:8C:8D:1C:18:77:EF:C9:FF:3D:79:77:55:92:98:4A ValidityMon, 10 Oct 2022 06:12:34 GMT - Tue, 10 Oct 2023 06:12:33 GMT File type GIF image data, version 89a, 960 x 80\012- data Size 1.2 MB (1197751 bytes) Hash 6938343bc2a842c4d2c9c96f4dde0298 00e2b1b902b196b3c005facb934c10e2a2ca1961 5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6 HTTP Headers `GET /bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif HTTP/1.1 Host: ldbbs.ldmnq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sat, 03 Jun 2023 10:10:02 GMT Content-Type: image/gif Content-Length: 1197751 Connection: keep-alive Server: openresty x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc CloudServiceDiscount: CDN x-amz-request-id: 00000187EB7CE23794136B91380B9E1B ETag: "6938343bc2a842c4d2c9c96f4dde0298" Last-Modified: Fri, 05 May 2023 10:14:58 GMT Content-Encoding: utf-8 x-amz-storage-class: STANDARD_IA x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSmAfv0AYqNRDfSOQNsAPy33rsnWmMQO via: CHN-HEshijiazhuang-AREACUCC1-CACHE41[7],CHN-HEshijiazhuang-AREACUCC1-CACHE19[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE92[26],CHN-TJ-GLOBAL1-CACHE3[0,TCP_HIT,23] x-hcs-proxy-type: 1 X-CCDN-CacheTTL: 2592000 nginx-hit: 1 Age: 2503838 Accept-Ranges: bytes

	aaaaa663.com/d1f0948f11504a2bb87381310ac056bf.gif	103.189.109.73	200 OK	962 kB
URL GET HTTP/1.1 aaaaa663.com/d1f0948f11504a2bb87381310ac056bf.gif IP 103.189.109.73:443 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectaaaaa663.com Fingerprint2E:76:6A:D5:2A:B4:94:4F:DB:0A:66:D6:87:E8:15:AA:40:35:86:55 ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 962 kB (962058 bytes) Hash e3b41004adb02f54363d484f3bb499cd 9a112c9559839113de0d5e7ffd79b582575af3a1 8a6cbb20ac7ded9c2b63177b1c5b1783f7a0a152108db368d3b3e000c9631d32 HTTP Headers `GET /d1f0948f11504a2bb87381310ac056bf.gif HTTP/1.1 Host: aaaaa663.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "64510e1c-eae0a" Date: Wed, 10 May 2023 16:01:53 GMT Content-Type: image/gif Server: nginx Last-Modified: Tue, 02 May 2023 13:20:28 GMT Accept-Ranges: bytes X-Cache: HIT from ty8z2-cdnb109-063 Content-Length: 962058`

	uu6967uu.com/42a42a8d36c14297bf444b6046914de4.gif	103.170.15.105	200 OK	62 kB
URL GET HTTP/1.1 uu6967uu.com/42a42a8d36c14297bf444b6046914de4.gif IP 103.170.15.105:443 ASN #7483 Skycloud Computing co., Ltd. Requested by https://rijisp99.top/ Certificate IssuerSectigo Limited Subjectuu6967uu.com FingerprintF7:95:45:0E:E3:7C:B1:F9:7B:10:8B:94:82:A9:39:8C:40:B1:02:BA ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 320 x 185\012- data Size 62 kB (61959 bytes) Hash 8cd79160b02a588153da89cfcee21149 019eeb3f5a58c41d1383813166a6fd15346dddf8 51fd95b9321f0aacf1d59bbd952f1e3eb25fb9a3fbc82f3e1bc7a5b312e95379 HTTP Headers `GET /42a42a8d36c14297bf444b6046914de4.gif HTTP/1.1 Host: uu6967uu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=604800 ETag: "646c6ea4-f207" Date: Fri, 26 May 2023 06:37:06 GMT Content-Type: image/gif Server: nginx Last-Modified: Tue, 23 May 2023 07:43:32 GMT Accept-Ranges: bytes X-Cache: HIT from yd11_13-cdn-g01-la2-35 Content-Length: 61959`

	rijisp99.top/static/js/home.js	122.10.49.30	200 OK	38 kB
URL GET HTTP/2 rijisp99.top/static/js/home.js IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type Size 38 kB (38309 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/js/home.js HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: application/javascript last-modified: Tue, 24 Aug 2021 06:28:32 GMT vary: Accept-Encoding etag: W/"61249190-95a5" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	rijisp99.top/	122.10.49.30	200 OK	82 kB
URL GET HTTP/2 rijisp99.top/ IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by http://www.pukedafa.com/dafapoker.exe Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type Size 82 kB (82064 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://www.pukedafa.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:57 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	kki.kdfe8.com/tu-pic/960-100.gif	0.0.0.0		0 B
URL GET kki.kdfe8.com/tu-pic/960-100.gif IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerBuypass AS-983163327 Subjectkki.kdfe8.com Fingerprint76:7E:1A:66:55:B3:96:2A:4E:6A:78:A8:7E:87:9F:67:05:82:87:E1 ValidityWed, 22 Mar 2023 12:19:06 GMT - Sun, 17 Sep 2023 21:59:00 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tu-pic/960-100.gif HTTP/1.1 Host: kki.kdfe8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=2592000 content-encoding: br content-type: image/gif date: Sat, 03 Jun 2023 06:08:01 GMT etag: "1685772500_br" expires: Mon, 03 Jul 2023 06:08:01 GMT last-modified: Sat, 03 Jun 2023 06:08:20 GMT server: nginx vary: Accept-Encoding x-cache: HIT, policy, disk X-Firefox-Spdy: h2`

