r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9441
Expires: Wed, 14 Sep 2022 03:48:01 GMT
Date: Wed, 14 Sep 2022 01:10:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 01:09:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VvtteG3kb5D5kKUBxkWzTZhNOKF61Hs-Bd5Hr1DZ0jyiEldD5bSeBQ==
Age: 82
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D1eczsVjPav-qd1PM4gN-grZp7lfW3Mw4IcKsF-vsrxLDcCasCHeMw==
age: 74126
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 01:10:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.hdlxw.com/350/viewspace-138.html
200 OK 801 B URL HTTP/1.1 www.hdlxw.com/350/viewspace-138.html
IP
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f88b0cd118e949e8e81986213b1f8920
0282b55fdb2714ca073d6e717b72d288c8047e24
175569f379f9f56f7957544be3978319033c0c6e004246bf7c742a802e6b0c3b
GET /350/viewspace-138.html HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 01:10:37 GMT
Content-Type: text/html
Content-Length: 801
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 01:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 01:55:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YtbscdKvjNZ5mC_nt5M8cGxj-qI7HExsqFd5pUZH4zFfvShf89JB2g==
Age: 438
www.hdlxw.com/common.js
200 OK 628 B IP
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash f428f09f3f061423368a367ef9364309
658cd0bde399b05750a13355c3a05a6b219fe496
a7746b3a373b1e7f1656828ad16a5673fcb4c1c0fd7c3943b29c69ce9a3ab63f
GET /common.js HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/350/viewspace-138.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 01:10:37 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.hdlxw.com/tj.js
200 OK 536 B IP
ASN #398823 PEGTECHINC-AP-02
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 0af9d7412b5a3786ee8d6c7490176f3d
62a2fb7a049d18b1272af6c9fbc9a65af1a493c6
c9fcbffa26011916fd02694087b2af97ad42e0574fae1928a3057dd5a0b03a62
GET /tj.js HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/350/viewspace-138.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 01:10:37 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5590
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 01:10:41 GMT
Last-Modified: Tue, 13 Sep 2022 23:37:31 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 14 Sep 2022 01:10:41 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R6K8qokE6wIJ0zPdyuiFgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: On6w9FAVEz6vwCaTiPIsLx4Av9Y=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5383315cb0ec5e562bf207674197808c
45c4c468033c6c3cae86fe2bdec5b4d69b27f7f4
832498e79fecf942b9010d69b9360a53a2c2036edf0761f41625886340c87666
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "832498E79FECF942B9010D69B9360A53A2C2036EDF0761F41625886340C87666"
Last-Modified: Tue, 13 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16769
Expires: Wed, 14 Sep 2022 05:50:10 GMT
Date: Wed, 14 Sep 2022 01:10:41 GMT
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 14 Sep 2022 01:10:41 GMT
Etag: "4078521116"
Expires: Thu, 14 Sep 2023 01:10:41 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=81550625C917FCD09485FCE111D54C4F:FG=1; max-age=31536000; expires=Thu, 14-Sep-23 01:10:41 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
collect-v6.51.la/v6/collect?dt=4
200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 306
Origin: http://www.hdlxw.com
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 14 Sep 2022 01:10:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=f5feb92200eb48285d5; path=/
HWWAFSESTIME=1663117838269; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.hdlxw.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 306
Origin: http://www.hdlxw.com
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 14 Sep 2022 01:10:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=7c268151dceca28c11a; path=/
HWWAFSESTIME=1663117841382; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.hdlxw.com
Access-Control-Allow-Credentials: true
www.hdlxw.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.hdlxw.com/favicon.ico
IP
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/350/viewspace-138.html
Cookie: __vtins__JcEwiF8NfRqfr97S=%7B%22sid%22%3A%20%2255b2ee2f-4b26-5975-a0ac-a1506ffe28c2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663119627681%2C%20%22ct%22%3A%201663117827681%7D; __51uvsct__JcEwiF8NfRqfr97S=1; __51vcke__JcEwiF8NfRqfr97S=f5aa02ae-dc93-5e25-aa2c-bb3cf36db244; __51vuft__JcEwiF8NfRqfr97S=1663117827689; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%2235ce4759-8c71-5e20-939e-d7f29f97a167%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663119627699%2C%20%22ct%22%3A%201663117827699%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=43bf14cb-9e97-5f5e-968c-58c185831786; __51vuft__JdQpk0p36jq0lsZj=1663117827701
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 01:10:38 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 19 Sep 2022 01:10:38 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56a5766ea5ec8962e2cc6c80b87a28ff
70d716fc15a2cccf3804eab3428d597cf4da4832
ff556c3cd0ac93f0e6d8d148e39afe6fe6a5fb2aea9961cd23a861d95101d0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF556C3CD0AC93F0E6D8D148E39AFE6FE6A5FB2AEA9961CD23A861D95101D0F0"
Last-Modified: Tue, 13 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 14 Sep 2022 07:10:42 GMT
Date: Wed, 14 Sep 2022 01:10:42 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 278e46c7c6e77a81774f1add7d977acc
ee29a2975da5b76b0a11350baa36a3b7d0191ccd
07013dcb8f25dc2256c7f6ea2322a24179dbebd4dddd36658bf45621b63303cc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 17 Sep 2022 21:31:08 GMT
ETag: "ee29a2975da5b76b0a11350baa36a3b7d0191ccd"
Last-Modified: Tue, 13 Sep 2022 21:31:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 250
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e938ed90afa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 278e46c7c6e77a81774f1add7d977acc
ee29a2975da5b76b0a11350baa36a3b7d0191ccd
07013dcb8f25dc2256c7f6ea2322a24179dbebd4dddd36658bf45621b63303cc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 17 Sep 2022 21:31:08 GMT
ETag: "ee29a2975da5b76b0a11350baa36a3b7d0191ccd"
Last-Modified: Tue, 13 Sep 2022 21:31:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 250
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e938ccb0b59-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5697
Expires: Wed, 14 Sep 2022 02:45:39 GMT
Date: Wed, 14 Sep 2022 01:10:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5697
Expires: Wed, 14 Sep 2022 02:45:39 GMT
Date: Wed, 14 Sep 2022 01:10:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5697
Expires: Wed, 14 Sep 2022 02:45:39 GMT
Date: Wed, 14 Sep 2022 01:10:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 11135
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 12268
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de3f5f47acb69d9c4fa6721b5283404a
895f8e58be471d713557a1318b3d050429cfe419
396f97609adc2f1cdf7e241f8b164ae89e0d353cc26e48184977a1c684c544cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6154
x-amzn-requestid: 3341eb6d-9787-470e-aceb-dd722af36716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GVwIAMFSzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4e79b8594d68a9c504e33a25;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0ig7ITAeZj5ypLK25XtmhEQIR_pz-P96ZUgOA0Q4OgwVtAF5pmo4sA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:23:12 GMT
etag: "895f8e58be471d713557a1318b3d050429cfe419"
content-type: image/jpeg
age: 10050
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7be52d818b206e064541ef4f4b0786b
7674123112859fd79ee9214c5308ad6a5e4ed015
bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16980
x-amzn-requestid: 7c555cd5-4a33-452e-82d4-cac3282c0b0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYZfRHYOoAMFtIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320092e-0bbd43cc499db9ed24226439;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 04:38:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m4lRTnfzeQluGV3fqyeSS6yLeU8tcfijOqcqyVdZ2L2pENHfWdrUHg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 09:39:44 GMT
age: 55858
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34b74681f6d64ca1c010044535056275
ef6cd4bdd5ddbdb92b25816dc82796f857d29cce
d3ffb558a261fd982989931ed8bd8e8f132735bb99fa5a42a032efdbdfbf6ce5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4482
x-amzn-requestid: e9a99ad0-f093-4c9b-87b4-13ebac164413
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5FIUoAMFcUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4438ced526ebec8e7819b700;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _et90o-4_I8qkmQuwvLolMCtcidFgElQfg9KcHeCgMiaDvxndleAgg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:46 GMT
age: 12536
etag: "ef6cd4bdd5ddbdb92b25816dc82796f857d29cce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95cae812-e46e-458f-8f56-665dd54dc9cb.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95cae812-e46e-458f-8f56-665dd54dc9cb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10e3ccb7e0c8fb76c5b1619ca818821a
d15ba6932d3e896730dafac9c65877c9471895a5
c2a0f51f71ef5e836d0aa96b453aaeefe96f48699be598f65bedc701096baaad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95cae812-e46e-458f-8f56-665dd54dc9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8934
x-amzn-requestid: b943ea93-26b0-4757-bf65-9ac16d020309
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GscoAMFzlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-562ec43d48042f9b3fca0425;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CAPKkRx5_S60HEp4XyYQO5IbrVanbrDVbVzD6By33n-Qeah-YeInFg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:46 GMT
age: 12536
etag: "d15ba6932d3e896730dafac9c65877c9471895a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.hdlxw.com/350/viewspace-138.html
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.hdlxw.com/350/viewspace-138.html
IP
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.hdlxw.com/350/viewspace-138.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 14 Sep 2022 01:10:42 GMT
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 05fb523e11cd90a31a2e624bd2f1b813
19ec7735e1aafa50ac0a4746afd59208c5dc13ca
e4d0e3c81b0475ce660b38bd4d5e877dca151a1f8743c29d5f46aa95f1f53404
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Wed, 14 Sep 2022 01:10:43 GMT
Etag: 6269333266f106e2cd9021ffc23792b9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A262088BF6844398; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.niumo233.xyz/static/images/hot.gif
200 OK 254 B URL HTTP/2 www.niumo233.xyz/static/images/hot.gif
IP
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b7993e032c6c569c11d4a7c766d373b
14c9d0bfca23a05ddaa1799193914a0858365386
e30f309ae49faaa446e60ee84d1d4c066fdd8903b2746c491aa992d2b1181417
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E30F309AE49FAAA446E60EE84D1D4C066FDD8903B2746C491AA992D2B1181417"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13938
Expires: Wed, 14 Sep 2022 05:03:01 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c7a5fbc417fc7ee295e13c88e449137
2f2e19525b90838941637cf04be44065d10766e2
eb67dfa52170d8333b3ae3b8e27b993ad535f2492d1059c2480121034bea9156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB67DFA52170D8333B3AE3B8E27B993AD535F2492D1059C2480121034BEA9156"
Last-Modified: Tue, 13 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15541
Expires: Wed, 14 Sep 2022 05:29:44 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c7a5fbc417fc7ee295e13c88e449137
2f2e19525b90838941637cf04be44065d10766e2
eb67dfa52170d8333b3ae3b8e27b993ad535f2492d1059c2480121034bea9156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB67DFA52170D8333B3AE3B8E27B993AD535F2492D1059C2480121034BEA9156"
Last-Modified: Tue, 13 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15508
Expires: Wed, 14 Sep 2022 05:29:11 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c7a5fbc417fc7ee295e13c88e449137
2f2e19525b90838941637cf04be44065d10766e2
eb67dfa52170d8333b3ae3b8e27b993ad535f2492d1059c2480121034bea9156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB67DFA52170D8333B3AE3B8E27B993AD535F2492D1059C2480121034BEA9156"
Last-Modified: Tue, 13 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16725
Expires: Wed, 14 Sep 2022 05:49:28 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c032799e57b8b4e4591bd39df0a4cd7a
6e3a67604175e19b3fde9d38d40e7a4349a33674
5fd4e8b15c5ca4a986c1de145895a6cb76d145f8ec244a47d2028efcf1ac7e96
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5FD4E8B15C5CA4A986C1DE145895A6CB76D145F8EC244A47D2028EFCF1AC7E96"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5960
Expires: Wed, 14 Sep 2022 02:50:03 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 30 Sep 2022 16:25:41 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 1154702
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdiKwqGoiu7o4W4uZOTzApHZrTrSdhBAP9zWU%2F5IzKJf11%2FWZqcRCkWyBrQ1I%2BcH42oCgP1g%2FOKhTgVnC3cLTApxm85d6uZOalBd4BPwcpCXXKB%2BZ69b2g5iQUcm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bdf7c0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/dingbu.html
200 OK 184 B URL HTTP/2 www.niumo233.xyz/dingbu.html
IP
File type HTML document, ASCII text, with no line terminators
Hash 9b085adba713cedda1a4d7a0dc8cfc66
561f762351b59db88b827e6d49761fb232cc56c5
652b35a7d15c305e8a1d7c54c487cc93e1a22c6caa967244ff74705ea4d1f43f
GET /dingbu.html HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: text/html
content-length: 184
last-modified: Tue, 06 Sep 2022 22:24:27 GMT
etag: "6317c89b-b8"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kbjklttxeog.jpg
200 OK 7.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kbjklttxeog.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9f2f6e1a0c9820e4f64be0a703a908a5
1da4cf98fe8d0831b6dea0594c86764079ce836c
c266a8b3975d004695f4d78f85a80fea9e5ea9a4795073e5010eab9533a595ac
GET /upload/vod/2022/09/kbjklttxeog.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 7294
cf-bgj: h2pri
etag: "6320167b-1c7e"
last-modified: Tue, 13 Sep 2022 05:34:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1939
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2x170p26jJ4ij8lhIbeTt%2BxilQtu5uqOENoxu7HpXYAmsZbGQKVkBjUMmSXy55LsarK4OMIkH4i2s5g1PRy5RYsz%2Fo8NQuQDQ5GGxJi0NgKm%2BtJfgRry5iCE5RrLLpUYtgdc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bfefc067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/smbaidu/tj.js
200 OK 2.2 kB URL HTTP/2 www.niumo233.xyz/smbaidu/tj.js
IP
Hash 81c2c51219c37faeb5b3f58499cfcc3a
02bed14c5f886030b6d88b4ede6aa35e630b353a
c36b5940da7ca28b821ef5a100e2bd6559d1d3b499bd8e8195267d42188390f4
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 20:17:27 GMT
vary: Accept-Encoding
etag: W/"63092a57-bc8"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/fb1sxrbo0ek.jpg
200 OK 9.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/fb1sxrbo0ek.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 24181a4922d55ac38097feea53ad8ced
7449a7114ca7411b374d7860c7307fc384892b49
eb33a88e7c4fc63e4ec10c1b8ace2be0b5adb459b7b8c36689889fbda03d07aa
GET /upload/vod/2022/09/fb1sxrbo0ek.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9564
cf-bgj: h2pri
etag: "632016aa-255c"
last-modified: Tue, 13 Sep 2022 05:35:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BxPDYj7ceT2ZeGjY7x5UmVUuO1liVR3J0Nwz%2FthwnhzbmSgPLqqHTLYXQZUR4AIygEe8VDPpUw1YJ9zDmV4lcmqi8ZR9kWt%2Fcw31mgdH9SZr2Fpz6LVutAuy8LjEBinlpHR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bff01067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/fjoeifqae0s.jpg
200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/fjoeifqae0s.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b1fba902026e5fd64dbe8ee49e376142
3012f37bf1be6d358e860fc324c6d143e51658fc
cf5580cefa48cc6b52fc79b0041fdccb17220e5de4d9a3de57d9cdb22b475737
GET /upload/vod/2022/09/fjoeifqae0s.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 10218
cf-bgj: h2pri
etag: "632016ab-27ea"
last-modified: Tue, 13 Sep 2022 05:35:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXlxZIud9zHByP55h%2FbAF8EAAinTc412%2Fj7baDcMUnQB9P4zTIwYcuZ9uMiXrH6tyWbw6sHiRwUyTOyPWIcb3mcOKmCbKimM7DUa8fKxDvdB27yJiJgEC45ThH2Sfvud36pc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bff02067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/mo3i2hcmfqg.jpg
200 OK 5.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/mo3i2hcmfqg.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7241b20810c8c3c332179f5172de2f4e
b098e879dfb183ea692db2f27f0039da7e900293
187745eb16e55ebe905523c4c068fc724af7aa897dd795d1da2325aa559bfdcc
GET /upload/vod/2022/09/mo3i2hcmfqg.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 5507
cf-bgj: h2pri
etag: "6320167c-1583"
last-modified: Tue, 13 Sep 2022 05:34:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gJ6vL9socj0kFTK299z%2BVDRXPsm46SMUJpodyK9fKv%2BaFYea49Ygm3%2FoHQZPieVB%2BTXqhj0y5ZxsBScNZ544i14Zs7qWdbDVKZ4nm5GbPbpqRG9Ukdt%2BCz9NzjJKbXTTX2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bfefd067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/innco0xxx50.jpg
200 OK 7.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/innco0xxx50.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b12b9e9fc17964eb52ccd4397beca17f
a5df2a42aa31654f509c0b1b87b2f054ebabf59f
8638c0cf0faab8b3bcd558d37e9a255403d2ba2ef81f90f8cb6fe30f4b615bc5
GET /upload/vod/2022/09/innco0xxx50.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 7197
cf-bgj: h2pri
etag: "63201678-1c1d"
last-modified: Tue, 13 Sep 2022 05:34:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D9xJT49fF61hBfs%2Fc%2FEzC%2BOm%2Fqy6ssxcDp1eq2onGtREV9skp%2FjiYBXytPLJExUdAbeO9%2FZnzuczFl24iNic6%2Fo0jkc7uTwWE2RhEqTYh7b8rD69k5drT%2FOfkKqFjfSj8ZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bfefb067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ffxpcq3b54k.jpg
200 OK 5.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ffxpcq3b54k.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 123889fad931d9a52a66947acc1dede5
a3cfb12a48ce3eb4481a4e7f6cc86670a636bdb1
31aa08fa78c630e243e097b9b685c300631cd353c31649206d74e8eba4ef7b23
GET /upload/vod/2022/09/ffxpcq3b54k.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 5398
cf-bgj: h2pri
etag: "632016ac-1516"
last-modified: Tue, 13 Sep 2022 05:35:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6oDpDSYrgrZhhCyGN4W6oXmTZj1BcA%2FJarxDEDZ8tLOS8IsjdWEp6P21USORfIYi%2F8TuTwv1MbvtTcIdDBvf9I%2BiHangQxiW37stfy8KKk%2F89Ob3XBmVDr8d9sMFqDBRDSA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bff03067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/pthaeihgppv.jpg
200 OK 9.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/pthaeihgppv.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash d7809a99d2e9617ba583122ad0a2d810
10b975c2b79416863ff1ff07b2ebfa1ff1e0e2d8
68734f2230363d0679846769b20fa499027280501eee000c3e45bea71129d377
GET /upload/vod/2022/09/pthaeihgppv.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9750
cf-bgj: h2pri
etag: "63201692-2616"
last-modified: Tue, 13 Sep 2022 05:35:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s860bmwVXMfK23RHUXkdF5KTeF%2FapSKtBxHwJOe3n4djSZ4Oo4vjcnrpZSOXhA20To0UCwL%2B54QWUv0F489b8o76BdDCKUw5PE1nzR%2BOKnADo2lXyj1PysGcRvaBjhFRjfdk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bfefe067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e524a7b7baae21196ef14a84d2a90a5d
4205e42ec48c17b10d61f36815e43fa3d773f201
56cd65836ee0af0d79342170eaaebc077d797bf309c9036f13bcaefe167188a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56CD65836EE0AF0D79342170EAAEBC077D797BF309C9036F13BCAEFE167188A1"
Last-Modified: Mon, 12 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9387
Expires: Wed, 14 Sep 2022 03:47:10 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/nrn31ofxdw3.jpg
200 OK 7.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/nrn31ofxdw3.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7cd5a725b76125f4893ae1bf777edf82
0750260febcab0f95ea5e34e9550b9c2859aa978
cbc8e5a90d19bec49ef3caad165d06ab9d901eafe91414e2be0e48c2e28c5d9e
GET /upload/vod/2022/09/nrn31ofxdw3.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 7836
cf-bgj: h2pri
etag: "632016ac-1e9c"
last-modified: Tue, 13 Sep 2022 05:35:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwzdUxZ2b92piG3G78L%2B12NkoeXdwOUUmEHE02EJRpaTNz3e4314Lwr%2FXaOuZEycUZwLC7Yk0nLNuZCU%2BAiXNCHK1YhWToxCDLMpJFiErjNZCjruMVkCVrT2Tfbz8w0OuLQc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f15067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c0a1ab7ec131856a686e2ee62ea1d1d1
5e57ae2745e2abdf93a76f0863e909213eeca7c8
5113d35791434f8fabee3fd9a120aa45498a5a187232faa01943c8b05b6a1d6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5113D35791434F8FABEE3FD9A120AA45498A5A187232FAA01943C8B05B6A1D6C"
Last-Modified: Mon, 12 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12697
Expires: Wed, 14 Sep 2022 04:42:20 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 7b2a7d3c84f01324742f8d623c2ac978
ec0be3deb9199c688ebaa109b9e2a77376ba3571
058b8ff10320040cf1b27bdaa622e247866fe2d540b024eeb121de6a5a8c2ebf
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Wed, 14 Sep 2022 01:10:43 GMT
Etag: 42ffa5f238b6e13bfd7a26653c34b4a8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4D65844FFF2DB4B8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmtu.netfhtu.com/upload/vod/2022/09/tipgtmxkw4u.jpg
200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tipgtmxkw4u.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash aa29c9c2158def9c28684ccce1d9f082
90b754f26f75d0b032728aef110f51a342bd4d85
786d28a70f193118e1eab36e79ae6f64e39c767b7cf99198efcba144551db8be
GET /upload/vod/2022/09/tipgtmxkw4u.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 11417
cf-bgj: h2pri
etag: "63201363-2c99"
last-modified: Tue, 13 Sep 2022 05:21:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaKOmimlLKUV9FAY0BNgVz8XaXGI9H%2BgLtWsjDO7T2Qcl3qiclSEsvncErtpHPiUe8r1WibYvr27GeI%2FKwlE5dU1U26nzr1sp0OsLy8bj%2FnsdPxg8N0hko%2FE6loDUkgzRsef"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f1c067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/0lcelhys3zo.jpg
200 OK 9.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/0lcelhys3zo.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ccfc278da9f134e7f6a112afbfa06a2b
1175410bd6a67ed2924b7780931e33d52b6f102d
0ffc12b1a95998579dfae45504d680882e99e472c815c32a39c6d548e4596006
GET /upload/vod/2022/09/0lcelhys3zo.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9096
cf-bgj: h2pri
etag: "632016b1-2388"
last-modified: Tue, 13 Sep 2022 05:35:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1941
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zW%2BjvFQBPmcJN5G42vQmIQddz3wtFyiQC5CxDC6uolJBAJ7H61Lofu3X5r3yXkv8NogfUOMR5ndLMLJaDpaeceM%2FcbO1K6pyV7pNiYWnbOTB%2Fon84k498WCfd7%2B%2Faeboy%2B4f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f1b067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/es2h3xgqs5k.jpg
200 OK 7.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/es2h3xgqs5k.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash eeff1423f1dc27d57e4a22f73c93c921
186fab67d991d7ad5f81cb0afb1240e58b939e76
7b53b7583eb69c07f454a369d7187949ceeff4fc9e3c528ec031b28f1028679e
GET /upload/vod/2022/09/es2h3xgqs5k.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 7931
cf-bgj: h2pri
etag: "63201692-1efb"
last-modified: Tue, 13 Sep 2022 05:35:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow2z4yQvHJzE6f07Paiq%2FVjux9PzJIsZicc6sM69uEPxL6qT1E90fgnawJKUWDQnBrQm39YaogNF1%2BKjll2Opz953IcBA5xTGR9nUWPhUU6sQIBiKGPhrnDY3OrI%2FigAlCge"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9bff00067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/q4ronly0xju.jpg
200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/q4ronly0xju.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ec1d54bed47e5e29245c29e4c9a0ac2a
d08a0e1e84eba41097a7ee44386e998612f30fea
f4058f41bfc58e0b3b4a072b4663c37654d5c672340b710e515a41e786465f18
GET /upload/vod/2022/09/q4ronly0xju.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 8150
cf-bgj: h2pri
etag: "632016ad-1fd6"
last-modified: Tue, 13 Sep 2022 05:35:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1941
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzxEftsOBw%2BI9a4uhclroWBSGUJpGc1XZEWjszZ7Qb2TZw36i5Fs8vJRvcO7pAl6NdQ56dPK3mAoqwOCQ16z7jIhWXBOggW2sHLUZnCtmEunNEWgfFDlW%2Fd8L2l8T9DOjC9a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f16067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/un0y5aldgbv.jpg
200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/un0y5aldgbv.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 80ed4d68e72fa0474a8a84b6fc42e539
063cc428cacfcfa0f47f2a99405e6968d6dcf109
35d5bb71d85963d07c8390351675d091d84610332151ceb63f974d96a1e82c22
GET /upload/vod/2022/09/un0y5aldgbv.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 11220
cf-bgj: h2pri
etag: "632016ae-2bd4"
last-modified: Tue, 13 Sep 2022 05:35:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1941
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHndoys74gIbG3BW%2BMq2OSDfVWntdYqqRNczclhfpAI9HKEplEODqNyAMDvg7E6Zm8GCjaWOiPFM4Y7aGgbpFK3eztoj%2FWwwUhvibAy6AgYtBefoGgbj8cMcThu0HRLiZQMC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f17067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/t5lqpo11rcc.jpg
200 OK 9.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/t5lqpo11rcc.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash db2dd109285df1dd9ee68bae66faa677
d9ac52b4fc96081ade5fdd98c8d5e84aab4028e6
605a513e41666bc5d377c7cbb8a4a9b6a9c06fb2ea35ae2b6a47087267458afb
GET /upload/vod/2022/09/t5lqpo11rcc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9481
cf-bgj: h2pri
etag: "632016af-2509"
last-modified: Tue, 13 Sep 2022 05:35:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZd8txJD8J%2FLCULz0ekd6Q%2BeH34ATT0ABch1hywsD4rELWBkT2X3nlvrAeDsqtrhCKmdlM48JBmPwYEDYpaMCxLzN1NNz6tROY6Mn0YcS%2FlhpqJcuEWjSxSKD1fXNs7GP4qF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f18067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ypyiz0l4whs.jpg
200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ypyiz0l4whs.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9d7af4993f210c930fe50d13fbc4b709
0d1617a22adee5d930b56aa6ed693e96dfa91087
a011aca2dfc427d919c6387f52b1de743809b2f552ad6e80f0b747215828575f
GET /upload/vod/2022/09/ypyiz0l4whs.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9725
cf-bgj: h2pri
etag: "632016b0-25fd"
last-modified: Tue, 13 Sep 2022 05:35:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oix9N87pt3MT0g9GzhQD8MVu1Kxld2YaTJ%2B9uFjvJTPMAxVCU2fSwA3tyJn6%2Fl%2B2HPV1X5iKOkTgMOarrs4Cw6KllPgwAeN%2BW4o7YRE3DAmIhR%2BuaZHCMiB8SLaT0mjI0u06"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c0f19067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tg511cdiojt.jpg
200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tg511cdiojt.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c52e30832eec9d950bc1412c5fe17460
6fcdd78d2a3d2b9b1de474aa0933b7ecef13f249
840cef5df6d069f3964fe06d3aa095c360631f9965ae1ce32bbfdf7980f49fcc
GET /upload/vod/2022/09/tg511cdiojt.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 12132
cf-bgj: h2pri
etag: "63201366-2f64"
last-modified: Tue, 13 Sep 2022 05:21:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2579
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c39rqajdqixs99l0%2F%2BKhaigELiKOHV8o1GoYltAuwH%2FHe8wnfNsVIzvU5WdvJhyCmlyUVnu3FC1b%2FWZkgss5hvxBHqqu5ZCsO0DSicqbTjQ1dKmC7jcr4ZlNDfw%2FuTFhNCBb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c5f51067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/0452pof1awi.jpg
200 OK 6.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/0452pof1awi.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e828fbec19455ddabb1df6d513e269a9
bb60e40b03ac62a28f1266e4471cae5e9f29f3a2
97d0c1e28a8155f6b7dfa864b9d512120c78e9cedd433cc14946addbc45b0b81
GET /upload/vod/2022/09/0452pof1awi.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 6700
cf-bgj: h2pri
etag: "63201367-1a2c"
last-modified: Tue, 13 Sep 2022 05:21:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2579
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isf71cARzRbdKewiXe3ocY187sut4vba%2BqfMPH5IZYEOWmDq%2BuDimOqPI3beYJxzouIspadChaPIrwNZ48LgNdewGyc%2BgAD5Ocg9FfuThyhlsWxVNpcDIyi3l6kJvrKzsrtK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c6f55067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 82ee20d28da5152710de3d1a8cdff5d6
2176e4b72fafb1a04770d2b3e741b7a3af074e6f
a5ec14b351558994342c62cba922cbf028bf0e0ecdacba08547105fec37b755c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 17 Sep 2022 23:09:50 GMT
ETag: "2176e4b72fafb1a04770d2b3e741b7a3af074e6f"
Last-Modified: Tue, 13 Sep 2022 23:09:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 833
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9cba640afa-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9aefa679f3df9ba8f963a74058ccd44c
3d4605f5d1bf8a55e70c9482892f8068a3a27304
3a1b686c74bf4eea3796af8f0b33ee2d8797f0d93a2ec20c9bc884d381625e5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A1B686C74BF4EEA3796AF8F0B33EE2D8797F0D93A2EC20C9BC884D381625E5E"
Last-Modified: Tue, 13 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9996
Expires: Wed, 14 Sep 2022 03:57:19 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b1f2430ab5adce0b37837e984df8e09
de2c00dd09dbdda83b5e997fe5c1639173c1075b
51432fe1aa4388b4965799319b83f1a9f7fe41ef24d6f81d149c02d68eaadd29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51432FE1AA4388B4965799319B83F1A9F7FE41EF24D6F81D149C02D68EAADD29"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17080
Expires: Wed, 14 Sep 2022 05:55:23 GMT
Date: Wed, 14 Sep 2022 01:10:43 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/deurlxltmwm.jpg
200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/deurlxltmwm.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b985e6b13aca13380d7443ebdaa5544c
72d9953c639b004eff352a76734cc817ec678487
5fe3056688cbd0a724f479b518403c63a28cdb69d26408c4aa44c0082f3f14b1
GET /upload/vod/2022/09/deurlxltmwm.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9721
cf-bgj: h2pri
etag: "63201368-25f9"
last-modified: Tue, 13 Sep 2022 05:21:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X30Nb5APZ7vNqWetKQ6erGxuPXh1X8p%2Bl8K9XBs8M%2BBzU6D5AOSn7M7l6Ise%2FPAgNq%2B0V8b5z9V6c2UyVVz7mLiPf%2B3lGXirJj2LjMXsXAmPdwqMJFd59dK7ezAW8hgG59ES"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c6f60067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/mj0veb4difk.jpg
200 OK 9.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/mj0veb4difk.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 14ca4f1a059076edcb11bd1af34f1515
f09a51f61ffddb38c0c83fb29a60ea6842542ea4
1608a48491df8ad12e18a12cba642c094398fcf60fe02387366eb4809d242fa8
GET /upload/vod/2022/09/mj0veb4difk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9081
cf-bgj: h2pri
etag: "63201369-2379"
last-modified: Tue, 13 Sep 2022 05:21:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4104
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJNDcITEBXIaW%2BR8f2xue%2Fi6QGr71o2Jq4YFtPQSJD5utTSdgBa3jdYrKkd9dl9RbS6TzyGJZQtlZ2B%2FOSdtxfQjw%2BtDttQsJC170fLfuMgf1RmUtHM0QUv7sHlzzIDFG59R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c7f70067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/i0vtbnhzmxw.jpg
200 OK 7.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/i0vtbnhzmxw.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a401adcd136bdec3650404fe7f0b0216
e3cce32be220ecd0d6e457fa5851c148272f698e
c68e39127ee0fc5f386471cfc9e0d83129c5d0ab54cf88926c54d59233e4f08d
GET /upload/vod/2022/09/i0vtbnhzmxw.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 7671
cf-bgj: h2pri
etag: "63201369-1df7"
last-modified: Tue, 13 Sep 2022 05:21:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1474
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZTn3cHM5zgU1632uP1oCuBKJYwhYdZ7tiUUnPEpmLmm1M0B%2FhUgqBEAmRV4k7ykpVvZ%2FfPiQuUaU5yQ3rbT1koVxppXE19HxBLiKu6cYk6SPFTEZfpxmyFds5jBVKU0B6gY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c7f71067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/zvp2isleskt1320zvp2isleskt274223.jpg
200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/zvp2isleskt1320zvp2isleskt274223.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1ada55afd728c048264b4fcdde5bd43b
2f68090897cf5d0babd83470f2bd3ccec5671723
f9990257745d4c618e26aeff7360555eb0e3c7cf8454f9c142b6b407930764a7
GET /upload/vod/2022/09-13/13/zvp2isleskt1320zvp2isleskt274223.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 8806
cf-bgj: h2pri
etag: "d3dfd88830c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=altT%2F8ig0nApk1giqZY4zg0y0B6Ebc0dAiundJtKWZWgGz%2B9bpkcwelMdfm%2F20BIPzZ3VFaBdB1Wyvu7GGR9j3ESxp4Qz3llb25lx%2BZ0KoIRazX9K%2FWCtE7Gp73KnO00MOCt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced3f773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
200 OK 43 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/rdyznafeed5.jpg
200 OK 9.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/rdyznafeed5.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c28ecc8271a71e13e01e9cab1e73f581
b7cf6fbaae2645a81ead5bc47d0a69ff0f06beca
06869d2b801cce6c9782c6583ffc5863ca7bc4732d2b978bc2c0af65469435f5
GET /upload/vod/2022/09/rdyznafeed5.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9166
cf-bgj: h2pri
etag: "6320136a-23ce"
last-modified: Tue, 13 Sep 2022 05:21:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECMVoRNSBoQRNf%2BJAhw1fVbPiV9sC62sSmi%2BdqQmSLt0I0KnuodYFQPT0kG5QBcR1YtRC%2FCi%2B%2FNVVoHa%2Fb4zj9THPwUfVtBWLq3XrwodqH8ntY1bOtsobx2aPn57xs5nKlGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c9f81067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/hk43kavn1tk1320hk43kavn1tk294227.jpg
200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/hk43kavn1tk1320hk43kavn1tk294227.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 71a76db4e8071eb2fbc69015af72dbb8
8d2ec6c8b3b1d077b0ba927d7831faf4722ca98c
034c17c6b5afd413a8fd76b1303d2822833e872883e670e738742e20a9e5b7f6
GET /upload/vod/2022/09-13/13/hk43kavn1tk1320hk43kavn1tk294227.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 10256
cf-bgj: h2pri
etag: "2eb5268a30c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajw1w6Zk1DZocqTOzfhY4Xp1dJIkmtuWU%2BEwmyNrauj3k26MRysFT%2BW%2B0H03UYde5Z1wwSv8U%2BfaSVmKb%2FoMBxjQWPU9tasXMKHsSWrW%2FSJcUiqBNPDGBFj2t4n3IK6%2F5TGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced3d773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/b4hathdsg041320b4hathdsg04304229.jpg
200 OK 8.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/b4hathdsg041320b4hathdsg04304229.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0c078c23fba318bd689673f77e4d1051
636bb505cfb5329f05f7fd6a969e0dd98ba72bd3
cb0fafd6660a4df87c9e15d4fc08992c6707d9621423cbac7b99c0f093c9226c
GET /upload/vod/2022/09-13/13/b4hathdsg041320b4hathdsg04304229.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 8038
cf-bgj: h2pri
etag: "179cae8a30c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73KNqxEA9wMO7XaaAox%2F6xt1L3iUmpJ48wsBS7LOsPed8sfkyxRP0vtzDU%2FiCeGWfbsqn4NVms1ncpf4nJrii0XtHtyBYoneJEBPweBOhlgAsgHHlAA%2BxQ3fKu936X6IAmFw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced3b773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/v4sw4z0alnx1320v4sw4z0alnx264221.jpg
200 OK 7.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/v4sw4z0alnx1320v4sw4z0alnx264221.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 108be7719e1d12cca5f87fc9112a6750
376fce9fe8f240d0a41df05abe29cb5218c3b9d3
9c7464de295d3ad0001e1a2b08a778c86170559001658da526908e9daf448eb8
GET /upload/vod/2022/09-13/13/v4sw4z0alnx1320v4sw4z0alnx264221.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 7568
cf-bgj: h2pri
etag: "e2f8508830c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPnMGrVB1PKabKP835I1On37YtXt8urHKT99ZwlsLf5w%2BS7GuYJnV1ncol0LFO4b0%2FYiNMEe7Fjr%2FUKbcekEb6BsXflA0v9QfEGvQCd7unbfPZG6SI7xosMqN4OzdjZLH4CB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced40773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c032799e57b8b4e4591bd39df0a4cd7a
6e3a67604175e19b3fde9d38d40e7a4349a33674
5fd4e8b15c5ca4a986c1de145895a6cb76d145f8ec244a47d2028efcf1ac7e96
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5FD4E8B15C5CA4A986C1DE145895A6CB76D145F8EC244A47D2028EFCF1AC7E96"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5959
Expires: Wed, 14 Sep 2022 02:50:03 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 8560076
expires: Sun, 19 Mar 2023 01:10:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9d3a1d0b61-OSL
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/dvv23jw2iu51320dvv23jw2iu5284225.jpg
200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/dvv23jw2iu51320dvv23jw2iu5284225.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e5492ad60b43dfef8dacfef7ee551a58
9f509118c7b72d6a2c6f8f6658123e5a58761c69
8b413bf398c45611120ff51019adcdc9146e1b8a18f07700d647582d73c04cc9
GET /upload/vod/2022/09-13/13/dvv23jw2iu51320dvv23jw2iu5284225.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9255
cf-bgj: h2pri
etag: "6fd8928930c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dy8nqmVGWmTLYKc2nIq212yrBEiShikxD8qA5O9Sd4%2Bv2GDgKRVIQqkm%2FnCMLhBF9IStfR%2B%2FZPFDDcYUIjdkMjIy6ad20sebK2skIQ636SNJMrZID2NlnFC5t4IbvE3%2FIS2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced3e773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/5n4oi3l2rb013205n4oi3l2rb0324233.jpg
200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/5n4oi3l2rb013205n4oi3l2rb0324233.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 208830f7f70c7f765be2c27502fce0bd
a65bfaf166dc2fc3b648484473f38ca6929e0656
4856ee929600c57bbe3e0a1958d5a198034a463dc9bb83d140920e5cf2a3c56b
GET /upload/vod/2022/09-13/13/5n4oi3l2rb013205n4oi3l2rb0324233.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 8920
cf-bgj: h2pri
etag: "d2bbc8b30c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2411
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHCNHr0M6DEhimw%2Fwx5bwiyic93pmWIieLiCu16GTX6GD8zMkLWlMMJP8pMGXfyAhdIw%2BAdv9kGRC1Del5f8C3zQ6a4vJ88OiTyVTgAU8tw1aL4C49tfcIz6y4jzW%2Bt0P5cN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced38773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7dceecfc9f22f3306af936e9767528a1
d27cc5221daf3bb2917af4180ba6e0b46327c831
ea6488b8a762d6fca84862b7baf15e2d357c5c62f162f17065b6267ea8d38d3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA6488B8A762D6FCA84862B7BAF15E2D357C5C62F162F17065B6267EA8D38D3D"
Last-Modified: Sun, 11 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6487
Expires: Wed, 14 Sep 2022 02:58:51 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/3buhb03s3th.jpg
200 OK 5.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/3buhb03s3th.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 375790bd792a7eb77ce05bea62f0634c
bb65b899967d28379d34485861e570019b598f9a
b35f85891729b2ef14e50b474659a5523d4f787108ca7d13efc4f180b0b01c85
GET /upload/vod/2022/09/3buhb03s3th.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 5524
cf-bgj: h2pri
etag: "63201679-1594"
last-modified: Tue, 13 Sep 2022 05:34:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyCFoMmQp2c8Ezb%2F%2B8tWRuA5Ecs5mUHddigUKPn%2BeWhLtaIocMxzbkY8A7ODDSHxNyDtlPgA9wbxP47thhPxhad7pv%2FZwpNF5fLmvIz%2FGINe0lg68IzH3IXYD5bAG3W%2Bcslm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9d4fdb067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/buequzbfi5q1320buequzbfi5q334235.jpg
200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/buequzbfi5q1320buequzbfi5q334235.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 90f701b56e5a2a605cae1793f6db7332
8df1474d005f82dfabeb68172b37289dc0795cd5
acfb2122cc5bf5179fe5de11dd72559b84e02d1df4a71b5a1085cebaa5968c21
GET /upload/vod/2022/09-13/13/buequzbfi5q1320buequzbfi5q334235.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 8802
cf-bgj: h2pri
etag: "4c703f8c30c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2411
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpT%2Frjwl9kYypTqoopvX6RreJ%2BdR1BrxViLcpfGn4WugzRtZfIkJPn3sRmLFh2E6VuCMF%2FLjRYB5aK68N8BFxMDqvOwZU3OlR4wJoA5OJ%2BN21qEiyTQLQtExR%2F6TlMAtbOP%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced39773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7dceecfc9f22f3306af936e9767528a1
d27cc5221daf3bb2917af4180ba6e0b46327c831
ea6488b8a762d6fca84862b7baf15e2d357c5c62f162f17065b6267ea8d38d3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA6488B8A762D6FCA84862B7BAF15E2D357C5C62F162F17065B6267EA8D38D3D"
Last-Modified: Sun, 11 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Wed, 14 Sep 2022 02:58:05 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/jofbazafinl.jpg
200 OK 7.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/jofbazafinl.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 98d8531adec588bbc9e959a23138fdb7
3fe6ce6be5d8b24ffc6a7c6ffcdf2fa6d0f949aa
38fb2bef8a8b2f5f597f579ae610a07fa2a6b367f235ff6841f1b814c132aeec
GET /upload/vod/2022/09/jofbazafinl.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 7838
cf-bgj: h2pri
etag: "63201676-1e9e"
last-modified: Tue, 13 Sep 2022 05:34:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyEdumiZmvSB%2BkWQt%2BfGl4UBgePA5yP%2FQ%2F4OepYTTRuLxPuE8TxOeSTj%2F%2BkhbeKxL2c967vygR8rVybVb3Vteaf9%2B5mqhP2BQ1nsJAdp98dW4qhXo2anHyDDEA93F9c37Bq1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9d4fda067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/i3xzwuaooci1320i3xzwuaooci344237.jpg
200 OK 9.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/i3xzwuaooci1320i3xzwuaooci344237.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5b62e001866c7cf4d8599c15c064a709
d3edb25c81adcd305bd2583834acebd54c630d2a
60f23d2f7e1b441df5a5f1e2d9589526529c58bc733471e7746c0c3e54bb34e2
GET /upload/vod/2022/09-13/13/i3xzwuaooci1320i3xzwuaooci344237.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9630
cf-bgj: h2pri
etag: "ff92c28c30c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvrE9SsvG4Jye%2FyhMmDs17JPsuNAYxbV%2FjRKND8%2F2zSpDDq4Bg%2B7SoJWMKTdIs4a02i0bcbSHPdKLeFnHMpaqWQz3QmnoCwF4rvGemjOfR7FP5vQ%2Fcy81kgVJGCgQz62L7%2FF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced3a773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/uibxczvmktv.jpg
200 OK 9.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/uibxczvmktv.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 458ec4e61a26b70e6dae277dd79f46da
97cdb80e51c0b5c25624c0607047c7008d9d04b1
3a40e2b4be7ff6c8b9e78bd6b65026fe2e893dd87890db9146e8d8ee305eb851
GET /upload/vod/2022/09/uibxczvmktv.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 9512
cf-bgj: h2pri
etag: "63201677-2528"
last-modified: Tue, 13 Sep 2022 05:34:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJNVpgF8G0wlcFx9R1Adh%2BM9N7cyDpXEoV3cdFedF54%2Bfhk%2F%2F9s9ZQVm6umDrE5xcf2OA70hFmcUfPj9jWST8JtCtDpJxX5ZCmsOxQB%2F%2Bl%2BA4XaUztPlrD7eOYfEEnwdS5LN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9d4fd7067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-13/13/l5dn2tsmzzq1320l5dn2tsmzzq314231.jpg
200 OK 9.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-13/13/l5dn2tsmzzq1320l5dn2tsmzzq314231.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ece271dd3bce0fadb5c01e2175576677
d5e64e142665fa381d94092f7fb70f6a2634cdc0
e50c6bdbc0673a57ede7ad1d2f9791754152da5e7c3ae4586c2ad312cb844223
GET /upload/vod/2022/09-13/13/l5dn2tsmzzq1320l5dn2tsmzzq314231.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:43 GMT
content-type: image/jpeg
content-length: 9101
cf-bgj: h2pri
etag: "7df5388b30c7d81:0"
last-modified: Tue, 13 Sep 2022 05:20:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FTsdqc1UzyFsiKYbdYugcUWCCEZZXDwsiLlPHaeF1u0C88p7U%2FviYA5O8qw%2FooHR9gNnZBgZ3EtThqW4E%2B%2BZXjTHv9vEnH2FYazH4dvQuavMZFbhZ0K8K7jrIPlR2fMhtkb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ced37773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/asj4y5zfx5e.jpg
200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/asj4y5zfx5e.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash dd8c1e7fdae0e98334bb598abea1b396
0d20313706896dfbb02e7e6033e3be0d396e69ee
04a1b62ad39961f089ccab0b2d17a9c3b04ac1bb835beb200a85a9a6b62b3c8b
GET /upload/vod/2022/09/asj4y5zfx5e.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 10545
cf-bgj: h2pri
etag: "63201676-2931"
last-modified: Tue, 13 Sep 2022 05:34:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YT%2FCoHzt%2FqY2GVua5iMDKNKcnPGscKXQeSHouAIWhaBLdsuyeFOe80wip%2Byzcw%2BpmSDwF8OqIph2aUjPL69AW0L6JOZIWI%2BRFCymxbEtkZDobsK2gu8Z0DQoraDgQmdIDH%2Bh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9d4fd8067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 76c785cf84c8d64b336b0f4e5bf05553
2167532b42ed7c4bcd4dc69a10483d97abe8ba12
031777f28126e6ea6cd11e7a3ccb407944e4ed518b290845b761e2b0ecee8530
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 18 Sep 2022 00:27:46 GMT
ETag: "2167532b42ed7c4bcd4dc69a10483d97abe8ba12"
Last-Modified: Wed, 14 Sep 2022 00:27:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1490
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9d8ecafac0-OSL
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
fmtu.netfhtu.com/upload/vod/2022/09/3me3dc1b52s.jpg
200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/3me3dc1b52s.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b165e7409e3d5ab80a9f13d7cd610fba
1e6d12410e721a3819d4a153b81668246855e3f8
5a316d15d4cee8dc6af09555532ffe1849811f8127899df11b79e1aead602593
GET /upload/vod/2022/09/3me3dc1b52s.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 8688
cf-bgj: h2pri
etag: "6320167a-21f0"
last-modified: Tue, 13 Sep 2022 05:34:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnPqbNsEz%2Bn3Aj8VIjUMTol2wwgyeDXGBqCH7IGMHcXnRMJZdbRdnch2cX0%2FlP56NP2bPJ1bGq%2BfDkiyPb1n0LF88KKWXRoWFJEqJrDHOLk%2FML3SsZMgUP1%2BQ53pVfNsqy7X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9d4fdd067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 75788d3648d7c92c70cb142fbf2a5f48
7926822cbfbe4517d79a84d58c42edaaba98c54c
839b51eaa6199e89da9f7c36255d69accdc357cfb1b5e6c4a6982b5298a0147d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 17 Sep 2022 23:53:47 GMT
ETag: "7926822cbfbe4517d79a84d58c42edaaba98c54c"
Last-Modified: Tue, 13 Sep 2022 23:53:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2788
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9daecffac0-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 77c0054f8eec84570ddddca5e8ddd302
05bfa832b394139d8dcb91a37281c764827fc776
bcc83b7e85d1147e16c73dc5308fadf56a8c9994fc136c7e6ddcd74bb4db5230
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 17 Sep 2022 22:58:22 GMT
ETag: "05bfa832b394139d8dcb91a37281c764827fc776"
Last-Modified: Tue, 13 Sep 2022 22:58:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2035
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9db9b1b505-OSL
www.niumo233.xyz/
200 OK 9.1 kB IP
Hash 710653aa604622be45fd5de0dd701b3e
f75013b13bde42d04224680aa8ff6860cee90456
961d76264d51783454eb691457240f1c67470c7687fa43c5dd1457671795efac
GET / HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=7bmn7499952rkde2vv5sb7s9mp; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
200 OK 196 kB URL HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
Analyzer Verdict Alert quad9 Sinkholed
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 14:11:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1162777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3xlXXX8UYzG5%2B%2FRYVGckm4lck4G%2FyoPPiDiZCno4eGcSjGazBXVPxFkk2w7JsloRi3324Mo2onqBl3gMqXUkPBuYJfk3p6mGecrw3IRLM3L45luC1zQUNGxqtDX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9dea9d0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
200 OK 49 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a831075878d3d5d8da4391763b674de0
bf77f53d4aa46573a84664b98fac48eabb26c91a
70ae7b2fabb7e4966128c58ede304a7498df69218227b8740a4f61624d83a429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70AE7B2FABB7E4966128C58EDE304A7498DF69218227B8740A4F61624D83A429"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6922
Expires: Wed, 14 Sep 2022 03:06:06 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: text/html
content-length: 162
location: https://acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
200 OK 186 kB URL HTTP/2 kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
Analyzer Verdict Alert quad9 Sinkholed
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Wed, 12 Oct 2022 15:04:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 122754
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Llmk7BxHmjcNlY%2Bb82QKcr2bT1%2Fnj%2F7IWq6QgW61ouNlrYm3opFOp89YnJJPp0wT%2FN90RzgX31v65BwEZUOq6mLGjTuXkBj1UEc19WILp%2BsjASFm3jJf6q1z5EgL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9dda990af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
200 OK 25 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/vrmeaxxqoqb.jpg
200 OK 8.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/vrmeaxxqoqb.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash edb478367dfddb8e5e55e4f0c9759537
97557182e9c1a83fc2469c07e86d417c5f372bd8
96eaebfa169c24d6359b5929ea10d6ff599ae0971452154dbe57f9894dd9e1cf
GET /upload/vod/2022/09/vrmeaxxqoqb.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 8624
cf-bgj: h2pri
etag: "63201364-21b0"
last-modified: Tue, 13 Sep 2022 05:21:40 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CglpJIUe4kvB60NF0eGU98IRlpAXEGlaIYw10ammuyJ0RKyZOXhnuuyERYghpzF9%2FUfgu%2BcmCOFdDCdYT7aU7eRVosRWEKT410qpewtok1BXCIADD1%2FD1YGc092%2BAtCeUHHV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c4f47067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=853583570&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=36135&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F350%2Fviewspace-138.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=853583570&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=36135&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F350%2Fviewspace-138.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=853583570&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=36135&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F350%2Fviewspace-138.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 14 Sep 2022 01:10:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2927C968F850FCA5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fmtu.netfhtu.com/upload/vod/2022/09/wuhd1xwtz22.jpg
200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/wuhd1xwtz22.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 72caaf0bad7f22876f810f987a14daba
50f9cf2b7c3bcd67523f60a81f399f3aefa4c7b1
aa41b32d75148de39e521bd2acf7d5ba37153f26d0100f99d27a1a7c6107dae7
GET /upload/vod/2022/09/wuhd1xwtz22.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 8235
cf-bgj: h2pri
etag: "63201365-202b"
last-modified: Tue, 13 Sep 2022 05:21:41 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noi%2Fce3UIRjnA3b2rJY%2B8aqysAO3sOVVlJK%2BNK%2BPuWKq5rnl%2F8dp8S%2F6zi1%2FkDl7cI5c9zWkYr%2BFfxNFJ9J5j%2BOx3jzOOGwiMaPXCel%2BvTGI7DmzW4vNtTMhkVgxsWR56c8u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9c4f48067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 63edfbe5a6aef8090e949f98a5074df2
d04ce62b5ca8df240a62f9bf19b686372207d2d8
f0ab1c19daacced887be814c203c0716140269506dbfc0a7cce278e231aace5b
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=244
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
X-N: S
fmtu.netfhtu.com/upload/vod/2022/09/e34ql5n0vid.jpg
200 OK 8.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/e34ql5n0vid.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 06be6149338914c3ed795af8e713aec5
2a69c684659e286dd5f0f49485ac73367cca7e4d
0afe39dd9915848fb20c80c3b0772b7fad16ecee3205b49a6e20b002fd74fef4
GET /upload/vod/2022/09/e34ql5n0vid.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/jpeg
content-length: 8333
cf-bgj: h2pri
etag: "6320136b-208d"
last-modified: Tue, 13 Sep 2022 05:21:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIxiHAcyBhzPPRTWsthBzTwy8rLx%2Byx7ML5SIDdbnMS56vG0fJJ6mrR7pdlWi%2B%2FuIcThdK7oH41yWSF6fcRRzR0O79zZaia7CTdRfnphrX7rvJEGxb7jMgYkijIIoQQPQgAf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9caf89067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Thu, 13 Oct 2022 13:07:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 43396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raVjQ1zUHs15x01kPRp2HhZULUYmogkx%2F23R7htkMN%2B5Lqi7L48tE6kfyz6SVPjDbjTprdVeBX3z9QvBX%2FCguF6H9YrdFIIi2TaNuoFaeAa%2BFR6Y63pGNL5x0H8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9dce2973df-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/style.css
200 OK 18 kB URL HTTP/2 www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP
File type ASCII text, with very long lines (2150), with CRLF, LF line terminators
Hash a056b07cc29f2295ed52fabfd4fefa3a
e01d1f4260a42080472e3e2973c423b1968fb355
ffcbb6a2adeaecee7b71e5f8818467a0210eedafed9df728f514c9d99ce2c489
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 18:30:54 GMT
vary: Accept-Encoding
etag: W/"6211375e-5602"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
200 OK 211 kB URL HTTP/2 kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Wed, 05 Oct 2022 00:35:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 779698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3DaBkhQR0kjWs8d8e0JXJRcl1en5Tu9jBXWzOhRJ9YH8e9Z0SonVkwlvGnigzoEur6gUeHSamul5CiuuGVaqeshZzhPBeRj7qQ%2Fc158Joo%2F4PhSa2D4Y9ishGk3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9eda8db4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
200 OK 400 kB URL HTTP/2 acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Tue, 04 Oct 2022 23:47:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 782601
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVarvyttVXW5fb5BogBwR8AA2i5PoSkqbKTlrgyfi8e0anRXzTgperlvI4eWph0q54upM55OzAaCueyGGYt1H%2FrIOSMJUDV5OPQLr6t7tIB%2FO83eKv6YBjs38vBSfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9ec8b20b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
200 OK 1.1 MB URL HTTP/2 nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP
File type GIF image data, version 89a, 1070 x 80\012- data
Size 1.1 MB (1058705 bytes)
Hash 1c8ef0df174c2b2bc21b99e5833a86f5
be5a4efc232a53d5a3a7a49d9e8be6c318801a90
8ef47b086718806f2632e8dd77ea1727a5159627e7dcd318d104b41b887f7795
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 1058705
last-modified: Tue, 12 Apr 2022 07:23:53 GMT
etag: "62552909-102791"
expires: Thu, 13 Oct 2022 18:24:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 24381
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkN2O6IosOq6kvYQPfF%2BXK%2F4pLljjAXZrMj2j7SgZ3I%2FEg0GCANoKQGVfojiVcZ3mtds%2BWUVb7YQ3mDjV3RI5D5RRCOG5PYogQSIuy6MW4AVw%2BGDV1wsB9yr0vAV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9dbe2273df-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 3a4ce1b449f5120505f7a6fbfdacaac7
cc6bdea94059ce61d254a06498e963d95e078d33
bfe343572459edb6665736942c8b56f389a5aa4e28034b301b5a6df927c1ee64
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 13:00:36 GMT
Expires: Mon, 19 Sep 2022 13:00:35 GMT
Etag: "cc6bdea94059ce61d254a06498e963d95e078d33"
Cache-Control: max-age=473990,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a53e9f1d740b4d-OSL
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=725698967&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=36135&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F350%2Fviewspace-138.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=725698967&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=36135&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F350%2Fviewspace-138.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=725698967&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=36135&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F350%2Fviewspace-138.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 14 Sep 2022 01:10:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=180F36F882B2EF09; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Thu, 13 Oct 2022 22:18:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 10309
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aao%2BIvrkalZ%2FVagv5NGH2odJWsvQxBUoT9jn15IM03wanWgyM8Dfc7uV5K6KE1wTf2WTlPI14k96hsLfgy9U5%2Bup1mvJqHqhXIW7Xyv%2FRSx00kgNzUUbXiO8HV%2FN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53e9dde3273df-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 3a4ce1b449f5120505f7a6fbfdacaac7
cc6bdea94059ce61d254a06498e963d95e078d33
bfe343572459edb6665736942c8b56f389a5aa4e28034b301b5a6df927c1ee64
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 13:00:36 GMT
Expires: Mon, 19 Sep 2022 13:00:35 GMT
Etag: "cc6bdea94059ce61d254a06498e963d95e078d33"
Cache-Control: max-age=473990,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a53e9f3884b50c-OSL
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 3f106c9fba7565dd2d7a0c75711c26fd
e4a44bb17ed815f997e220a7618405ae66892719
d92eb6529746f92fb22e26661e2d93db3e85ea65814e1b04ad33ed2b0c633f0e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D92EB6529746F92FB22E26661E2D93DB3E85EA65814E1B04AD33ED2B0C633F0E"
Last-Modified: Sun, 11 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Wed, 14 Sep 2022 02:24:42 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 4e5b4aee4037456f1dc585af5f35bb94
c844d319c1660d24cdd3067374a0744e888ed086
5b501ff7812356025ea8cd65c2d2e2cc0bbf6501b300f06d3b9c46a28196d41f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 17 Sep 2022 22:04:49 GMT
ETag: "c844d319c1660d24cdd3067374a0744e888ed086"
Last-Modified: Tue, 13 Sep 2022 22:04:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3381
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9f9f47fac0-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 4e5b4aee4037456f1dc585af5f35bb94
c844d319c1660d24cdd3067374a0744e888ed086
5b501ff7812356025ea8cd65c2d2e2cc0bbf6501b300f06d3b9c46a28196d41f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 17 Sep 2022 22:04:49 GMT
ETag: "c844d319c1660d24cdd3067374a0744e888ed086"
Last-Modified: Tue, 13 Sep 2022 22:04:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3381
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9fec34b505-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 4e5b4aee4037456f1dc585af5f35bb94
c844d319c1660d24cdd3067374a0744e888ed086
5b501ff7812356025ea8cd65c2d2e2cc0bbf6501b300f06d3b9c46a28196d41f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 17 Sep 2022 22:04:49 GMT
ETag: "c844d319c1660d24cdd3067374a0744e888ed086"
Last-Modified: Tue, 13 Sep 2022 22:04:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3381
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a53e9fef62fac0-OSL
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Fri, 30 Sep 2022 15:19:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1158655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pilu2VPOINK9dVhqxD88Cv4lPkXqs%2F2YZBDluVFzRiBky7wv1BzRfE%2FwMY3ldhaaO34PHQjeIrzlh16%2B8XU6LDzGz0ql9DEbJ2kMZx74U2A2n10umo15%2FWewKwZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53ea01f56b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash f68cff55f89454a547b093d444380720
3856b9aac6ae6b25ff62aeae5deef6fb8f963fda
610c3570c6d1b3955e4156b1d47a3adb4bbcbed99be1b21149dc513209b64a83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 01:10:44 GMT
Last-Modified: Tue, 13 Sep 2022 23:35:27 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 727
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 3f106c9fba7565dd2d7a0c75711c26fd
e4a44bb17ed815f997e220a7618405ae66892719
d92eb6529746f92fb22e26661e2d93db3e85ea65814e1b04ad33ed2b0c633f0e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D92EB6529746F92FB22E26661E2D93DB3E85EA65814E1B04AD33ED2B0C633F0E"
Last-Modified: Sun, 11 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Wed, 14 Sep 2022 02:24:42 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 727 B IP
Hash f68cff55f89454a547b093d444380720
3856b9aac6ae6b25ff62aeae5deef6fb8f963fda
610c3570c6d1b3955e4156b1d47a3adb4bbcbed99be1b21149dc513209b64a83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2410
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 01:10:44 GMT
Last-Modified: Wed, 14 Sep 2022 00:30:34 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 09 Sep 2022 12:52:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 12:36:51 GMT
nw-session-id: 202209092036500102120750882371BE55ws9ph03dy
nw-session-trace: 2022-09-09T20:36:51.042624887+08:00 134
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 20:36:51 GMT
x-tt-logid: 202209092036500102120750882371BE55
via: n150-050-027, cache2.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017e264c470a200c75817d19215f4f0c4d0c8fe4cd833078a3f0c923d0a53a9f07ec897dc1eeece2414131fc93f86377bc0ecb7a9a69ed94bc789d2202a9035b0ca00f56ecb22ede539d03b4ac81b2968e5922b058dc71ca04727c531b7e170b9e
x-response-lb: image
ali-swift-global-savetime: 1662727978
age: 389866
x-cache: HIT TCP_MEM_HIT dirn:11:454016384
x-swift-savetime: Fri, 09 Sep 2022 13:44:21 GMT
x-swift-cachetime: 31532917
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16631178445327406e
X-Firefox-Spdy: h2
acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
200 OK 1.0 MB URL HTTP/2 acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: acoossz.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Thu, 13 Oct 2022 21:42:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 12508
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLIy%2BwylWg1J746wFnKPb3PEk4N8gl0%2FM1p0D%2FeU91kIOBu0qLeD8glUqkJOrVLrN4TlEc2v91WuO18kHPda4r1k7snvO7ufDT7Et7SUc5%2FLiNQfdGBK%2BVQvtzKPag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53ea03ddf06dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ac70fd4242a68289978155f39d55756a
9fdbd03449de2c2d7948dc052212df87d6f5b7e6
