r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5059
Expires: Wed, 28 Sep 2022 04:04:06 GMT
Date: Wed, 28 Sep 2022 02:39:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qHd9iMffMtmjRB5oaBfwP-WvY0i7v-MRgkD3opcz_wJXy2FyK7U8Yg==
Age: 1450
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8JDpzzcqTu5yZFHp3wobNez8yGrN-P-8Oee6zk2oPcykq_1mdA-F2Q==
age: 62134
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:39:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ceo70.com/
154.81.142.213301 Moved Permanently 0 B IP 154.81.142.213:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ceo70.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 02:39:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ceo70.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7Mp2q2C0RyONAAxCkKqhuhLUsJSjVhrP1ma_sXQx9lNYzSiOsdwYCg==
Age: 1741
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5485
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:48 GMT
Last-Modified: Wed, 28 Sep 2022 01:08:23 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.ceo70.com/index.php
154.81.142.213200 OK 801 B IP 154.81.142.213:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash b195315d6cba157bb77e847f66c0d8ae
e97fbb4d303115c2250049771efd20b098b53ed5
2ac9f20f60165c3ed176eb1b5fb9b017bf43a0cbff846288c4e43f3a3d6c4a31
GET /index.php HTTP/1.1
Host: www.ceo70.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 02:39:44 GMT
Content-Type: text/html
Content-Length: 801
Connection: keep-alive
www.ceo70.com/common.js
154.81.142.213200 OK 628 B IP 154.81.142.213:0
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash f428f09f3f061423368a367ef9364309
658cd0bde399b05750a13355c3a05a6b219fe496
a7746b3a373b1e7f1656828ad16a5673fcb4c1c0fd7c3943b29c69ce9a3ab63f
GET /common.js HTTP/1.1
Host: www.ceo70.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ceo70.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 02:39:44 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cpqn/joiRY5wJ2Lo48SpWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HtelCuWnxNFyRFNsDuNkO2o3wgo=
www.ceo70.com/tj.js
154.81.142.213200 OK 536 B IP 154.81.142.213:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 0af9d7412b5a3786ee8d6c7490176f3d
62a2fb7a049d18b1272af6c9fbc9a65af1a493c6
c9fcbffa26011916fd02694087b2af97ad42e0574fae1928a3057dd5a0b03a62
GET /tj.js HTTP/1.1
Host: www.ceo70.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ceo70.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 02:39:44 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ceo70.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 28 Sep 2022 02:39:48 GMT
Etag: "4078521116"
Expires: Thu, 28 Sep 2023 02:39:48 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=8BB7D0FAC32610AA3E3EA1CD5A50A9E3:FG=1; max-age=31536000; expires=Thu, 28-Sep-23 02:39:48 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3328
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:39:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3328
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:39:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3328
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:39:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:39:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:39:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 17470
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:59:08 GMT
age: 78040
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:52 GMT
age: 15056
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 17450
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:35:49 GMT
age: 68639
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 17628
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ceo70.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 28 Sep 2022 02:39:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash daa06f206b9ab63b716afd0f2899f904
b5a298a8a588886d5104c5c2e0d1440c8a280628
ff0a42e90cac724d18f3048367298ae55b2594df59afad4f3e306e51477a4f7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF0A42E90CAC724D18F3048367298AE55B2594DF59AFAD4F3E306E51477A4F7D"
Last-Modified: Mon, 26 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1529
Expires: Wed, 28 Sep 2022 03:05:18 GMT
Date: Wed, 28 Sep 2022 02:39:49 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fd5f37fdb600dddedc189f7efbbe606a
ed8b939bbdd31cc9b9baa5375578608c92e96729
4bfeab3df15a737b2659916f38a119b4bf7b83f8cce93affe5ae53aa27c6cc67
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 00:54:39 GMT
ETag: "ed8b939bbdd31cc9b9baa5375578608c92e96729"
Last-Modified: Wed, 28 Sep 2022 00:54:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 462
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c5b7c510b65-OSL
api.share.baidu.com/s.gif?l=http://www.ceo70.com/index.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.ceo70.com/index.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.ceo70.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ceo70.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 28 Sep 2022 02:39:48 GMT
collect-v6.51.la/v6/collect?dt=4
139.9.63.194200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 296
Origin: http://www.ceo70.com
Connection: keep-alive
Referer: http://www.ceo70.com/
HTTP/1.1 200
Server: nginx
Date: Wed, 28 Sep 2022 02:39:49 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.ceo70.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
139.9.63.194200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 297
Origin: http://www.ceo70.com
Connection: keep-alive
Referer: http://www.ceo70.com/
HTTP/1.1 200
Server: nginx
Date: Wed, 28 Sep 2022 02:39:49 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.ceo70.com
Access-Control-Allow-Credentials: true
www.ceo70.com/favicon.ico
154.81.142.213200 OK 1.2 kB URL HTTP/1.1 www.ceo70.com/favicon.ico
IP 154.81.142.213:0
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.ceo70.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ceo70.com/index.php
Cookie: __vtins__JcEwiF8NfRqfr97S=%7B%22sid%22%3A%20%2298cf8b69-36e9-50d5-bfbf-a2bb8cbdf2fd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201664334586434%2C%20%22ct%22%3A%201664332786434%7D; __51uvsct__JcEwiF8NfRqfr97S=1; __51vcke__JcEwiF8NfRqfr97S=4bac351f-f366-509d-8476-b0e537e88ddf; __51vuft__JcEwiF8NfRqfr97S=1664332786439; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%227e017320-8be7-504a-939f-07d2c3e05ee6%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201664334586452%2C%20%22ct%22%3A%201664332786452%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=f1cf63f0-7256-5f72-830a-ef8a9b2d61f1; __51vuft__JdQpk0p36jq0lsZj=1664332786455
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 02:39:46 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 03 Oct 2022 02:39:46 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.nmw43.com/news/api.php
104.233.148.41200 OK 691 B URL HTTP/2 api.nmw43.com/news/api.php
IP 104.233.148.41:0
Hash c0286df5cf4d68d2f36d9170f7b91e78
3701198111382efcfef7962e2f2dcad97bc52ea0
48919e766655c49aab806e40eda670942bf1df1e31e41d688273daca741ea52f
GET /news/api.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/news/data.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 829f1d81f058c78bad2ded1567f40505
89622334a86396bd5f895375a5bfeb86046ffc98
d1d59758cd32c0b5f91cbfe31c03b85aa63236eea14ce9a76957b711dad4fdcd
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ceo70.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 02:39:49 GMT
Etag: 32135572327b82167e3d39ea0ef4c5cf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BFCF8AFFE0F747E0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash c019bd942ef58a5d374212dc15d05a8f
1de3df402b387823afcf4523107342a23180022b
ae07bbdfb8c7a905ef986045826a2c15aac169ef444b510cd63f7601ae9112bf
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ceo70.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 02:39:49 GMT
Etag: a2524355b539d4d92b48462046c03473
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F8C4E54CAF13E330; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.niumo259.xyz/static/images/hot.gif
104.233.145.194200 OK 254 B URL HTTP/2 www.niumo259.xyz/static/images/hot.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=575917918&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=5928&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ceo70.com%2Findex.php&tt=%E4%BB%99%E6%A1%83%E5%8F%AB%E4%BA%8E%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=575917918&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=5928&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ceo70.com%2Findex.php&tt=%E4%BB%99%E6%A1%83%E5%8F%AB%E4%BA%8E%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=575917918&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=5928&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ceo70.com%2Findex.php&tt=%E4%BB%99%E6%A1%83%E5%8F%AB%E4%BA%8E%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ceo70.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Sep 2022 02:39:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9EE58E16431BF44F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1126269463&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=5928&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ceo70.com%2Findex.php&tt=%E4%BB%99%E6%A1%83%E5%8F%AB%E4%BA%8E%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1126269463&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=5928&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ceo70.com%2Findex.php&tt=%E4%BB%99%E6%A1%83%E5%8F%AB%E4%BA%8E%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1126269463&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=5928&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ceo70.com%2Findex.php&tt=%E4%BB%99%E6%A1%83%E5%8F%AB%E4%BA%8E%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ceo70.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Sep 2022 02:39:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BA4F8A16EF463529; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 680e45e1d0f26b93b6b9abd01e2b43bc
151408f50fb319b4c3b2132df6876cc83b7e26bd
615243401588be5bd261d863720958d9820f7081f3233bb0d0f89842feaaa8c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "615243401588BE5BD261D863720958D9820F7081F3233BB0D0F89842FEAAA8C1"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Wed, 28 Sep 2022 03:21:26 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f5f25221fc966597e27fa9d7ea5c062
669238ee0f513cb6266313691cb818a96197d13b
82d4bf20bbb21e670f7cf5aa033c183a901ede5a94301bc00b350a95921a0d7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D4BF20BBB21E670F7CF5AA033C183A901EDE5A94301BC00B350A95921A0D7E"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11074
Expires: Wed, 28 Sep 2022 05:44:25 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7f5f25221fc966597e27fa9d7ea5c062
669238ee0f513cb6266313691cb818a96197d13b
82d4bf20bbb21e670f7cf5aa033c183a901ede5a94301bc00b350a95921a0d7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D4BF20BBB21E670F7CF5AA033C183A901EDE5A94301BC00B350A95921A0D7E"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11085
Expires: Wed, 28 Sep 2022 05:44:36 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
www.niumo259.xyz/smbaidu/tj.js
104.233.145.194200 OK 1.6 kB URL HTTP/2 www.niumo259.xyz/smbaidu/tj.js
IP 104.233.145.194:0
Hash 52eaad7e9a3c2bc84309a9dfbff0fdaf
61f27cad292d80c94afbf4feea2fe22421379982
dc8800fb8f7bd888d2d5a5b995149af8e5da4dd6631ad6be573af1518f64cbe2
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 16:35:36 GMT
vary: Accept-Encoding
etag: W/"63332658-f43"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/logo.html
104.233.145.194200 OK 826 B URL HTTP/2 www.niumo259.xyz/logo.html
IP 104.233.145.194:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d00b7df69522bf71f59047c570152aba
7dfa7d7b78ef9cbe530d38166368902ccc2ba777
39d6e18c64a02091e80c09464c295364a2d6320cce80fe913336635977ca9419
GET /logo.html HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: text/html
content-length: 826
last-modified: Wed, 24 Nov 2021 04:39:45 GMT
etag: "619dc211-33a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash a20ee0b86dddff79996a144c72db7db2
5f5a393f7fc1de9e7c56617a79fb86174d722b24
74f172c79aae80e292602f51878489ffe08563731a0f581233b5c77e379f131b
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:31:13 GMT
ETag: "5f5a393f7fc1de9e7c56617a79fb86174d722b24"
Last-Modified: Wed, 28 Sep 2022 01:31:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2038
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c69c8c30b65-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c29fe4e332ce0c933c57d0936a85e57
0a24a48369c545fe06b84597eaa2ca36df5e8dd4
9fc43f0bd59a45dd652735441f792d28677f72331b485aa77111c4cf7adc10f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FC43F0BD59A45DD652735441F792D28677F72331B485AA77111C4CF7ADC10F5"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Wed, 28 Sep 2022 08:39:46 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a96e4a48881f13199e2216a795fab42d
23797318f001143e0ef2243d22173e168862bcf6
34feead6da61a33cbfd1df6dfc9ee76746757576bf27f5a73135ada525803259
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34FEEAD6DA61A33CBFD1DF6DFC9EE76746757576BF27F5A73135ADA525803259"
Last-Modified: Tue, 27 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10829
Expires: Wed, 28 Sep 2022 05:40:20 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 28 Sep 2022 02:39:51 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 060c74a2f3109ea5c8f664a921e50872
228d1d580277da0f9fcdce8e6f0e8c174adfd914
48e8c5ffd2e4ea424523a51354d478dbb26399cbb47507931c668a474301a163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48E8C5FFD2E4EA424523A51354D478DBB26399CBB47507931C668A474301A163"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5
Expires: Wed, 28 Sep 2022 02:39:56 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5c0831a61578a6fd78b8547e7697c1e
9988a9467db8ad40bb6306b4846b3bb248669030
d153e3294d69386c06c495b4f16682ed16c5ab79db2a847b477aae4d57006b00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D153E3294D69386C06C495B4F16682ED16C5AB79DB2A847B477AAE4D57006B00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16948
Expires: Wed, 28 Sep 2022 07:22:19 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d204b439c90d39a61d5be0a75e7fcc29
20b514adf24ed93bbdab3668abdeaaea25dd6b73
06d2c0c5b19e16fd10b4bcf28af7d78120590c8aab1a229e6577614b1ead800a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06D2C0C5B19E16FD10B4BCF28AF7D78120590C8AAB1A229E6577614B1EAD800A"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15829
Expires: Wed, 28 Sep 2022 07:03:40 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e8efdaac31c72c6e981578600b8b4d5
c8a64b17f8d57ead1ba23b551a4c0de0f1621fbc
c3e2cc3800f08bc4c33c08b35e243f2558dbbc493c6f1bb16551b8a82f686bee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3E2CC3800F08BC4C33C08B35E243F2558DBBC493C6F1BB16551B8A82F686BEE"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21539
Expires: Wed, 28 Sep 2022 08:38:50 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d2aec2d24714178ec676a6d3ca3bd6e
dacc447f20fb283c175858cd9da34a71d6d950e9
e9d3307174704791c2ba4212835cce1c219dcc979b6dbf5e36ae5b448b7081e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9D3307174704791C2BA4212835CCE1C219DCC979B6DBF5E36AE5B448B7081E6"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1761
Expires: Wed, 28 Sep 2022 03:09:12 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
kvmaa.com/e27e16f06bd973f89ff8eb016904fb5c.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/e27e16f06bd973f89ff8eb016904fb5c.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e27e16f06bd973f89ff8eb016904fb5c.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash a13bd197f3f1e323718f3319256d05f8
1c30c1e58fc89fc958d8e57c3ac9f39ecff8f50d
0a3f87e5bdc95468fbbca9c007eddc1b1642bf614fe15a561f01834f821fecf3
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 02:39:51 GMT
Etag: 0b0fc0569fff3f10325e4d370980cebf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2615E0CA82C0B929; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101912000a01jf8t5395.gif?proc=autoorient
104.110.17.24200 OK 423 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101912000a01jf8t5395.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 80\012- data
Size 423 kB (422693 bytes)
Hash e8f8e2de259788e7c2ec5639aab6931e
8a76516927e65b68cd0b67d8fe95cb32c956c096
68d48415ac54b93ba3420a0f034da04d68a3a48ccdad27abcd5aa60d3a67775f
GET /images/0101912000a01jf8t5395.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 422693
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15334106
expires: Fri, 24 Mar 2023 14:08:17 GMT
date: Wed, 28 Sep 2022 02:39:51 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
104.110.17.24200 OK 446 kB URL HTTP/2 dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 446 kB (445879 bytes)
Hash dfbf81fb5d0c62a4890d1362f950c5d7
725b5307b3976bd29822d38f3a22d119086498da
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
GET /images/03964120009z0w8i44344.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 445879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14786038
expires: Sat, 18 Mar 2023 05:53:49 GMT
date: Wed, 28 Sep 2022 02:39:51 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cec9d086d28ab7149b82aa198a6136eb
4502af8a6aab75071fd15b83fb251133324a564f
f8eafb524d6b3d0b7afe0e75d45e80ae60f8f264eefc6daf40ad93748704c45a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8EAFB524D6B3D0B7AFE0E75D45E80AE60F8F264EEFC6DAF40AD93748704C45A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2090
Expires: Wed, 28 Sep 2022 03:14:41 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f22c3e10d393f12943631a38d4cb2b79
f23020e80ea6dbce0d836da2c6aebfc5d6c7d929
6fbdb7e1a2ebf1682aa8d4ca6f51b5657ce50b36e11292ac3aa48636ab818e62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FBDB7E1A2EBF1682AA8D4CA6F51B5657CE50B36E11292AC3AA48636AB818E62"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4749
Expires: Wed, 28 Sep 2022 03:59:00 GMT
Date: Wed, 28 Sep 2022 02:39:51 GMT
Connection: keep-alive
kvhdd.com/c98e6b8a78369517d4778f40b8b6225c.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhdd.com/c98e6b8a78369517d4778f40b8b6225c.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c98e6b8a78369517d4778f40b8b6225c.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:51 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/c98e6b8a78369517d4778f40b8b6225c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/cptvgozzaho.jpg
104.21.235.63200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/cptvgozzaho.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash bfece9dcafcfe8e649007ba9e2b77525
4611b2d0867b87e072b9b94f97eb49eda59ee649
0516890cfecc12c56822ea33e768a0ef580e994e6b839391836a307190c7b02b
GET /upload/vod/2022/09/cptvgozzaho.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 10117
cf-bgj: h2pri
etag: "6332d2d4-2785"
last-modified: Tue, 27 Sep 2022 10:39:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRWKQhkeB8hRIFWJaBKlxE97M2zhTTjEe%2FPvv2qxpw3%2B3jUIVAgC4G7yTpVhvO9Jc%2FJ3zCOMyJWdQkQe%2Bv5Ax61Zv9n33zfKRpvJkobGGuCNuCOQwtFUvxN%2BnMy8UFxp0jjz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e7ab4dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/p002kaieeu2.jpg
104.21.235.63200 OK 9.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/p002kaieeu2.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash e1e46653e899ac6af75962e367874a4f
9246b7ca85b3e0a69d996c656a9d9e298f80bdaa
d2e77441aa656fee6dec06f0ed0c88a7b68c5e398836376b8267dd87513d4492
GET /upload/vod/2022/09/p002kaieeu2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 9368
cf-bgj: h2pri
etag: "6332d2cc-2498"
last-modified: Tue, 27 Sep 2022 10:39:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut9ZJm1EcXqXmuPigaFcSoW6tsTr91phs7P9V82fCj94OxBvuIj0LuOrjGP2P3RrUrNV9CFA7nAO6%2F0YuMo3zGkiWUmAAm9rvgUPn5CyyiD7QuVRcJMAimqXkjqZXDgXf7l5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e7ab0dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kvvp2mkzghx.jpg
104.21.235.63200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kvvp2mkzghx.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash d83a10b314b40ba4b6e4223e366701ba
f3f6837182118150fbb2e2d41b06f42a304b3fc5
4e418b96f16c23134934494f390caabb45283271ab83427fdd01458974e63b1a
GET /upload/vod/2022/09/kvvp2mkzghx.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 12951
cf-bgj: h2pri
etag: "6332d2d4-3297"
last-modified: Tue, 27 Sep 2022 10:39:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3114
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56BUhey2NxMWZFRtH0FFhh8OwuOBwVZJtVBow5h8AYhBuEs2YhPhMDh3lCZ9XXrvDBUwzwL%2BMvFnJoctvo%2FXhDEUucb0jXfKyo0ERjyyButb0tUg08F%2FPJerA7lkpfWc3Sv0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e7ab5dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/44wdbwzu0vw.jpg
104.21.235.63200 OK 9.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/44wdbwzu0vw.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 69711b2dd7cf88f040f19fd81bda9e1a
61c49af189e3fda76fdbaba7d439363c5987b3a4
efeef9f1abe3438ad84c1583efc148fb74acc795d7404d939c3a7c96f43558ec
GET /upload/vod/2022/09/44wdbwzu0vw.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 9535
cf-bgj: h2pri
etag: "6332d2ee-253f"
last-modified: Tue, 27 Sep 2022 10:39:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmuzRVhDILU9N2FnwTv1t%2FOEA5Ql2ycpoHMmGuHLCGqye7VUNr8p6kChv816FJ1tmaiN%2BDyyq9ZoGtzVRcews3lQLt93kfFW0IQ%2B%2FvGH7v8j%2FWtrqfYgg77AQq%2BONjin3Dx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e8ab8dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d77c880cb70b82ee6b929a28dd9fe5fb
0716a1bd2072d13140ee51e555fec2a7c2b0d1b3
519d4c2fcf02e84b93e6513316ead9dcaadaca1112944229ca7f4e044f301632
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Last-Modified: Wed, 28 Sep 2022 02:08:57 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 279
fmtu.netfhtu.com/upload/vod/2022/09/c5wtq2ibbzi.jpg
104.21.235.63200 OK 7.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/c5wtq2ibbzi.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 1a7254ef48a3cce39d42c5b42745442c
0def0bd9ea38abacc34c396d045fed8ca1c6d03c
003122e78aed756e8d1e503125af75c286df0eb6825ce865d8b7d66db478c329
GET /upload/vod/2022/09/c5wtq2ibbzi.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7913
cf-bgj: h2pri
etag: "6332d2f0-1ee9"
last-modified: Tue, 27 Sep 2022 10:39:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPzPuJODCmFh4qC6izNDXwpd7wiDuEICk5oeNNpLzHvYoVOTb1dARDr5ht9oXGfsCZCD%2Bt4ap68qsf928h%2F0H0vYRRT59Qhg0sWhpQK6BeTd0rz53vN0%2FO%2BhlYFDgRRxI9UW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e8abbdc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d77c880cb70b82ee6b929a28dd9fe5fb
0716a1bd2072d13140ee51e555fec2a7c2b0d1b3
519d4c2fcf02e84b93e6513316ead9dcaadaca1112944229ca7f4e044f301632
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Last-Modified: Wed, 28 Sep 2022 02:08:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
fmtu.netfhtu.com/upload/vod/2022/09/kmwiemrui2l.jpg
104.21.235.63200 OK 9.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kmwiemrui2l.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a3353c4af4e9e9989c920af2ac209315
8efeb0a16178461c3bb942bc11b7f8f974c19e66
e237c0352c97bee614bd435d27461ddaa946be31bfec71fda57115b39595d180
GET /upload/vod/2022/09/kmwiemrui2l.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 9144
cf-bgj: h2pri
etag: "6332d2d9-23b8"
last-modified: Tue, 27 Sep 2022 10:39:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZYo7jDwN06aYDa2pmF9YMxnR%2FJWKLb7iCWYIu6flwbSIlo5eWbqNjXbbV32UclgsSgs1ygOiL4O01cDbJTdgCtvG9L7%2Bi8h4RqvsGTcezvyNSOyfPHs3U8o%2BIvV0E0UqxSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e8ab7dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/s04r52hxbst.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/s04r52hxbst.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b096a7e803c71539f3828dd4bd9f96f8
f7019928b791ff9ac4adbf5032570a2b93c42210
28f8e2fa44628f0e40894907a4d55fcaef7836318aabf95d6d9967799a7cea1c
GET /upload/vod/2022/09/s04r52hxbst.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 12039
cf-bgj: h2pri
etag: "6332d2ee-2f07"
last-modified: Tue, 27 Sep 2022 10:39:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcIeDUsOrylSoJblGz5KfGVB5rEEzKOikncETeZJn6SD%2FoV0klb7Fq3LnOmgXqMQ8UIS69fhVSpgg%2B6DUWwnuQrd5kH99r45FxgKmmurIPUF6n5kAt3SifLHPJPs5%2Fex24aM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e8ab9dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:42:24 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Fri, 28 Oct 2022 02:42:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/qvacxptfx3r.jpg
104.21.235.63200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/qvacxptfx3r.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 33aa22f7ab68902d7bd8d6d42fb4756a
ad0c6ad0ceeafbc97c28266326cb72fe32e6e081
6eea5c1d4888ac60095c89fe5b0a63bf5d4cf617fe3b62690dd7bd96aba2fb57
GET /upload/vod/2022/09/qvacxptfx3r.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 10468
cf-bgj: h2pri
etag: "6332d2d8-28e4"
last-modified: Tue, 27 Sep 2022 10:39:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 890
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5ofY9VMaQDIlq1iEC%2FNcZMb3KWducg28SVDUk2VmnUY8RQ%2BC4UmhEIDOy9F%2BSmiITUU7S4J3MK8Dx1FoArWL1DdhUrZpVp7G%2B2ZolqD4t6kP%2FU6X1Kszdbzn9RcePqnLt2x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e7ab6dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ik4pkzvilsg.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ik4pkzvilsg.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7408982ffd8ae528402d182c9ce209c1
4e5850ccb6df8c29f032607816eb83e96ba0e167
ccabafabca484dcd0a4079f178ab3b06aeee46a4570e072fb2e8620e37527282
GET /upload/vod/2022/09/ik4pkzvilsg.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 11373
cf-bgj: h2pri
etag: "6332d2f1-2c6d"
last-modified: Tue, 27 Sep 2022 10:39:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYgj65NbvgCbGo5D%2BnDi9m6FRmA1GIAXQ7YK60ePCJP9IfZZRxSpYzWXjxVc9jV7lg3fa6EHwWiP8rAvjQiYKjTuImsruoRYbeplwsWeUClz42WhhwBfMY%2FZeun%2F3WvWbQdX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e8abddc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/dd5bfv5fgdx.jpg
104.21.235.63200 OK 7.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/dd5bfv5fgdx.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 1281a3c3299613baee4d15752443b4c4
d4ec5521985d2e5edef6241110437a8e47086d9b
e490fbfc44d9937f54117ff9091c3a3970d4569c44ade1e0d497ef2fcd4808cd
GET /upload/vod/2022/09/dd5bfv5fgdx.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7817
cf-bgj: h2pri
etag: "6332d2f2-1e89"
last-modified: Tue, 27 Sep 2022 10:39:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQqv71fZ5Usix%2FYmK5suRRbmYSr66%2BRZorfS%2FvmnjJmMqQl5h7kfyO3gvP1Z08vspHYXYSVxOFVTNEJroxnVTQyzSxOCoh%2BSeLbwe2KlIXwhjyagxafuTmzXUxa3RrJNQgOH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad0dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ees0ipk2dqe.jpg
104.21.235.63200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ees0ipk2dqe.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b2f8844c2e9b215bd11249c3a8c547f5
b5715c396a5074551b33612393cd4f8347d1c8ce
f8a33be778fda0b9efa1ec977ffe418c52ab3685ac8b4a2ddf3aa525970ce7f3
GET /upload/vod/2022/09/ees0ipk2dqe.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7616
cf-bgj: h2pri
etag: "6332d2f3-1dc0"
last-modified: Tue, 27 Sep 2022 10:39:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyQHKW%2F3%2FWOFyYL1RF1FlqJ6R0KZbSOBCMeGJDLbu3pKGR6sae%2B5jUm8MUq5n3dQF1F1SnU%2Fn7xVGUYuLriJqtiSzvcI8cDJTbNsYWmGHBuDZnaWvSqNHuYhn2WCK6gMqtwS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad1dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kyf4s0l30dd.jpg
104.21.235.63200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kyf4s0l30dd.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash bf615369545e45a88c7c3c1f675f133b
c612308a81591fea7bfec39ffe8535c6fdaa7d34
7c331002724ee34f2210734505241109d113620f889d956104a100113ca49122
GET /upload/vod/2022/09/kyf4s0l30dd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 8740
cf-bgj: h2pri
etag: "6332d2f4-2224"
last-modified: Tue, 27 Sep 2022 10:39:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BmsN4%2FBK4GPT2eu1NPQ9H9jckwH%2Fbr5Hy0uWixKiIRsLpUa6BRUg1mY1zifWZy1xreZ7dohGkmG4SjWbNS80HkavibCNrkU7vR3Bi%2BM1sEXTgu4vvYV6t7JDP7qt1t%2FCcvK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad4dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/kk1dwvqx0ha1757kk1dwvqx0ha272029.jpg
172.64.141.29200 OK 5.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/kk1dwvqx0ha1757kk1dwvqx0ha272029.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e90d3d674ba3bcb192ee55f4718cb531
93f46434a73f5641cc648a110acca2df2a13729b
ea21f1ed3c706d592bbc9d3c5175e88b3117e5c7e7bed6f2d8c399c499614ef8
GET /upload/vod/2022/09-27/17/kk1dwvqx0ha1757kk1dwvqx0ha272029.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 5351
cf-bgj: h2pri
etag: "4e9db38c57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6105
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6IB1GkWLzcKx2Q0VBNuz28kd2Nm%2B6k88FuT7MXsXugGioCgwOp6XZ1tnDPfB08EF%2BRk%2FljHjNXgDoLF37Hc1CAOkg6%2BF5XWmBPtd%2BXJEDd4U7jVj6VK040CMNATBNKhZzaA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba8751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/oec1tizj1xv1757oec1tizj1xv252025.jpg
172.64.141.29200 OK 6.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/oec1tizj1xv1757oec1tizj1xv252025.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 378aec19ea4ff17d4ec7aa2b6d955283
f71cdb9b573a63bcc7b42de0911b235d701da626
fe8518fcc12d62d9f7edf0fbdc23b73ad22769f995e2b6e7464a8ef9ca9045de
GET /upload/vod/2022/09-27/17/oec1tizj1xv1757oec1tizj1xv252025.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 5993
cf-bgj: h2pri
etag: "7a3a9a8b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnOZ4K%2FXi500kBcsUg%2BieXxVRr%2BEP4VfzBQx92ZzX3DTy8kelpFsZSBVQlR8JP5%2FvkWqZF6HvG9bUcFPfZv5GwfnygTZYNRf%2BGDgpnTbnKV9%2F1zIyOzM3Z323SShbcnqY8gu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba6751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/llcbzt3wfkq.jpg
104.21.235.63200 OK 9.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/llcbzt3wfkq.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b84a9d702b54ec98eea787ab95e22c50
aa5e958a98b538f37d39875b6572de43fbc2706b
acc93cb0987571ad5d8cb79fb8a19489e9310c93c1af8e29b9c3dca14d8ab47e
GET /upload/vod/2022/09/llcbzt3wfkq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 9550
cf-bgj: h2pri
etag: "6332d2f5-254e"
last-modified: Tue, 27 Sep 2022 10:39:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EV70gXUYA4KecaWEpeCe8Cd6BOxa1o17j6dH0PNOZq5HN10l6FuhW9oZ%2BKqGOXmkO%2B7dYVyxaP6dNCILFLzdYTedeb8QsKl3WySbNYtAX4NJSWWiom1CjeQhdtKq3z86tHfv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad5dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ycy0emztzlk.jpg
104.21.235.63200 OK 7.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ycy0emztzlk.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0b992180f0b4a48dcafc8ae83fffb79e
13f8dfdaccb6435969dcc5943407c3f69ccce3cc
9670eaadcaa1964de84d05242fe8da4b14a85a8c294a2d206c24f20c94d71ab4
GET /upload/vod/2022/09/ycy0emztzlk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7906
cf-bgj: h2pri
etag: "6332d2f7-1ee2"
last-modified: Tue, 27 Sep 2022 10:39:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1lP0c7LO365fx1SNj%2B3mAp3a0jrakB0mO5We4RGIZiQr%2By6jxYnjjT%2FSNWv3LnnHzxEwiySt7mTbTCh42GjxlZMBevRg99TFLj8XVo5V9OeYmK3Z4CESPfQEZwDkIJIQir0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad6dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tm1dc2dzuup.jpg
104.21.235.63200 OK 5.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tm1dc2dzuup.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 3f86de2eee798dca5390bec922aa5cc5
32c92368a5ef7128765ed546aefb7e15128a85a7
f503072a98000d60194a429a934dc886d70ef45191eb5291659a5a2f7bf06ef9
GET /upload/vod/2022/09/tm1dc2dzuup.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 5787
cf-bgj: h2pri
etag: "6332d2cb-169b"
last-modified: Tue, 27 Sep 2022 10:39:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUsm0Fv%2Fad%2BpWY2UkMijlNvqcuvs%2FJUXmGnTkL%2FwwTC8HLLMJUQOvXUggN2OnOOUP0nFHnpV8vKlCUF51RzKBkx7aTU%2F9NljKvjM7bEDJTTsg45t156d4yXGbrF3RfpId%2FDb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad8dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/2rrermu4icq.jpg
104.21.235.63200 OK 7.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/2rrermu4icq.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash a2591b20ec055f0bbef59f3f08ab62f4
8a57c01984d3d9f61e00d0b2e9355ce823d230fc
8dc9bbb2d4bf413ec90dd390786fcb997cf61f5d269a76e542dc8def5d1f85ab
GET /upload/vod/2022/09/2rrermu4icq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7261
cf-bgj: h2pri
etag: "6332d2d0-1c5d"
last-modified: Tue, 27 Sep 2022 10:39:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX9td4UZzAcIvHczoeVlPzn8Ld2lo97V4x7ynEPsfP5dKoxPWeZBW2AF62H3uuwzaT%2FH7IaRwktGJsYa%2FoUq89hFKy1SKUkLtnW35wC0I1oacBt2YgTMm9xeUNgG0nDqPyCH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad9dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/se2rvu0x2pg.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/se2rvu0x2pg.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 29caf2d7c839af5213b03fab9996bf9f
4438158143c4cb71d674544f449d0ee0b647f3c7
5a0b095ef6bccea78a102ead5b549d2497ac5692912aed1509dfaa8c1f42c641
GET /upload/vod/2022/09/se2rvu0x2pg.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 11124
cf-bgj: h2pri
etag: "6332d2d2-2b74"
last-modified: Tue, 27 Sep 2022 10:39:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpHuHvOsXf2jMpLOrwwi3kcics2khauTJsHyScFUGW5tri%2FXnjyyPBMdJGanw55oyWN1fE%2FjFHEqTakx3xdx4NMXlsiBeT9vzpBvE54jhfeKkPwxDueCG2O1PGB4jNcKo4r0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9adadc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/yd0mnt2x1uz.jpg
104.21.235.63200 OK 7.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/yd0mnt2x1uz.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash e73f5e7709d2ad3144da07070ddc0e61
cd44164c7cc5d5c06e1a821878c029124d4b7a07
43ab67cc62fe3544c498f58817f938a0b28b98c302b9be94dbc8edfa6a9102bb
GET /upload/vod/2022/09/yd0mnt2x1uz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7519
cf-bgj: h2pri
etag: "6332d2d0-1d5f"
last-modified: Tue, 27 Sep 2022 10:39:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c33Bb%2B1e6Gxy7%2F5VN9UazYZUMPw%2B76dO5OndGtGsIB1cg%2B7wEPfkUsjoU6kISo5yPQtqo8%2FCvfQRT2YbF320UxEx%2BVGrrfZTuFEjrMUNO%2FIspZ4ynrC8OlrlZcrMBAerkwY8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9adbdc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/lhgz1yetnit.jpg
104.21.235.63200 OK 8.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lhgz1yetnit.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 383ce3bd86d22b257ac068c87bfb2141
ca382eddf4960d5a3b13a16ac6d63be495b88a5d
721fa366490ee1043a6f41bd6d0b1dcf7900c9905386edd5c2cd500b28a3ecfb
GET /upload/vod/2022/09/lhgz1yetnit.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 8356
cf-bgj: h2pri
etag: "6332d2cd-20a4"
last-modified: Tue, 27 Sep 2022 10:39:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IUYvCUGarCDQDxDvJ5xkZOVCsnol8xIZaAxarz0x3GBEhzIJlN%2BU32nTplnRs0M77u%2FRXn4VNFBvpM7zZJe5GfX1nNRlI4b%2BVPQ8JgdPO%2F4sdPf7EgmRN3ORTf5lDGqrZJf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9adcdc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe0ef100a7195a9e368ae08c3bcce76e
9f586d60ea6f1d4773ec1cfdda523d872126ec15
99059b1f952686e6d21998849efe2436cde96331c164f8b6a7a484ab281ecadf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99059B1F952686E6D21998849EFE2436CDE96331C164F8B6A7A484AB281ECADF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=64
Expires: Wed, 28 Sep 2022 02:40:56 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe0ef100a7195a9e368ae08c3bcce76e
9f586d60ea6f1d4773ec1cfdda523d872126ec15
99059b1f952686e6d21998849efe2436cde96331c164f8b6a7a484ab281ecadf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99059B1F952686E6D21998849EFE2436CDE96331C164F8B6A7A484AB281ECADF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13
Expires: Wed, 28 Sep 2022 02:40:05 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-27/17/kphsvc1xu4g1757kphsvc1xu4g282033.jpg
172.64.141.29200 OK 6.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/kphsvc1xu4g1757kphsvc1xu4g282033.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2b1fe73e019e5d5025aa31baab4363a2
db9478d4b1d21744fa6e64e5a8a75e815ec79e99
afc225a36925ff01139569b77e6163ba02b5d9a61417669cae45105b9ffcb5d1
GET /upload/vod/2022/09-27/17/kphsvc1xu4g1757kphsvc1xu4g282033.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 6589
cf-bgj: h2pri
etag: "524ebf8d57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6105
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJfA7bpw2k3AqsE8op%2FR2iaCf78P%2BL%2BucmZMvwTgRb%2FjSo73ez7co%2BdiLM13Q%2BIQGZ8zzKfWZetKG%2BhIjcOBoEZHRu5zVsthXLxVvQrHQK81Qo0Lw54RDIkv%2FuzwHzMpSNd%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebbaa751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/hu4dnu5hwm51757hu4dnu5hwm5282031.jpg
172.64.141.29200 OK 4.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/hu4dnu5hwm51757hu4dnu5hwm5282031.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8e6a39fe2b3811adb90250925a1cae6b
da0452f64efebd0e8a21dbc27fed1e06d0ac517e
bdee238a0b75983ad2ce79fa4d4422ec2f83e02b3c4989ad6bfb70c404ca1557
GET /upload/vod/2022/09-27/17/hu4dnu5hwm51757hu4dnu5hwm5282031.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 4231
cf-bgj: h2pri
etag: "9d4f378d57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6105
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQTtzcS67vRpjZlMzCqDlOurbWfS0uQmq84eHEdKVtvmjgMVX%2FB9OJOnmU8ciplkYVBhqGCaFwwbd376snAUicHeQ%2FQ01%2FdRVUFGThMYVp9uviAv0DzBWBxUsJKe2ACCJhAx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba9751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/3xoxqwipvnu17573xoxqwipvnu242023.jpg
172.64.141.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/3xoxqwipvnu17573xoxqwipvnu242023.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 578965ae5a48d304cc59eb5ee7d59d8a
eca74e06d97e3eabcf5ec629d28b24aea5d7a450
6b04427cbe4bdefd34955694afdf2b266156d56cbe06574729a02e83edb1d46c
GET /upload/vod/2022/09-27/17/3xoxqwipvnu17573xoxqwipvnu242023.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 9271
cf-bgj: h2pri
etag: "d6f0f8b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKzUUh6J4kc9959FiUYaZvHAv6RrpsUCQp3bPuLB7IZymLOVHKlA8EODhKbrq0fhEHpsyVSQPFBJw%2BBZbAvAXoSaSwKo1%2FT%2B%2F2NqOeGxUHdRLoupPLp40vwOcO8BFNYhuMZc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba5751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07d5f72cc92bb2cc771dc60c4726af12
051c83e921dbc3dbf74bd0d55581148d6fbfaa08
b6f6ba3313c2a281147a996e9b9f869c43bf0f85fe3fac534dbac6e44bc89ad8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B6F6BA3313C2A281147A996E9B9F869C43BF0F85FE3FAC534DBAC6E44BC89AD8"
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=87
Expires: Wed, 28 Sep 2022 02:41:19 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-27/17/hnh2vcc4str1757hnh2vcc4str232021.jpg
172.64.141.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/hnh2vcc4str1757hnh2vcc4str232021.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b01e47660b37b4d8345f46152dfe13f0
6065d8e48a7647ff5289cdddb1f4d5785fce7b9a
679645af6293aef13604586bf14f1ec853cab2e40ce2fd572d37d7fc5fe1edd9
GET /upload/vod/2022/09-27/17/hnh2vcc4str1757hnh2vcc4str232021.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 8536
cf-bgj: h2pri
etag: "71a7858a57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URZyk%2FQwwoj1dOLmkEoNy%2FwSW7z9NZer70ntDnMzegvmtPzBLqqWjF23%2FNJDZwO2uxj9CllsBtQIpxQdvdE2soXJPFGazP9axhlTJAoG0sdHhLD5o377WRKWkrkG4tR77XxG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba3751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/llsd5iis0em1757llsd5iis0em012019.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/llsd5iis0em1757llsd5iis0em012019.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7e0eff8a9e6c57afddf5cf30528e9e4a
e18d4fa87f65f687f2b7e8e9ad255780a7038af4
c10929ed59e8b47e83c2bd35e4c96fb339084344cdc6f1f2c1bfce5491003c0f
GET /upload/vod/2022/09-27/17/llsd5iis0em1757llsd5iis0em012019.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 10259
cf-bgj: h2pri
etag: "a629747d57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6934
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEz6X9AgoEStUKUPwAbzm%2FS0%2FpUmj7hYtkXFv9JjsD2UCWwOhnMJMtemGWxTnO8vI4CgJ8%2BP0MJtHz7SdwWvehRlN4OOQoQMXf2b3TcBP%2B95iajISpe10ailPZdV%2Fga2p0lR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba0751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/1zslonnqeiq17571zslonnqeiq262027.jpg
172.64.141.29200 OK 5.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/1zslonnqeiq17571zslonnqeiq262027.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2f796b1ca4745e10fd136fa5e0350cbe
c5d1e00f44a3a0f2aeead666b992f90f64ac24a8
cddf6de5ac156a12a4ec124f2c468c4cf72d4f7096131b68257dcae4b3615b1c
GET /upload/vod/2022/09-27/17/1zslonnqeiq17571zslonnqeiq262027.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 5310
cf-bgj: h2pri
etag: "a5ca1f8c57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp5l6qGE7gXVZdB02M4QzE9uCqrCCc6RW4kvc%2BbocP8zrO%2BqEQz1PZSryiwBaU1vWtThjHMOIYKuTgvNOqQE%2B0Lg2eLAaLwcQM48fivDv3KVlxlnr230bIThTjFk5rZ7cV2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6ebba7751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/fif04f2i0zp1757fif04f2i0zp292035.jpg
172.64.141.29200 OK 7.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/fif04f2i0zp1757fif04f2i0zp292035.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 438250c827172532182588bfa2918de5
81b45912a4a87bd5b0251c7a40dd3920b895925a
1fd64264d79e6103844061654fbf731b8d868aaa3520e7eded96f61fe2dc6b97
GET /upload/vod/2022/09-27/17/fif04f2i0zp1757fif04f2i0zp292035.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7180
cf-bgj: h2pri
etag: "49c4478e57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHsLk74SyHBLQN63nE%2BwTOrT%2B7Xm3lCQ2VHepYXXXc6QXcKHV6dt0g8sxOSIScn%2F40pu3q1Fp6zQdteujKalu7TWhft7TxOILum8JWNxz54G5Rb4wuPKZ%2BkN487XkGU0LYhM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6edbb9751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1107038770&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=5929&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo259.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1107038770&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=5929&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo259.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1107038770&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=5929&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo259.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Sep 2022 02:39:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=ABF19194ECB778E3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b0aebe2fe2f9b00f8c160ae3c301493
8980181a012dca8955937c7ec5610b24a2dc844d
3e8d81f35515f320f58058c481ecbbce57497a765722f39cd8e008999eed81cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E8D81F35515F320F58058C481ECBBCE57497A765722F39CD8E008999EED81CB"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16977
Expires: Wed, 28 Sep 2022 07:22:49 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-27/17/tfevae2tblz1757tfevae2tblz302037.jpg
172.64.141.29200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/tfevae2tblz1757tfevae2tblz302037.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e420731203b3e4db62494de1f04d119f
c90e4956fa7a46490806bb648651a2251866ba66
5b625e7434d2d44e985e5f4780cb6744ae475c7441b46380bfd3b112d833d1f7
GET /upload/vod/2022/09-27/17/tfevae2tblz1757tfevae2tblz302037.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 6900
cf-bgj: h2pri
etag: "6c4fcd8e57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRspjbp4SJhgDy%2BkPowjF4Dmy6RDdZ1qmSkS86GW8qfY0ujM0MUpaPjK16kD4sfrkJHRHknndNaZpCRbkq2Cn6TTgL3pX0eKEKn2HCndjdSGN9YJfntNigoVqn%2FkAZetJV9j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6edbba751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/dr3ang5xrqx1757dr3ang5xrqx312039.jpg
172.64.141.29200 OK 6.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/dr3ang5xrqx1757dr3ang5xrqx312039.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6246dd2bfd335e9acff586d61d04b42c
bf84bab210231186e38242e5d7091ad0ac81455c
aab4afb45d6780ed8dbd0f8cdedf736371519505686f3bd68a4a04f0ba7b1200
GET /upload/vod/2022/09-27/17/dr3ang5xrqx1757dr3ang5xrqx312039.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 6316
cf-bgj: h2pri
etag: "dd76918f57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t66JEMX4RKzkJwN6TTw514477tVnFts%2FGvT%2BbyVda5bMo%2Fs0E1RYvPaTsbD9I0h216vcdu0JBIUgy4RMF0vR3UuMVETVZ%2FF7upgGqu1rRTSMX0aBbrch%2Fu2sLkCRlh56BAc%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6edbbb751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
104.21.87.253200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 14 Oct 2022 16:46:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 1158832
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbRVnreq%2FJ51GOuTxCfuCY2B2BYgj8hTcHNF2Uyblfwyud24z3xGqiEUYb70GW4ftfJUn1ZhhQDJFQkRJmi7Aiof%2Fir%2B5oUbCY0duum0KqosIh99BN0gbkYwDZ9j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f1883b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/nlfb4tqtwje1757nlfb4tqtwje322041.jpg