	pic.picnewsss.com/tu-2022290039/se-2.gif	0.0.0.0		0 B
URL GET pic.picnewsss.com/tu-2022290039/se-2.gif IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerBuypass AS-983163327 Subjectpic.picnewsss.com FingerprintF2:4D:96:5D:C9:D0:18:10:BB:58:F4:9C:BE:C0:89:89:C4:2E:8E:DC ValidityThu, 01 Jun 2023 16:42:33 GMT - Mon, 27 Nov 2023 22:59:00 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tu-2022290039/se-2.gif HTTP/1.1 Host: pic.picnewsss.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=2592000 content-encoding: br content-type: image/gif date: Sat, 03 Jun 2023 08:48:36 GMT etag: "1685782116_br" expires: Mon, 03 Jul 2023 08:48:36 GMT last-modified: Sat, 03 Jun 2023 08:48:36 GMT server: nginx vary: Accept-Encoding x-cache: HIT, policy, disk X-Firefox-Spdy: h2`

	rijisp99.top/template/shafa888/css/hmlcss.css	122.10.49.30	200 OK	83 kB
URL GET HTTP/2 rijisp99.top/template/shafa888/css/hmlcss.css IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type Size 83 kB (82703 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /template/shafa888/css/hmlcss.css HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: text/css last-modified: Sat, 11 Dec 2021 05:47:53 GMT vary: Accept-Encoding etag: W/"61b43b89-1430f" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	kki.kdfe8.com/tu-2022290039/960-120.gif	0.0.0.0		0 B
URL GET kki.kdfe8.com/tu-2022290039/960-120.gif IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerBuypass AS-983163327 Subjectkki.kdfe8.com Fingerprint76:7E:1A:66:55:B3:96:2A:4E:6A:78:A8:7E:87:9F:67:05:82:87:E1 ValidityWed, 22 Mar 2023 12:19:06 GMT - Sun, 17 Sep 2023 21:59:00 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tu-2022290039/960-120.gif HTTP/1.1 Host: kki.kdfe8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=2592000 content-encoding: br content-type: image/gif date: Sat, 03 Jun 2023 08:44:32 GMT etag: "1685781952_br" expires: Mon, 03 Jul 2023 08:44:32 GMT last-modified: Sat, 03 Jun 2023 08:45:52 GMT server: nginx vary: Accept-Encoding x-cache: HIT, policy, disk X-Firefox-Spdy: h2`

	rijisp99.top/template/shafa888/js/jquery.lazyload.min.js	122.10.49.30	200 OK	3.4 kB
URL GET HTTP/2 rijisp99.top/template/shafa888/js/jquery.lazyload.min.js IP 122.10.49.30:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectwww.rijisp99.top FingerprintEB:15:0E:49:A1:19:9F:3B:0B:F6:F9:A3:87:97:F8:59:1B:0A:EC:5D ValidityMon, 22 May 2023 04:31:57 GMT - Sun, 20 Aug 2023 04:31:56 GMT File type ASCII text, with very long lines (3454), with no line terminators Size 3.4 kB (3381 bytes) Hash 26b7389c8c27d44000babf0a0f4ee8ea f6b1f41c8fd2d8d047497f7d749ae24c4a20a43a 9904dce059236d447e88fd9602fe4072ebefbc0f56dc3cbd3fb2eaf520b55e4b HTTP Headers `GET /template/shafa888/js/jquery.lazyload.min.js HTTP/1.1 Host: rijisp99.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sat, 03 Jun 2023 10:09:58 GMT content-type: application/javascript last-modified: Fri, 10 Dec 2021 11:25:33 GMT vary: Accept-Encoding etag: W/"61b3392d-d35" expires: Sat, 03 Jun 2023 22:09:58 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif	0.0.0.0		0 B
URL GET kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1 Host: kvkaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM=	0.0.0.0		0 B
URL GET files.backmoestream.xyz/proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM= IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerLet's Encrypt Subjectbackmoestream.xyz Fingerprint48:00:12:EB:61:AD:C7:13:2A:6A:97:BA:BF:64:C2:BE:F2:EA:18:6D ValidityTue, 28 Mar 2023 10:46:52 GMT - Mon, 26 Jun 2023 10:46:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /proxy/2mQVehu5ANUUJxzhqYso067NPqPYEBGvcwwMS36yrTBXQhqWfFcyjc4SFKZ8f/o0lFvLheZ+qKnW6cpsc+7ALGSDTXdm1hXR+QCgfVA6QlM= HTTP/1.1 Host: files.backmoestream.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif	0.0.0.0		0 B
URL GET kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1 Host: kvkaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	kki.kdfe8.com/wg-2023440066/960-100-1.gif	0.0.0.0		0 B
URL GET kki.kdfe8.com/wg-2023440066/960-100-1.gif IP 0.0.0.0:0 ASN #0 Requested by https://rijisp99.top/ Certificate IssuerBuypass AS-983163327 Subjectkki.kdfe8.com Fingerprint76:7E:1A:66:55:B3:96:2A:4E:6A:78:A8:7E:87:9F:67:05:82:87:E1 ValidityWed, 22 Mar 2023 12:19:06 GMT - Sun, 17 Sep 2023 21:59:00 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /wg-2023440066/960-100-1.gif HTTP/1.1 Host: kki.kdfe8.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rijisp99.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=2592000 content-encoding: br content-type: image/gif date: Sat, 03 Jun 2023 05:55:33 GMT etag: "1685784270_br" expires: Mon, 03 Jul 2023 05:55:33 GMT last-modified: Sat, 03 Jun 2023 09:24:30 GMT server: nginx vary: Accept-Encoding x-cache: HIT, policy, memory X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML