r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6219
Expires: Sun, 25 Sep 2022 15:52:17 GMT
Date: Sun, 25 Sep 2022 14:08:38 GMT
Connection: keep-alive
www.hdlxw.com/87/viewspace-93.html
154.81.143.212200 OK 801 B URL HTTP/1.1 www.hdlxw.com/87/viewspace-93.html
IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f88b0cd118e949e8e81986213b1f8920
0282b55fdb2714ca073d6e717b72d288c8047e24
175569f379f9f56f7957544be3978319033c0c6e004246bf7c742a802e6b0c3b
GET /87/viewspace-93.html HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 14:08:36 GMT
Content-Type: text/html
Content-Length: 801
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 13:14:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ub6mtc7w0EpMTGyVQbLlQZKWmSf2zcV2ff5UOnv8arPtExzgtNG1Og==
Age: 3221
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 96pOn7n9C7_41oGqNoqV8578T3BgnQcieTzpuHVxKnI6HK9MTvt5JQ==
age: 34404
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 14:08:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.hdlxw.com/tj.js
154.81.143.212200 OK 536 B IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 0af9d7412b5a3786ee8d6c7490176f3d
62a2fb7a049d18b1272af6c9fbc9a65af1a493c6
c9fcbffa26011916fd02694087b2af97ad42e0574fae1928a3057dd5a0b03a62
GET /tj.js HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/87/viewspace-93.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 14:08:36 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.hdlxw.com/common.js
154.81.143.212200 OK 628 B IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash f428f09f3f061423368a367ef9364309
658cd0bde399b05750a13355c3a05a6b219fe496
a7746b3a373b1e7f1656828ad16a5673fcb4c1c0fd7c3943b29c69ce9a3ab63f
GET /common.js HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/87/viewspace-93.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 14:08:36 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 14:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 14:07:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kh4dJaukwtr_7cBolaKV8Z8lx-tFUwJMwLrJ0XrqayCY3JkPb6kaHQ==
Age: 261
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 25 Sep 2022 14:08:38 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3947
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:39 GMT
Last-Modified: Sun, 25 Sep 2022 13:02:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m/4yB0jwvVXN+xzkoyhzjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HqJ3W1c5r6L1+LDQmrFpTnr0pY4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12dd7bc0cf8e2ae06fd15d81439800fc
fab18e3fbde0f89af8df6b1dd8914b4af9ce4b55
8947e8fabdc285b9c0fe1f7ddec38997510770730f888cff31c979e7b8a29978
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8947E8FABDC285B9C0FE1F7DDEC38997510770730F888CFF31C979E7B8A29978"
Last-Modified: Fri, 23 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 20:08:39 GMT
Date: Sun, 25 Sep 2022 14:08:39 GMT
Connection: keep-alive
www.hdlxw.com/favicon.ico
154.81.143.212200 OK 1.2 kB URL HTTP/1.1 www.hdlxw.com/favicon.ico
IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/87/viewspace-93.html
Cookie: __vtins__JcEwiF8NfRqfr97S=%7B%22sid%22%3A%20%224ead5b4e-735f-5a6a-87f0-863fd475952a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201664116717536%2C%20%22ct%22%3A%201664114917536%7D; __51uvsct__JcEwiF8NfRqfr97S=1; __51vcke__JcEwiF8NfRqfr97S=50c6ccc5-c3d6-5f43-93e7-ed0f5f223bf4; __51vuft__JcEwiF8NfRqfr97S=1664114917541; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%22ce807f2c-bce1-5782-8a0a-5a4109759817%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201664116717561%2C%20%22ct%22%3A%201664114917561%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=3e3b7199-4197-55c3-918e-0a8d011d3713; __51vuft__JdQpk0p36jq0lsZj=1664114917565
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 14:08:37 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 30 Sep 2022 14:08:37 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
139.9.63.194200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 304
Origin: http://www.hdlxw.com
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200
Server: nginx
Date: Sun, 25 Sep 2022 14:08:39 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.hdlxw.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
139.9.63.194200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 303
Origin: http://www.hdlxw.com
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200
Server: nginx
Date: Sun, 25 Sep 2022 14:08:39 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.hdlxw.com
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6f1db258bbb83afd9332bf5c945377d
64550cc88e313ad6a7a75d932a859ad2389918e2
5984b49a2bcd37dead90fad6a98166beda64fdd7e45efabe4490cbda1a4db8f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5984B49A2BCD37DEAD90FAD6A98166BEDA64FDD7E45EFABE4490CBDA1A4DB8F2"
Last-Modified: Sun, 25 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Sun, 25 Sep 2022 20:08:26 GMT
Date: Sun, 25 Sep 2022 14:08:40 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4f9c4f4fae1b13e05da5ffd7a43dafcf
8a43c65cd05eede463bb13d7b5b21e0f1b3f7703
a3b73fce71c46ee397fa1740a7ef257bfc8c1170e9505da85d413be32a000d14
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 09:56:53 GMT
ETag: "8a43c65cd05eede463bb13d7b5b21e0f1b3f7703"
Last-Modified: Sun, 25 Sep 2022 09:56:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3005
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504554cec81b506-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4f9c4f4fae1b13e05da5ffd7a43dafcf
8a43c65cd05eede463bb13d7b5b21e0f1b3f7703
a3b73fce71c46ee397fa1740a7ef257bfc8c1170e9505da85d413be32a000d14
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 09:56:53 GMT
ETag: "8a43c65cd05eede463bb13d7b5b21e0f1b3f7703"
Last-Modified: Sun, 25 Sep 2022 09:56:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3005
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504554cfca7b506-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8845