a90c4913e06a0746cd8aa050c5aaf149645ab8c4780300d889f8e266615f2f7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A90C4913E06A0746CD8AA050C5AAF149645AB8C4780300D889F8E266615F2F7D"
Last-Modified: Sun, 11 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10243
Expires: Wed, 14 Sep 2022 04:01:27 GMT
Date: Wed, 14 Sep 2022 01:10:44 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 369053
x-cache: HIT TCP_MEM_HIT dirn:11:47123798
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16631178446347431e
X-Firefox-Spdy: h2
3p8801.co/hg960x60.gif
200 OK 139 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 01:12:44 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Fri, 14 Oct 2022 01:12:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash f68cff55f89454a547b093d444380720
3856b9aac6ae6b25ff62aeae5deef6fb8f963fda
610c3570c6d1b3955e4156b1d47a3adb4bbcbed99be1b21149dc513209b64a83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 01:10:44 GMT
Server: ECS (amb/6B9B)
Content-Length: 727
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1326877730&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=36136&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo233.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1326877730&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=36136&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo233.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1326877730&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=36136&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo233.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 14 Sep 2022 01:10:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2ED1BCF062F23863; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
200 OK 472 B IP
Hash 142d1f06e84749adf92795f612c56701
ae89be389ae49e36b783ac1b77651624467a23e8
b923fc520f0f466717d7ebb25110b14dcec035761221a8de97a29b6793ff04bd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 12:39:09 GMT
Expires: Mon, 19 Sep 2022 12:39:08 GMT
Etag: "ae89be389ae49e36b783ac1b77651624467a23e8"
Cache-Control: max-age=472703,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a53ea08df70b4d-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
200 OK 716 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 716 kB (716414 bytes)
Hash ba75613bba3b42a68c22abef0e8befee
4e6565415bc8cf1c377c152e75af5095c0ad50b3
9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
GET /obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 716414
date: Sun, 11 Sep 2022 22:03:53 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 11 Sep 2022 09:59:19 GMT
nw-session-id: 2022091117591901015802909726CBE7E96w5x902dy
nw-session-trace: 2022-09-11T17:59:19.981531716+08:00 179
x-bdcdn-cache-status: TCP_HIT
x-length: 716414
x-powered-by: ImageX
x-response-date: Sun, 11 Sep 2022 17:59:19 GMT
x-tt-logid: 2022091117591901015802909726CBE7E9
via: n204-098-236, cache12.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[3,0], cache7.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 012eb277ad85307c1451140c48c8451413cd4e1011b4c0d2ed7e7c662e3a84378ac9e81f423ee1b77cd23f59aefb0240ed5dcaf13b41ffeb73514e47759e6a30e9575e07f18680e89a9ec749ba3bc2cc0473d16ec32ecce324b0bbde29676722c3
x-response-lb: image
ali-swift-global-savetime: 1662933833
age: 184011
x-cache: HIT TCP_MEM_HIT dirn:3:94947361 mlen:0
x-swift-savetime: Mon, 12 Sep 2022 18:43:41 GMT
x-swift-cachetime: 31461612
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16631178447207464e
X-Firefox-Spdy: h2
www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
200 OK 90 kB URL HTTP/2 www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP
Hash f40cd20a1036a81142f07c2d676dc72a
6c9b2a85aa025aa6e05074b7b217783b49710ae1
3c779ead35e432ccd8c2547ba7568eaaeea81432342374516b14fae1715a4563
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
i.imgtg.com/2022/05/19/hTEgx.gif
503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash 390d6f875e8f91db707eab06c937edaf
2489b92205413cf8e4749cf054ca7ac7db9c49de
ec73e785c1bfee818e6e591d1ab3000bad0fab2675d46510474f36708734cc2d
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 01:10:44 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_afe4c7ede2a6cce9ab28a790374b1b2a1663117844821; expires=Fri, 13-Sep-24 01:10:44 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: baa1fdd061563780-142
content-length: 596
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
200 OK 35 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 370
Origin: https://www.niumo233.xyz
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=e8df3affa20ae244259; path=/
HWWAFSESTIME=1663117841031; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.niumo233.xyz
Access-Control-Allow-Credentials: true
3p8801.co/3p960x60.gif
200 OK 310 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 01:12:44 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Fri, 14 Oct 2022 01:12:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
66377311795.com/99083bf2ded945728bbad730efc12df9.gif
200 OK 150 kB URL HTTP/1.1 66377311795.com/99083bf2ded945728bbad730efc12df9.gif
IP
File type GIF image data, version 89a, 120 x 120\012- data
Size 150 kB (149727 bytes)
Hash 0e9bfaa21ee2581b532cdd480cae8d21
c6d6ac847d1a4c884ac68d0b0a1a558e204b89c0
871c4f67357d0f68b8bbcbb50e15be64f3378be9ab0c9aa60775906c22ff8053
GET /99083bf2ded945728bbad730efc12df9.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fa27da-248df"
Date: Sun, 04 Sep 2022 00:17:01 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 15 Aug 2022 11:02:50 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-30
Content-Length: 149727
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
200 OK 60 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 8b37b4e8515cdaca4c8cd73d01727cbf
0b2c16567e9536a1f7e178f1cb7be5841e994cca
c836b295cab3fcfe199610aaab1e047b7ac6bdcb75a2061150b5ef952c4bec22
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C836B295CAB3FCFE199610AAAB1E047B7AC6BDCB75A2061150B5EF952C4BEC22"
Last-Modified: Mon, 12 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 14 Sep 2022 07:10:45 GMT
Date: Wed, 14 Sep 2022 01:10:45 GMT
Connection: keep-alive
www.niumo233.xyz/static/images/empty.jpg
200 OK 13 kB URL HTTP/2 www.niumo233.xyz/static/images/empty.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo233.xyz/smbaidu/dibu.js
200 OK 20 kB URL HTTP/2 www.niumo233.xyz/smbaidu/dibu.js
IP
Hash 840b4ffcf5aebaeb1ceb51be34d13498
3b1a430736a8ed9e37b1536659c1c042f2c69e94
6afa29bbc657e6b33258972ef5d8918663fc3d6eed78c0723f0edc169d66f1eb
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 8b37b4e8515cdaca4c8cd73d01727cbf
0b2c16567e9536a1f7e178f1cb7be5841e994cca
c836b295cab3fcfe199610aaab1e047b7ac6bdcb75a2061150b5ef952c4bec22
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C836B295CAB3FCFE199610AAAB1E047B7AC6BDCB75A2061150B5EF952C4BEC22"
Last-Modified: Mon, 12 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 14 Sep 2022 07:10:45 GMT
Date: Wed, 14 Sep 2022 01:10:45 GMT
Connection: keep-alive
66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
200 OK 1.0 MB URL HTTP/1.1 66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
GET /e0b4ad53309b4c0980b2ceb461415106.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2749-f90bb"
Date: Thu, 08 Sep 2022 02:14:22 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:33:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-30
Content-Length: 1020091
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
200 OK 111 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo233.xyz/nmwys.png
200 OK 3.1 kB URL HTTP/2 www.niumo233.xyz/nmwys.png
IP
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:57 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Fri, 14 Oct 2022 09:19:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
200 OK 73 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
200 OK 344 kB URL HTTP/2 kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo233.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:45 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Fri, 14 Oct 2022 01:10:45 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMd2rGU8YE%2BOe3N7XTKn3NNdb%2FldRu4pyQEH%2FpQ3asV6ufQokwJAEYsK8X8Ci%2FrPqnE%2Bada0l6UZzYDOzftZ3rN9rxEvjk2CaRHjU%2Fy1W41uRYCpifMGwWqF4Z2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a53ea40bff0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/dbhf.gif
200 OK 137 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/dbhf.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 137 kB (137392 bytes)
Hash a112d6f3413ecd31e05d8176fe9d3f6d
0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
GET /images/ggzz/dbhf.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 137392
last-modified: Sun, 29 May 2022 19:06:59 GMT
etag: "6293c453-218b0"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
200 OK 544 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 544 kB (543739 bytes)
Hash 2446eae1569bc615474e5171b3288a48
ffa275e654c81ced406f94adf2cabc29f218abf8
138e2d8ddc76336da120be17446a672c6a9b8fe7b40b51e557b84ed272f4362e
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: image/gif
Content-Length: 543739
Connection: keep-alive
x-oss-request-id: 63212A141F48743731C6766A
Accept-Ranges: bytes
ETag: "2446EAE1569BC615474E5171B3288A48"
Last-Modified: Fri, 02 Sep 2022 06:08:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14885647030865033853
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: JEbq4VabxhVHTlFxsyiKSA==
x-oss-server-time: 3
www.niumo233.xyz/smbaidu/tpwz.js
200 OK 126 kB URL HTTP/2 www.niumo233.xyz/smbaidu/tpwz.js
IP
Size 126 kB (126113 bytes)
Hash 53e5f81a8985e0826501e7f5076727cc
3b6558b11ae73b8b708536cf2942e19a4cc5bc6d
d8ad8f0022a454ab610e24582002580680bd8e470b70696e5196a851097289c0
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 03:09:27 GMT
vary: Accept-Encoding
etag: W/"631173e7-5a8"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sszhan.oss-cn-shenzhen.aliyuncs.com/ss7.gif
200 OK 451 kB URL HTTP/1.1 sszhan.oss-cn-shenzhen.aliyuncs.com/ss7.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 451 kB (451362 bytes)
Hash afdc5b309d685bf3f1300a5a821d87a0
de51f4858a0da2c050165f0183d8b1359a897952
f7b4d126969ab71911dd6958a0925bc6bd53e67f88bb8991c9ae5e205240a053
GET /ss7.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: image/gif
Content-Length: 451362
Connection: keep-alive