172.64.141.29200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/nlfb4tqtwje1757nlfb4tqtwje322041.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 52b946a6dfd0d9fc9b792af32df973c2
8c262e25fbbc3cc3039cb1a600d0fb4700954374
d7d7c1dae63fa72e9133722f0ef4efcafa9f69081a29650fdade0bd611656d81
GET /upload/vod/2022/09-27/17/nlfb4tqtwje1757nlfb4tqtwje322041.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 6858
cf-bgj: h2pri
etag: "da5d199057d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPeebDFPd8EX78FFQKksDDBkNcguqq%2Fr0j5PqUEdGlXrdnBGHtsf2Va%2Bl5vCiThmu3HvtiMVhpAkv7cceHKPHhStzKJgN0fiDR25DG%2FMFUVKKZESHEmjOe3QNd4o3LApkhfq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6eebc7751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.3.157200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.3.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 9775024
expires: Sun, 02 Apr 2023 02:39:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f3ba9b4eb-OSL
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/bkz0loo0enw1757bkz0loo0enw332043.jpg
172.64.141.29200 OK 8.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/bkz0loo0enw1757bkz0loo0enw332043.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 64ed6c77f08a633f04c90b9b05391726
fe4dbc35497979530ddec378f3db3a892e55ae8a
52551497c80bc06231b864a43bd29c6c0fd992fd4cab79a5ccbee9cb85471666
GET /upload/vod/2022/09-27/17/bkz0loo0enw1757bkz0loo0enw332043.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 8051
cf-bgj: h2pri
etag: "766da19057d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3744
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAsZQeOpMIZi8UK%2FEQeB5c3%2FDQGMuAUM9Rsf4M1RayXCqzprwwEsKZmZfRsgY8EaA%2Frir7UGIFmH8MQAo1LoR0k3NsB4fvPsbQkYD5%2FfsOQn3k%2BqkaqZTiWpnwUEoOGq3qoa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6efbcd751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/33wdgav2eit175633wdgav2eit592015.jpg
172.64.141.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/33wdgav2eit175633wdgav2eit592015.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 36afe8412e9f8dc6635300f304c3b364
000b9d6cca67fac5fa5c89bb552006bbc6681a93
2f1ab21baf4187c8912899052afd668faed7e0f0a2a88e085bc3102335976942
GET /upload/vod/2022/09-27/17/33wdgav2eit175633wdgav2eit592015.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 9284
cf-bgj: h2pri
etag: "9926407c57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6766
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRXQv8x2pANoB8IDhDVYVyr8ZpY76IO0MkXCyIKGKfY1ZFIhD4%2B%2FNacwrkXOFE%2Fj0cbAd%2FAYOVCC5xDSpvKm7O9oVTLITQ35x5cCS7bh0qCphYQbR9UHaaxHDM7%2BR7JW71lq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f0be6751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/hzssucu23f21756hzssucu23f2582013.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/hzssucu23f21756hzssucu23f2582013.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b097b03221c466d38123bb39d20ea3cb
fb5d86fd8d42984ea4f75f997189b987461ff4d8
dfc2c59f118d8d5ab0aa517d7fe93d8429a5c6a335899046753c46a79e4db637
GET /upload/vod/2022/09-27/17/hzssucu23f21756hzssucu23f2582013.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 10120
cf-bgj: h2pri
etag: "68caa27b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6550
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzpG32hgmuDdsY8MneS%2FzoXrQUMlKFhZL2zOgNSRLg%2BBQLATVJTUjkn4efpgxtUK1FvkOMFEI1nH996jrdNt4VUSRwMstnW%2BjDnUdUtXeD%2FEwqlGycZA8i26bD%2B%2FYN2BI3Su"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f2bf8751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg
172.64.141.29200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f4bab094ccb57f383d6851a27ceab44a
01d5919434ae4e454e9aa5ce18d37f78c6dbbc2b
2ca9b7b6c8ffc502d9444ec6bf1afa1b577953a20966a7233a01c573b9658cb2
GET /upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 6892
cf-bgj: h2pri
etag: "af451d7b57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BplQv2qAZu6d%2F8IU22KS%2BdPUrqFWotiz18KaX0E1GbZ51q1IdRuTxSGtL4vxMD1bMYM1DhJF1eOrEmbI%2FIfpirqB2wdwMDa4FIX3JxJx61yGV7t%2BL5XwNe1xiE0TciiqEh8g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f2c02751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/ka14vbykt0i1757ka14vbykt0i002017.jpg
172.64.141.29200 OK 7.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/ka14vbykt0i1757ka14vbykt0i002017.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2d273d2bf550f509bb6f7330e99e8805
7f416fb01791af6bb83647c5831997639c06ec3b
dd8d35f8982f021faa982befe6eb008c3f9c30345c9cfe18557fcf890c289693
GET /upload/vod/2022/09-27/17/ka14vbykt0i1757ka14vbykt0i002017.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 7162
cf-bgj: h2pri
etag: "8dade97c57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:57:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ9rghRujbV5lSywOvmwBQAwn%2FjVKTkAjj%2BmRzIOxcAsxnWemUNJ0l6CeTeZa8FlbM5J446THpHJrR27Ha3lsDh3ESwsiZSjbZe5LzDdXSTzr2zYuGp8bkcJDvpQuLrK3698"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f2c01751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhmm.com/6892b6757fb0f8e93061d1d64c928583.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/6892b6757fb0f8e93061d1d64c928583.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6892b6757fb0f8e93061d1d64c928583.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/6892b6757fb0f8e93061d1d64c928583.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg
172.64.141.29200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 73a0a214ec3b4df5e434f78c0aa56261
e89c4665dab49613fda2290b61a27b81146f2adb
9bfe184966ddc75ba01de4d40d07fdc92e1f1ff6221a67d4193c1b1b6b273342
GET /upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 8858
cf-bgj: h2pri
etag: "2e9a907a57d2d81:0"
last-modified: Tue, 27 Sep 2022 09:56:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6934
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qac2BzGBihRZ256LCU3SqueFHegX%2BPnME9yER58VhNWfEJO7kcXlHoU2eWkI2zp566rGA870FT0Y8rMEuGdEobInVBIARZuQIos9g%2BaJNDoTOp5bBPT8Pk5hc9ZYSyUWzV3a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f3c0c751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
104.21.87.253200 OK 845 kB URL HTTP/2 kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 845 kB (845033 bytes)
Hash 2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Fri, 21 Oct 2022 14:13:09 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 563203
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J14psBQoG5J6qPZ8dbNzYd6TGhG%2Bju7QGbDPVa9y8IQ%2Fp5D7U3jOrkNKz5G5EPas8IIu2MDtpHMQUHK7a8axwkDbowv%2BsQ%2BAirrmlCC%2F0Q1MgLVJ9g9itTG3fJoy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f78a7b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.173.230200 OK 196 kB URL HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.173.230:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 14:11:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2377725
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USwKLQq%2Bxax30nzmBFtKLePA2hWml8JUi3FJsDAWckchrocFpEMu1M%2BLsoWLelkHQ83uAj2zvEcX3qeGZb8%2FWa%2FAvTKiXDCqcgtHiZ0b7Jan56uHqA%2BXtk6ODi9s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c702c40b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
172.67.173.230200 OK 186 kB URL HTTP/2 kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 172.67.173.230:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Wed, 12 Oct 2022 15:04:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1337702
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCWdeQdSY6okUvx6uCyxnSEao0AKCyMn9ZpvW6FaB9l1MfJOpaIfzEjqRVXwFvtL7xRYbIRRQ5wnaQwH2lSmnYV2MHWwK8W5SECJJ136NBUj%2FD5dus7%2B2e4Zv%2BJR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c703c47b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/08/3ke5ok1jbgx.jpg
104.21.235.63200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/08/3ke5ok1jbgx.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b1d4c78fe5724e627bf246d7c4009f0b
4f90546e69d37aaa773bc31478bb216ba031d33a
8aa065fc37eda7eec567cf6fb6d7ab051bc68e6de1a50cb810c757e82fd482b2
GET /upload/vod/2022/08/3ke5ok1jbgx.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/jpeg
content-length: 8844
cf-bgj: h2pri
etag: "62fb1996-228c"
last-modified: Tue, 16 Aug 2022 04:14:14 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF%2BryRjwJJRFjJQQNMGzVAuri16fjpm8oMnCSTjcYUtkonioa7mZsptT%2BWNv2VPDJA38%2BV8aSnKAMYFK1jY%2BDm6nrfCUJFqfKrW7iBSQ4QKTsLPcNpm1pkA54qTCJdWkrFaq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6e9ad7dc25-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 68cc7cb36e485a42f8e73039a1e740b5
0fdce649e50f6889839f4043b812368de86ec3aa
b512c9ce3bd4d9c8feb631338f2295307c903bba7d8e14fa86b8ff9530cc2a70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:45:16 GMT
Expires: Sun, 02 Oct 2022 03:45:15 GMT
Etag: "0fdce649e50f6889839f4043b812368de86ec3aa"
Cache-Control: max-age=348922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75191c7018d4b515-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6be2bc171d36497edd0c26546b007920
1611505aeb191ae571306a6f24b403bd5d23bb4a
fa3b7757680a46383529337d18c008cd2abe5d1a4c88bd18072e2bce53cf85a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA3B7757680A46383529337D18C008CD2ABE5D1A4C88BD18072E2BCE53CF85A9"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3349
Expires: Wed, 28 Sep 2022 03:35:41 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9b1df4bba6e8b5f0dad58628de922d39
69bfcef4baa6568971c21912551b71a5a739655f
c3fcfe9b2981fbabac89d1ee561f8834bced1e274286058ea34d8c9cede8da13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2734
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Last-Modified: Wed, 28 Sep 2022 01:54:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9b1df4bba6e8b5f0dad58628de922d39
69bfcef4baa6568971c21912551b71a5a739655f
c3fcfe9b2981fbabac89d1ee561f8834bced1e274286058ea34d8c9cede8da13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2734
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Last-Modified: Wed, 28 Sep 2022 01:54:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6be2bc171d36497edd0c26546b007920
1611505aeb191ae571306a6f24b403bd5d23bb4a
fa3b7757680a46383529337d18c008cd2abe5d1a4c88bd18072e2bce53cf85a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA3B7757680A46383529337D18C008CD2ABE5D1A4C88BD18072E2BCE53CF85A9"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3331
Expires: Wed, 28 Sep 2022 03:35:23 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:42:24 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Fri, 28 Oct 2022 02:42:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9b1df4bba6e8b5f0dad58628de922d39
69bfcef4baa6568971c21912551b71a5a739655f
c3fcfe9b2981fbabac89d1ee561f8834bced1e274286058ea34d8c9cede8da13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2734
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Last-Modified: Wed, 28 Sep 2022 01:54:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
104.21.234.40200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Thu, 27 Oct 2022 14:45:30 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 42862