x-oss-request-id: 63212A142612B030388D3D27
Accept-Ranges: bytes
ETag: "AFDC5B309D685BF3F1300A5A821D87A0"
Last-Modified: Fri, 02 Sep 2022 11:55:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16048497211804833091
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: r9xbMJ1oW/PxMApagh2HoA==
x-oss-server-time: 1
885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
200 OK 94 kB URL HTTP/1.1 885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 200\012- data
Hash be67baa9c715136dff120d9645435ea0
c3326ce07fdd64f6e1538d539cfcb60a6bad5fa1
f010c0663ac0e8e9179459c11c8496a73411ed4f99b361868221c4de73e0563a
GET /8f2a8ec30bfc478abefd69fe3ff8bbeb.gif HTTP/1.1
Host: 885841.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: image/gif
Content-Length: 94436
Connection: keep-alive
x-oss-request-id: 63212A140E14E43536C6EECD
Accept-Ranges: bytes
ETag: "BE67BAA9C715136DFF120D9645435EA0"
Last-Modified: Fri, 26 Aug 2022 12:05:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2209351752192578304
x-oss-storage-class: Standard
Content-MD5: vme6qccVE23/Eg2WRUNeoA==
x-oss-server-time: 2
ocsp.sectigo.com/
200 OK 472 B IP
Hash c48240543aaa5096878433bd7df9d32c
ee70762c14deb7a420822c91faec19af7b858287
11687124a4704e1da4187b208e45bb164652d003f727a95c767c2c7590809185
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 12:47:16 GMT
Expires: Mon, 19 Sep 2022 12:47:15 GMT
Etag: "ee70762c14deb7a420822c91faec19af7b858287"
Cache-Control: max-age=473189,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a53ea868c40b4d-OSL
ocsp.digicert.com/
200 OK 727 B IP
Hash a930461b4e3db507517f5d259d3e1871
76037b3bdf9ba2be18b470efaffa28e167454660
2fcaf7a8c44ddb4f892f1138035a4bf5fb2e90b521c7ef2542634cb331dcc993
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 01:10:45 GMT
Server: ECS (amb/6BBD)
Content-Length: 727
9191919199.com//960x60-2.gif
200 OK 208 kB URL HTTP/2 9191919199.com//960x60-2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 208 kB (208057 bytes)
Hash e14ce8b2ce95aea15d310aad3068c658
809cf69f85b67d9ffef31e95f6b82540954fba94
0d55522e111968dcc621b05777ae03f6b499695293d5a2411de29c179076d09c
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 01:12:04 GMT
content-type: image/gif
expires: Fri, 14 Oct 2022 01:12:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
200 OK 315 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6255df5ac424a074fe82689c46ca63ed
e616db7258f63f9bb6497091389675135b47a54b
947158fb2bb7ec3f6c2fb475f4455fe9b9ae6f9cbc6d8eb37118cda1c2187555
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 01:10:46 GMT
Ali-Swift-Global-Savetime: 1663117846
Via: cache23.l2de2[3,3,200-0,M], cache23.l2de2[4,0], cache1.se1[27,27,200-0,M], cache1.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 14 Sep 2022 01:10:46 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516631178462002942e
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
200 OK 1.1 MB URL HTTP/1.1 tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1071505 bytes)
Hash d71a0585aedaa3ec4afda6baec03ac6b
ad3a590c022e5d82b43efc4b9f159eb6598c4890
6bfb388b33c1e444ca7382fceadf93b83a753f7ff0c4c960f7b142732ac28cd8
GET /huazidongtu/hybbff.gif HTTP/1.1
Host: tupaiyy.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 14 Sep 2022 01:10:44 GMT
Content-Type: image/gif
Content-Length: 1071505
Connection: keep-alive
x-oss-request-id: 63212A14B374843935A698F3
Accept-Ranges: bytes
ETag: "D71A0585AEDAA3EC4AFDA6BAEC03AC6B"
Last-Modified: Mon, 04 Jul 2022 07:26:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7665046247320685581
x-oss-storage-class: Standard
Content-MD5: 1xoFha7ao+xK/aa67AOsaw==
x-oss-server-time: 2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
200 OK 410 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo233.xyz/images/4dfsdadsd5ghrt5.gif
200 OK 411 kB URL HTTP/2 www.niumo233.xyz/images/4dfsdadsd5ghrt5.gif
IP
File type GIF image data, version 89a, 310 x 150\012- data
Size 411 kB (411269 bytes)
Hash e677fef93938e45f94dbdac40dcbe2ee
661f58d604341a3aaeacdb061e105cf88c5a4219
0f3ee208963c41dc1f36259f395e793a7e328aa7ab7a4a924df4d88323284047
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 411269
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-64685"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Thu, 01 Sep 2022 09:25:54 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-34
content-length: 236734
X-Firefox-Spdy: h2
www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
200 OK 1.0 MB URL HTTP/2 www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP
Size 1.0 MB (1002217 bytes)
Hash 617db32e1d03db1103988c66e0f472e7
5d4106e906ba7ba3a57dae637bddfeb90b371c55
62a08754407b11f80ac4518dfdd99b2279da00031bc8398ddaeebbe773faced4
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
200 OK 551 kB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 01:10:46 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 3315120
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=2
via: CHN-HElangfang-AREACUCC1-CACHE14[2],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Wed, 17 Aug 2022 01:24:59 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-34
content-length: 445140
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 35226 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 9e3bd239-161b-4896-853e-f30bedcac36f
X-Firefox-Spdy: h2
www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
200 OK 1.3 MB URL HTTP/2 www.niumo233.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Fri, 14 Oct 2022 09:19:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
200 OK 872 kB URL HTTP/2 www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP
Size 872 kB (872315 bytes)
Hash d1e88c0b672718f0c298d41aad8f6dce
5814d682a9a603c4d491ef055394887047c758c8
5a46e7fbe4797d27515fa482667c801e628e86bd8a2e6ad1d56a5f5d6d0ea6e4
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:10 GMT
vary: Accept-Encoding
etag: W/"61554e6e-1917"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fda999634a4f13eb1f128ba4058a8d4f
16d97ab0133ae1a49423b4727fe8242f85d1831e
5f9b0e0d10f5b845094ed7218155f167d78b1c4a8ad3d8d8ad709cbe84592191
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F9B0E0D10F5B845094ED7218155F167D78B1C4A8AD3D8D8AD709CBE84592191"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17072
Expires: Wed, 14 Sep 2022 05:55:18 GMT
Date: Wed, 14 Sep 2022 01:10:46 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 84ac8a9beefc77754f5bb641b26e2ae5
172cc94e8c28a50141705fc0d8369e4151640b67
8c07039b72cb8e8013d226379bfac7801a02641f7069c4ee11959d7188c4a4a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 12:06:12 GMT
Expires: Mon, 19 Sep 2022 12:06:11 GMT
Etag: "172cc94e8c28a50141705fc0d8369e4151640b67"
Cache-Control: max-age=470724,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a53eaecaff0b4d-OSL
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 451 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 653d32b3-ada8-46a7-834a-1429c416707c
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 14 Sep 2022 01:10:45 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 74649 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 4038d1a3-3fde-4a7f-add2-a2bfafb976d0
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
200 OK 1.3 MB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 14 Sep 2022 01:10:44 GMT
content-type: image/gif
content-length: 1296026
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:22 GMT
cache-control: max-age=2592000
x-delay: 596 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1296026
chid: 0
fid: 0
x-nws-log-uuid: 22ed3e7c-1450-4a9d-822f-f0944ee0fc6f
X-Firefox-Spdy: h2
www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/home.js
200 OK 11 kB URL HTTP/2 www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP
Hash 5608e24f689d8dbe9377518eeab0cff4
6e65408e2fa91dc58474104b437ba8d9e526a2c3
cda7c572e089df2c8b95a90af2be66a347bfdd4259dc5f0c51851b2f6cd13548
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Wed, 14 Sep 2022 21:19:56 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
17271819.com/9f4e58e42b1749cb9c07148c9e3c5719.gif
200 OK 139 kB URL HTTP/1.1 17271819.com/9f4e58e42b1749cb9c07148c9e3c5719.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (139388 bytes)
Hash a5b0e74df1797465e01cfc87422f9202
be7e59e32ba0f8a1d52759d7113521d591c4425b
2156bac1f7a54267c0bc620da31f7ea354f8f08ba2e7af1ea2114175c338df82
GET /9f4e58e42b1749cb9c07148c9e3c5719.gif HTTP/1.1
Host: 17271819.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:47 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 30 May 2022 15:59:34 GMT
ETag: W/"6294e9e6-4f6da"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0062.com/86b4c5b5e42b447492665532b841e916.gif
200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 01:10:47 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 11506
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
302 Found 0 B URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo233.xyz/static/fonts/voltaire.woff
404 Not Found 0 B URL HTTP/2 www.niumo233.xyz/static/fonts/voltaire.woff
IP
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 14 Sep 2022 09:19:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=uvli65tfqnfbcq1j57mib0r98k; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo233.xyz/static/fonts/voltaire.woff
404 Not Found 0 B URL HTTP/2 www.niumo233.xyz/static/fonts/voltaire.woff
IP
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo233.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo233.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 14 Sep 2022 09:19:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=6ibq436sc329alq378pi4s2t9e; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
api.nmw43.com/news/data.php
200 OK 0 B URL HTTP/2 api.nmw43.com/news/data.php
IP
GET /news/data.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 09:19:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
302 Found 0 B URL HTTP/2 img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
IP
GET /images/6319d98e178bb5a0f9388071.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
302 Found 0 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo233.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2
154.81.143.212
104.21.28.152
120.52.95.235
23.33.119.27
47.75.19.83
103.170.15.44
47.246.44.205
43.154.254.32
3.36.126.81
93.184.220.29
78.46.107.74