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGpagPDgUXXDl%2BaYLGBRgZfPvLqeCn9eqT3482Phx0cB%2FIDXBwmpwS4rCqmKPg%2B3oY91OjIrdtUYcJIXRWnO3OKNL%2BgbExb5UKo74cWBEmUAXWCIJZ1kIAxzaztR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c70190d7196-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/56cc11988c765affc4cee39616e412ce.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/56cc11988c765affc4cee39616e412ce.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /56cc11988c765affc4cee39616e412ce.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
47.246.44.224200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 1584001
x-cache: HIT TCP_MEM_HIT dirn:4:445671516
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516643327923821429e
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.145.194200 OK 43 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
47.246.44.224200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 09 Sep 2022 12:52:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 12:36:51 GMT
nw-session-id: 202209092036500102120750882371BE55ws9ph03dy
nw-session-trace: 2022-09-09T20:36:51.042624887+08:00 134
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 20:36:51 GMT
x-tt-logid: 202209092036500102120750882371BE55
via: n150-050-027, cache2.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017e264c470a200c75817d19215f4f0c4d0c8fe4cd833078a3f0c923d0a53a9f07ec897dc1eeece2414131fc93f86377bc0ecb7a9a69ed94bc789d2202a9035b0ca00f56ecb22ede539d03b4ac81b2968e5922b058dc71ca04727c531b7e170b9e
x-response-lb: image
ali-swift-global-savetime: 1662727978
age: 1604814
x-cache: HIT TCP_MEM_HIT dirn:11:449964729
x-swift-savetime: Fri, 09 Sep 2022 13:44:21 GMT
x-swift-cachetime: 31532917
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516643327923951439e
X-Firefox-Spdy: h2
kvhnn.com/bdb76ee62e2d3b0527928af1d081b9c5.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/bdb76ee62e2d3b0527928af1d081b9c5.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bdb76ee62e2d3b0527928af1d081b9c5.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.40200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Wed, 26 Oct 2022 13:11:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 134891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a9%2Bj5BScZvED8810aQpdT%2FZAjDiazwB2V%2Bz91LRyAp%2BXRgOjr3IQDbL3ExAGgEEgL7y8mSWBV%2F88ipVbx6%2FhuCxS19k5YrnC1vp2W8KS5jqw85UST%2B%2FxEms2Yjd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c7009087196-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo259.xyz/smbaidu/dibu.js
104.233.145.194200 OK 730 kB URL HTTP/2 www.niumo259.xyz/smbaidu/dibu.js
IP 104.233.145.194:0
Size 730 kB (730115 bytes)
Hash b70452ca0ac09b7a46e1c60a143e48c1
bc58fd7ec3965188d06235456fe0bb277c89b2bd
35519866ffe0fd27058074f540ff551df3edb259bfcba08297ec7dec1f6660d1
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
104.21.87.253200 OK 383 kB URL HTTP/2 kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 383 kB (383218 bytes)
Hash 4c8d1145a8990f5db374bf490eaaedf3
20a774fba3e70db44f9b247c9cbc36717d1bcb54
a692017bfeefe2bb565d2148c962984df0022cf636e6bebce0d9bfff5dae26aa
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 383218
last-modified: Fri, 16 Sep 2022 11:54:31 GMT
etag: "632463f7-5d8f2"
expires: Fri, 28 Oct 2022 02:39:52 GMT
cache-control: max-age=5356800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LfvGpUm2Ps6EhL3MAHdWGL0uwKs%2BKznMqv1ECVezRuni%2By8PwnWp8txdoMG0obNLHZCU5RIwCq%2BaVcg6dA1e%2BPWgANac3oA3VOM6w9XzoZ3wrRTyS2FFi8odwFL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f78a1b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/6892b6757fb0f8e93061d1d64c928583.gif
104.21.87.253200 OK 632 kB URL HTTP/2 kvtfff.top/6892b6757fb0f8e93061d1d64c928583.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 632 kB (631561 bytes)
Hash 3f42f2df90e27b898b08582565a969c8
087d1c347a7487c3e39577d9efab43ad356256b3
38e5afb7feca7b7afb5e313019d20775b16c9ba1a833ae039a26cf1c9da3e8e6
GET /6892b6757fb0f8e93061d1d64c928583.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 631561
last-modified: Fri, 16 Sep 2022 10:25:54 GMT
etag: "63244f32-9a309"
expires: Fri, 28 Oct 2022 02:39:52 GMT
cache-control: max-age=5356800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efBAybWLPS%2F%2FIOGbPft%2BVzBgpZQdjyDLCW15vRDyrz6aCe%2BQ3ooUlajg8TQvea9fsk%2F1wnjyOL5%2BYof9sY1JBU6ONMZ5zYLlO0Wqx5E7FibZoH8V32KDrF8AP7kj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c6f78a3b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ad2e7a0d642c4a92ad3177c91a2ec1c
bb01ca4311cbe78ed129ae23bc46e8382ca09075
74fb2177977370b12531a9c899268da4e6d4d1144d5784b70bddc720d34d6a46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74FB2177977370B12531A9C899268DA4E6D4D1144D5784B70BDDC720D34D6A46"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13046
Expires: Wed, 28 Sep 2022 06:17:18 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.151.21200 OK 400 kB URL HTTP/2 acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.151.21:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 19 Oct 2022 00:30:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 785385
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTMDG78z7b7udb7aJMNNHAZXxzXT2ZvcjcfdaYTU6EYwnu3EsayYazs%2BE3xqm9T1dtJe1PR%2FJPy60YuWjWmcGfdEV3%2B%2B78NvKqUM4gT2bsqYxACAyOsBYVSiI7RRzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c720cc0b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d1402a1256f1e6066ed1ba841348d6d1
3fa3dae333c1d1937882817f96790a2d24c7e2ad
d0445943efa5aa5df019b336b9fe9620f5b910b62d105b37102e8f6d314dc187
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Oct 2022 22:55:31 GMT
ETag: "3fa3dae333c1d1937882817f96790a2d24c7e2ad"
Last-Modified: Tue, 27 Sep 2022 22:55:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 767
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c726bbfb506-OSL
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 4b4139f174d8d4ebdd9623db1353db01
aee80b6f621f1021471e6356ada7d4bff1ff347c
c5edf4785268d3c772fcacce0986b1367ea117604800fb8b028928538cd00964
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=257
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
X-N: S
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b8262e3c007a2f0a64645890428f4f1c
1f81e024e87db975d75418a50168ac6cb2bae7e3
0d27fc0a4b8325f0c0f91384711332abef039e4ec464ee6e744e37ff93de549e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:48:52 GMT
ETag: "1f81e024e87db975d75418a50168ac6cb2bae7e3"
Last-Modified: Wed, 28 Sep 2022 01:48:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c726ff6b52d-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 44c5ea75a5d57da8d87fcf4f748b994f
a08d5648f81facced0d6f8bf70a018be49859223
8cf9220af57d08d2538c76b8baa4e61601b06546745bf444a6f64e3fa8fe2ab6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8CF9220AF57D08D2538C76B8BAA4E61601B06546745BF444A6F64E3FA8FE2AB6"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2889
Expires: Wed, 28 Sep 2022 03:28:01 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c9606ae94437071ccaf5fa9561651f5
1f22fada3e0ab9c363e09eb328500c8e9acd13d5
2c27272928c6f096fcc6dd9c9a43c72eb465bb0805e6f2a05fd13d4ef838cef5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2C27272928C6F096FCC6DD9C9A43C72EB465BB0805E6F2A05FD13D4EF838CEF5"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2006
Expires: Wed, 28 Sep 2022 03:13:18 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.28.152200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.28.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Fri, 30 Sep 2022 15:19:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2373603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDj5tFRCvpN5WxFi5Ah9dSpS%2BTugRS4knjS9nW%2B1nIlrHpmnfrL2ZWH%2BX4XaZIaVxnT7UYHtS1c%2BgNMg6IzyaIxNY2M0hagXe5vSdduJ9UVVgL%2BgThgrdDAmpXAc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c72cad7b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c50768041f7e90bc8b4f2511afc0c29a
2fbd7683fa42ccfd19d489386bf9c45cbc18d0d7
b4bc1359c421d3b03239117d6449dc0b692299e3c0050fb8466655eaf39c4ea8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Server: ECS (amb/6B73)
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d36a1d8c944c236158b658010d0badf6
460995eb962d6b9e757db18e20478ba774f7fed7
d2930b8dbe1668b3f90977978d57599c2a575b64b567e7342d96e05579599188
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2930B8DBE1668B3F90977978D57599C2A575B64B567E7342D96E05579599188"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10735
Expires: Wed, 28 Sep 2022 05:38:47 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
kvtlll.top/c98e6b8a78369517d4778f40b8b6225c.gif
172.67.185.29200 OK 462 kB URL HTTP/2 kvtlll.top/c98e6b8a78369517d4778f40b8b6225c.gif
IP 172.67.185.29:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 462 kB (462290 bytes)
Hash f8f33af09970d8c52ab594834d474e25
af4a752020ab9d65f09bd8e0095e4198b2505f91
ac0e126cc3a577c4aa1a09070c61ec524ccc8abf1d0912a554c0d91d30eb721e
GET /c98e6b8a78369517d4778f40b8b6225c.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:52 GMT
content-type: image/gif
content-length: 462290
last-modified: Sun, 07 Aug 2022 13:16:57 GMT
etag: "62efbb49-70dd2"
expires: Thu, 27 Oct 2022 15:55:36 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 38656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjpq9EQvJQxybR27mJ0qFqtY3kb3jG9fSOanZNn4Iee53xLVZzql1t7e4AnwoIT3ByB3WjOlMfJtE3q0sv%2BzW5h4fSKBTpa6JaxoTwo2%2FRVQxXgnARK4hYEPVOry"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c732b630b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.145.194200 OK 49 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 44c5ea75a5d57da8d87fcf4f748b994f
a08d5648f81facced0d6f8bf70a018be49859223
8cf9220af57d08d2538c76b8baa4e61601b06546745bf444a6f64e3fa8fe2ab6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8CF9220AF57D08D2538C76B8BAA4E61601B06546745BF444A6F64E3FA8FE2AB6"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2889
Expires: Wed, 28 Sep 2022 03:28:01 GMT
Date: Wed, 28 Sep 2022 02:39:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cc80c1751c8c70440e6f05a168d2e3c3
c60fbae66a7dab3fd7e00b9a76e12cfc512f5cc1
c91dd9fee8e8283a97bfba80ac68e61026752f257f6f3821cb78d58828dd8834
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Server: ECS (amb/6BB2)
Content-Length: 279
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash c62fc17e83b7769f98a8b2fa4ba3a4cb
88c29403226ec837138266886855c7df36ab5b88
8040c68d77396d09578dd6d5d79dc3224748b23214962743b09fdc168595ab7e
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
104.21.55.74200 OK 224 kB URL HTTP/2 nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 224 kB (223983 bytes)
Hash 7954e8c77b425e4e872c267c1428cb59
9a107ff658a34cc89f84bdda9e52b831d8f377b1
9522a5366e80b1acc16d442bcc96ccdcd265603fe7fb6a8b58217c7c4386c0cc
GET /e27e16f06bd973f89ff8eb016904fb5c.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 223983
last-modified: Thu, 22 Sep 2022 05:35:38 GMT
etag: "632bf42a-36aef"
expires: Wed, 26 Oct 2022 10:28:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 144685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMY2jLuvXRXgowLT6cGY7QyP8M%2BAxZCiDjeKEtPEbT2yFaAEz8iXcZ5jpxVP95XV6zJEN%2B%2BDZWxYL6YjXvR8QM7a0iEsr13U2hfQililvbk6ZS%2F49MgpKWo%2BpwX3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c745ba90b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
188.114.96.1200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Mon, 24 Oct 2022 00:00:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 355160
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDL3Kn%2FZnp9PbP6aNR1KootAeRWi%2BsvZWL%2BlVLj1x%2BP%2BuK%2BTkDr7AxWKrq%2Bl4yFbwwBHrHfxp8Q3CmOj0iKSg8TsdnNnndm66EtvUDSbsmcunZY%2FeF0Z3pbLzrzD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c74af51b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d339f3e23e84375c718fd827c25784e9
859ddd5ee2a540cfcb7f1186e87282c6be43ee9d
3b5d6a4437eeb97685e027413254c7d2a68433520fa6afcf0d38fd705a090d28
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Oct 2022 22:33:27 GMT
ETag: "859ddd5ee2a540cfcb7f1186e87282c6be43ee9d"
Last-Modified: Tue, 27 Sep 2022 22:33:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2774
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c748c7ab506-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d339f3e23e84375c718fd827c25784e9
859ddd5ee2a540cfcb7f1186e87282c6be43ee9d
3b5d6a4437eeb97685e027413254c7d2a68433520fa6afcf0d38fd705a090d28
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Oct 2022 22:33:27 GMT
ETag: "859ddd5ee2a540cfcb7f1186e87282c6be43ee9d"
Last-Modified: Tue, 27 Sep 2022 22:33:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2774
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c748875b52d-OSL
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash c62fc17e83b7769f98a8b2fa4ba3a4cb
88c29403226ec837138266886855c7df36ab5b88
8040c68d77396d09578dd6d5d79dc3224748b23214962743b09fdc168595ab7e
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.145.194200 OK 25 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
172.67.166.91200 OK 469 kB URL HTTP/2 kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
IP 172.67.166.91:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 469 kB (469238 bytes)
Hash 77dc9f46896736ff82652d425e3d7c0c
a0456a2a8328e68ece702aa5f25429dc5d1d1a65
72df92f0ecdf69f4101ef47f405351d754fe3ad3ded507d368a15e606e6f25d6
GET /56cc11988c765affc4cee39616e412ce.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 469238
last-modified: Wed, 14 Sep 2022 07:32:35 GMT
etag: "63218393-728f6"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 1163828
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vHFKk6jD2Rdw4OKDiu4lPd%2BoSK32llIl%2BBnWBNENAYOfGyuQJzLvijYnFwx1ZrSsQz3jZO6azvpXA5ujsBA%2BDM9ho3LPC6641iS%2Fkdlq9q4bUt11lE9ur9tsBFP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c74fb1a1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
172.67.166.91200 OK 214 kB URL HTTP/2 kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
IP 172.67.166.91:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 214 kB (213726 bytes)
Hash 81ccccc41d243817a1410c75dad08ce4
9b3915c9ca4f109febc0316fece6de5920daf5fa
82782b1bc275199a4dbf88991a53a8fb4ec9e15717e5a8f3bd8dd39245cb665c
GET /bdb76ee62e2d3b0527928af1d081b9c5.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 213726
last-modified: Sat, 24 Sep 2022 08:44:56 GMT
etag: "632ec388-342de"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 296023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8Y6FVV8MdFjJQNpC2K0kHuEKfwLMVg%2BLdT5tOQwC8%2Bv9QO1alYzQkEkjX1TsS571VC5u0fVW54%2Br4uZMv72lluy3KVZTx06DfVWrExCt8wgUEqUb7fG7jJip50Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c751b231c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a72b28916ac5e7a56638ed2fc9a665a
1e23740c08c3cab42d31ad1abfa90ace0b066526
8a6f4a83ba20fe611fb65271a3ed62cfa52524aeb01d633ded5ff76d3f7c4c7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A6F4A83BA20FE611FB65271A3ED62CFA52524AEB01D633DED5FF76D3F7C4C7D"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=203
Expires: Wed, 28 Sep 2022 02:43:16 GMT
Date: Wed, 28 Sep 2022 02:39:53 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c9606ae94437071ccaf5fa9561651f5
1f22fada3e0ab9c363e09eb328500c8e9acd13d5
2c27272928c6f096fcc6dd9c9a43c72eb465bb0805e6f2a05fd13d4ef838cef5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2C27272928C6F096FCC6DD9C9A43C72EB465BB0805E6F2A05FD13D4EF838CEF5"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Wed, 28 Sep 2022 07:02:15 GMT
Date: Wed, 28 Sep 2022 02:39:53 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 039f9a6d8e384e8d85ef6236b58e25c3
e8ae00e2ab74fbde0d71f1d6d47417a3a076efda
dab04f609e1c5f7a7bed6adf390fc2c8e6cff8d77267d442f9c7bbf09b9c655b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 02:59:53 GMT
Expires: Mon, 03 Oct 2022 02:59:52 GMT
Etag: "e8ae00e2ab74fbde0d71f1d6d47417a3a076efda"
Cache-Control: max-age=432598,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75191c74db22b515-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d339f3e23e84375c718fd827c25784e9
859ddd5ee2a540cfcb7f1186e87282c6be43ee9d
3b5d6a4437eeb97685e027413254c7d2a68433520fa6afcf0d38fd705a090d28
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Oct 2022 22:33:27 GMT
ETag: "859ddd5ee2a540cfcb7f1186e87282c6be43ee9d"
Last-Modified: Tue, 27 Sep 2022 22:33:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2774
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75191c750ca3b506-OSL
acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.235.53200 OK 1.0 MB URL HTTP/2 acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.235.53:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: acoossz.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Thu, 27 Oct 2022 18:22:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 29847
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph1wzXmDlzkZQqrvw2gJMceFqX1CSOVH8d%2B0o7cklA06qLIMIUaSjngSqSDMM1cw%2B2wNZdSk%2Bu0e4qR8TzNoFZk23ws06y8mQQmaizOzgjNFRStz4GT8hjXgi0eNMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c747a5c72d0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 83556434c1b843a6d433325b08ec669b
872d86d6f7c0fbe24559c9108ef162474b763630
40c455d92a92d5b7bd83c80591b67caec5386b7223e3bb426724e8d0094b3553
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 18:43:04 GMT
Expires: Tue, 04 Oct 2022 18:43:03 GMT
Etag: "872d86d6f7c0fbe24559c9108ef162474b763630"
Cache-Control: max-age=575589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75191c755b5bb515-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c50768041f7e90bc8b4f2511afc0c29a
2fbd7683fa42ccfd19d489386bf9c45cbc18d0d7
b4bc1359c421d3b03239117d6449dc0b692299e3c0050fb8466655eaf39c4ea8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:53 GMT
Last-Modified: Wed, 28 Sep 2022 02:39:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cc80c1751c8c70440e6f05a168d2e3c3
c60fbae66a7dab3fd7e00b9a76e12cfc512f5cc1
c91dd9fee8e8283a97bfba80ac68e61026752f257f6f3821cb78d58828dd8834
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:53 GMT
Last-Modified: Wed, 28 Sep 2022 02:39:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
45.89.209.74200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 28 Sep 2022 02:39:52 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Thu, 11 Aug 2022 12:14:09 GMT
Connection: keep-alive
ETag: "62f4f291-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash c62fc17e83b7769f98a8b2fa4ba3a4cb
88c29403226ec837138266886855c7df36ab5b88
8040c68d77396d09578dd6d5d79dc3224748b23214962743b09fdc168595ab7e
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
45.61.212.47200 OK 1.0 MB URL HTTP/1.1 66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
Analyzer Verdict Alert quad9 Sinkholed
GET /e0b4ad53309b4c0980b2ceb461415106.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2749-f90bb"
Date: Tue, 06 Sep 2022 01:45:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:33:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 1020091
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=346777,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75191c75abd20b4d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=346777,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75191c75bb80b515-OSL
collect-v6.51.la/v6/collect?dt=4
139.9.63.194403 Forbidden 0 B URL HTTP/2 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 370
Origin: https://www.niumo259.xyz
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Wed, 28 Sep 2022 02:39:53 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.niumo259.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6002716862b3e1ab6411c387a90a6576
eb95d2eda8269a4d491fe01930a92ab76c403f57
a016e2e13edc26e64add9958275cc134c2bfc1b120320c545a822f3367a8036d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A016E2E13EDC26E64ADD9958275CC134C2BFC1B120320C545A822F3367A8036D"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Wed, 28 Sep 2022 08:39:48 GMT
Date: Wed, 28 Sep 2022 02:39:53 GMT
Connection: keep-alive
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
20.239.191.22200 OK 212 kB URL HTTP/1.1 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 20.239.191.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212090 bytes)
Hash 7748134fdc0cc1835a47a2e1f3f3f18e
45c533fb73f4d6cc4f882fdaa1bf8c7cf72c6cb6
ae6f83fd285258413481d2a4a15128dd099e1369bc01b35ec35f33784ef59627
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:36:59 GMT
ETag: W/"632443bb-3f4d0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0062.com/86b4c5b5e42b447492665532b841e916.gif
20.239.174.251200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP 20.239.174.251:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6002716862b3e1ab6411c387a90a6576
eb95d2eda8269a4d491fe01930a92ab76c403f57
a016e2e13edc26e64add9958275cc134c2bfc1b120320c545a822f3367a8036d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A016E2E13EDC26E64ADD9958275CC134C2BFC1B120320C545A822F3367A8036D"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Wed, 28 Sep 2022 08:39:48 GMT
Date: Wed, 28 Sep 2022 02:39:53 GMT
Connection: keep-alive
95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
45.61.212.118200 OK 219 kB URL HTTP/1.1 95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
IP 45.61.212.118:0
File type GIF image data, version 89a, 128 x 128\012- data
Size 219 kB (218557 bytes)
Hash 4dea2422e271cea76f0e1129e96a4ab7
5c24ffa9522829ba0c163284f74a60815336c084
d3edbddff31ba83b46fef890e2e6bfd8308e909581de17000b95921d12230036
Analyzer Verdict Alert quad9 Sinkholed
GET /fd1d4490b68648e2ba933a8a6394fb13.gif HTTP/1.1
Host: 95865127529.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6329479d-355bd"
Date: Wed, 21 Sep 2022 01:56:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 20 Sep 2022 04:54:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 218557
kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
172.67.218.101200 OK 344 kB URL HTTP/2 kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 172.67.218.101:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo259.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Fri, 28 Oct 2022 02:39:53 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFdW7iUhaBFL%2Fzlj2AYtHshWyYSDZJbCeTwCAyCK7t%2F0ol9ZRVJNdcjEgZXWyrW4nE4gXXF8uN%2FQHgGU6hpyk%2FAfNzvP834O5YMQKhnmvyrYTT7gSA4IVCH2Gfg4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75191c787e0eb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.177.104200 OK 304 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.177.104:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 304 kB (304285 bytes)
Hash 230cbf723011f9f91ccc4214312245d0
55184e10225ead4ef852ec40dbb140e52552b38f
1b67ae25d6213db18947e1f8e42bc4f7dc02ae41bf7941c73395c79741870236
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 28 Sep 2022 02:39:52 GMT
Content-Type: image/gif
Content-Length: 304285
Connection: keep-alive
x-oss-request-id: 6333B3F8818A313431A6C6B0
Accept-Ranges: bytes
ETag: "230CBF723011F9F91CCC4214312245D0"
Last-Modified: Mon, 19 Sep 2022 11:04:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10033225339777913705
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Iwy/cjAR+fkczEIUMSJF0A==
x-oss-server-time: 2
616182863.com/5df7107094b446238663a2c1ff7a0e99.gif
47.75.19.14200 OK 68 kB URL HTTP/1.1 616182863.com/5df7107094b446238663a2c1ff7a0e99.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Hash 7fb729164de96495010d31173b4dfde9
48e6c18b318b6dbe66739b2a97b1ca536a260a5b
eb89dbf10519257d735db5ba0731ed566cd5b8fac2a72ffd7bd299a9e8c4c10b
GET /5df7107094b446238663a2c1ff7a0e99.gif HTTP/1.1
Host: 616182863.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 28 Sep 2022 02:39:53 GMT
Content-Type: image/gif
Content-Length: 67749
Connection: keep-alive
x-oss-request-id: 6333B3F95337553032B551CA
Accept-Ranges: bytes
ETag: "7FB729164DE96495010D31173B4DFDE9"
Last-Modified: Tue, 27 Sep 2022 08:24:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3572186298259414675
x-oss-storage-class: Standard
Content-MD5: f7cpFk3pZJUBDTEXO0396Q==
x-oss-server-time: 2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.167200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.167:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 28 Sep 2022 02:39:52 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 6333B3F8B3748439384096E1
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 648ef20a153ededf6ccdc2f43ce0fc0d
bfb8065fc357cf355dc0d3707e784340ad48bd18
61cc7fb9d5816077667f2d95c953fe6c6d8bdde993250ab7dc4ebfee89cd11af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2750
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:39:54 GMT
Last-Modified: Wed, 28 Sep 2022 01:54:04 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d25b1c279836dfdedd1976a089475477
83dcd17907235d1de9b0f86bb85f3c301ee42428
ca1db13f9dd06f8785b033a1fb745b0d3e00abcbc76f1d442c84aac2c48a4e00
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:39:54 GMT
Ali-Swift-Global-Savetime: 1664332794
Via: cache5.l2de2[473,472,200-0,M], cache5.l2de2[474,0], cache7.se1[494,494,200-0,M], cache7.se1[495,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 28 Sep 2022 02:39:54 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16643327943046303e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d25b1c279836dfdedd1976a089475477
83dcd17907235d1de9b0f86bb85f3c301ee42428
ca1db13f9dd06f8785b033a1fb745b0d3e00abcbc76f1d442c84aac2c48a4e00
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:39:54 GMT
Ali-Swift-Global-Savetime: 1664332794
Via: cache16.l2de2[236,235,200-0,M], cache16.l2de2[236,0], cache5.se1[259,258,200-0,M], cache5.se1[259,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 28 Sep 2022 02:39:54 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916643327945396461e
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
103.189.108.101200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP 103.189.108.101:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Wed, 14 Sep 2022 21:48:56 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-091
content-length: 236734
X-Firefox-Spdy: h2
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
103.189.108.101200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP 103.189.108.101:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Mon, 19 Sep 2022 02:14:55 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-091
content-length: 445140
X-Firefox-Spdy: h2
www.niumo259.xyz/images/st1dfgtr5thfhyg.gif
104.233.145.194200 OK 870 kB URL HTTP/2 www.niumo259.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 870065
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-d46b1"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 15675
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.imgtg.com/2022/05/19/hTEgx.gif
219.159.84.135503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP 219.159.84.135:0
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash 5f6b4d3008145db868bf331c0a6f4f28
65fd31d20d31dd18ae3d72c29e980d740afa0a35
f036e6508b611cd3743a3ec59adf55d37b1e4c8b6ff9638aae2704bbc202ddb8
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 02:39:55 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_cc66327bc20b66a51eb5a4064874af411664332795325; expires=Fri, 27-Sep-24 02:39:55 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: bb5b60d1b909377f-142
content-length: 596
X-Firefox-Spdy: h2
www.niumo259.xyz/images/stvf4grh65uh54y.gif
104.233.145.194200 OK 996 kB URL HTTP/2 www.niumo259.xyz/images/stvf4grh65uh54y.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 995865
last-modified: Wed, 03 Nov 2021 10:48:32 GMT
etag: "61826900-f3219"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.154.254.32200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 32227 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 07a88796-6c71-4d10-a2b2-2a23f7cfabad
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.154.254.32200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 352 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: a9171c5b-0820-4694-a9e8-6f4ed00e20da
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.145.194200 OK 35 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.145.194200 OK 60 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/static/images/empty.jpg
104.233.145.194200 OK 13 kB URL HTTP/2 www.niumo259.xyz/static/images/empty.jpg
IP 104.233.145.194:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.145.194200 OK 111 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/static/images/empty_288_144.jpg
104.233.145.194200 OK 13 kB URL HTTP/2 www.niumo259.xyz/static/images/empty_288_144.jpg
IP 104.233.145.194:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty_288_144.jpg HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:48:12 GMT
etag: "6183d68c-32a3"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
120.52.95.237200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 120.52.95.237:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:39:54 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 4530068
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=2
via: CHN-HElangfang-AREACUCC1-CACHE60[2],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
www.niumo259.xyz/nmwys.png
104.233.145.194200 OK 3.1 kB URL HTTP/2 www.niumo259.xyz/nmwys.png
IP 104.233.145.194:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:52 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Fri, 28 Oct 2022 10:48:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.145.194200 OK 73 kB URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
119.28.164.143403 Forbidden 490 B URL HTTP/2 s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
IP 119.28.164.143:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type XML 1.0 document text\012- XML document, ASCII text
Hash 8ab73b78b2aaf5f63794fa5c7c2b81c7
fdd959a4d411aa87b2175965946f710a6a017d7a
7fcc70cbc00e27523e2fd9c524e6e0ad2b2c7a4872ca6f76b3bde06f4acc71c7
GET /tousu/img/20211016/1690343_1634319306.jpg HTTP/1.1
Host: s.pc.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 28 Sep 2022 02:39:56 GMT
server: tencent-cos
x-cos-request-id: NjMzM2IzZmNfNDZjYzNiMGJfZWQyM18zMTAyZTll
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTQyYWVlY2QwZTk2MDVmZDQ3MmI2Y2I4ZmI5ZmM4ODFjM2NjYTQwYmE0ZDFhOThhMDFlYTNiMTVjOWRkYjZjNTg=
content-length: 490
x-nws-log-uuid: 4278524273034486191
x-cache-lookup: Cache Miss
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 17633
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.niumo259.xyz/smbaidu/tpwz.js
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/smbaidu/tpwz.js
IP 104.233.145.194:0
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 03:09:27 GMT
vary: Accept-Encoding
etag: W/"631173e7-5a8"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
23.225.228.34302 Found 0 B URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP 23.225.228.34:0
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.145.194:0
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 28 Sep 2022 02:39:53 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 459 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: cb156672-00df-44f4-8634-28c7bc84e94a
X-Firefox-Spdy: h2
www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/style.css
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP 104.233.145.194:0
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 18:30:54 GMT
vary: Accept-Encoding
etag: W/"6211375e-5602"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP 104.233.145.194:0
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.145.194:0
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.145.194:0
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Wed, 28 Sep 2022 22:48:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.145.194:0
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/
104.233.145.194200 OK 0 B IP 104.233.145.194:0
GET / HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=90iosm67nlvh19sicm1t9rf2pu; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.145.194:0
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP 23.225.222.2:0
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2
api.nmw43.com/news/data.php
104.233.148.41200 OK 0 B URL HTTP/2 api.nmw43.com/news/data.php
IP 104.233.148.41:0
GET /news/data.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ceo70.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo259.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.145.194:0
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 125587
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-1ea93"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo259.xyz/static/fonts/voltaire.woff
104.233.145.194404 Not Found 0 B URL HTTP/2 www.niumo259.xyz/static/fonts/voltaire.woff
IP 104.233.145.194:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo259.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 28 Sep 2022 10:48:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=gdsaskgqj0vliu3l1jcedskjm5; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/dbhf.gif
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/images/ggzz/dbhf.gif
IP 104.233.145.194:0
GET /images/ggzz/dbhf.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 137392
last-modified: Sun, 29 May 2022 19:06:59 GMT
etag: "6293c453-218b0"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
9191919199.com//960x60-2.gif
137.175.12.178200 OK 0 B URL HTTP/2 9191919199.com//960x60-2.gif
IP 137.175.12.178:0
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:41:23 GMT
content-type: image/gif
expires: Fri, 28 Oct 2022 02:41:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo259.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.145.194:0
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo259.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:48:51 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Fri, 28 Oct 2022 10:48:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
23.225.222.18302 Found 0 B URL HTTP/2 img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
IP 23.225.222.18:0
GET /images/6319d98e178bb5a0f9388071.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo259.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
cache-control: max-age=3600
X-Firefox-Spdy: h2