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 14:08:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8845
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 14:08:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8845
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 14:08:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8845
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 14:08:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 58642
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 57971
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 716068d10c9e3a16d3a8e727992f71ec
f18edf7b5080b39e00bde335c16ca0f771428e8e
5991be1a009df210adc123f9f8081f669368a3a1891305717fc40ead172917a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10845
x-amzn-requestid: b819b750-c0b1-46b1-9e6c-010912fa87b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EzFpWoAMFxdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7884-3671ba9f0fc6b3e52e25f8a7;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F8HfbDS4Ki85iwI7IgBulH70M3NwK6_-lmATgGp2myUTSlJKCDiScw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:26 GMT
age: 59354
etag: "f18edf7b5080b39e00bde335c16ca0f771428e8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 59494
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bd3afd3069904500c28e9bb16587e8
a881666627e1077859ed1941cee576caf600d798
78a7b0a2127c583aba569abace503cff376cde67d5faa9a346c1494d91e8f3cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5172
x-amzn-requestid: d366d3e0-71d7-404c-a93b-3267852824ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_T5F5PoAMFqWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f78e5-52362b5f0dc1ee8951eebc07;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ean91lOEJLzLQFKy3gBuqD_G-BVw3SMuED20W6ixdkKYvVcMatdGJA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:23 GMT
age: 59357
etag: "a881666627e1077859ed1941cee576caf600d798"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 59481
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 25 Sep 2022 14:08:41 GMT
Etag: "4078521116"
Expires: Mon, 25 Sep 2023 14:08:41 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=B39A1369B27A8706AD27AC3A8FB420C7:FG=1; max-age=31536000; expires=Mon, 25-Sep-23 14:08:41 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
www.niumo249.xyz/static/images/hot.gif
104.233.145.194200 OK 254 B URL HTTP/2 www.niumo249.xyz/static/images/hot.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7865216f440f6c92c7645b3d7792080
189c6407980953aa1ea1296d1bbd4d8a02322e5b
191d1ee8a0d5dd1fed9c6084013629e0a28db2456400d486dc2eed34c9a209d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191D1EE8A0D5DD1FED9C6084013629E0A28DB2456400D486DC2EED34C9A209D9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19633
Expires: Sun, 25 Sep 2022 19:35:54 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7865216f440f6c92c7645b3d7792080
189c6407980953aa1ea1296d1bbd4d8a02322e5b
191d1ee8a0d5dd1fed9c6084013629e0a28db2456400d486dc2eed34c9a209d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191D1EE8A0D5DD1FED9C6084013629E0A28DB2456400D486DC2EED34C9A209D9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19645
Expires: Sun, 25 Sep 2022 19:36:06 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
www.niumo249.xyz/smbaidu/dibu.js
104.233.145.194200 OK 6.7 kB URL HTTP/2 www.niumo249.xyz/smbaidu/dibu.js
IP 104.233.145.194:0
Hash 66faac0410f7affa7024cb562032b6bd
437d3cf6270f001a43273088f937eb47e55ba27f
769d19d01a6f0a1ab66d21b28158fd8946d1ccb6becd0b4843047fd6a2f6f4b9
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
104.233.145.194200 OK 3.8 kB URL HTTP/2 www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP 104.233.145.194:0
Hash 7af356010c868aa75fdbc3b0036b91fa
ea2d8c0b629f9134d0d11d1899542d4ae380f06a
45d8526c1b525046035786f061d44af9d4d22d0d848747716b75c2a074923f7f
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 131d74cfef3b0d0b723ce3d99322ad3f
b32174a5aa06188c375d1092ff131390cc54e57b
b274f2c04977a404fe374ed33ffb36b100b3e45717ccda2b2219ae6bfa03a163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B274F2C04977A404FE374ED33FFB36B100B3E45717CCDA2B2219AE6BFA03A163"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10281
Expires: Sun, 25 Sep 2022 17:00:02 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8026bfa147a21b0d604155875c4b782
5951924acf934c48f7aecabe67ef77581e58212d
4003aacdd07a3d7bbc1989b9d9a15267716df965ee8928be364cbb7cba925ce8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4003AACDD07A3D7BBC1989B9D9A15267716DF965EE8928BE364CBB7CBA925CE8"
Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Sun, 25 Sep 2022 15:23:29 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 91f3d14dbc32d2e304a753cc807af27e
608d7f37751f0c54845e6ad52ee4bed1c31368be
ad154b945ee16949cdc00a01469beeb107625781bd8692914e72d9dbee6b9bf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD154B945EE16949CDC00A01469BEEB107625781BD8692914E72D9DBEE6B9BF5"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8431
Expires: Sun, 25 Sep 2022 16:29:12 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 3e4d401a02efd949120fb0db208bd306
cc9b2168a5c65f3e486c3b68d30d858a0a515015
ad155b2145094dd422c38bb604618a2f6a046e5750206ec8128e66a0d47f95a1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 29 Sep 2022 12:41:53 GMT
ETag: "cc9b2168a5c65f3e486c3b68d30d858a0a515015"
Last-Modified: Sun, 25 Sep 2022 12:41:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 390
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750455552fccb506-OSL
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 208183aa8ea728475e3dc9bd0e7b209c
cc2f572ef1736a90fd359107358667d3f9036c7a
39eb6dacd593bf5fba6f2469f00df07d3b9f9b51bb46d194078d37d6eb209c06
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 14:08:41 GMT
Etag: 2a1f5ceaa40b036c521af2fdf94a2914
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BE8E00ED74153DDC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b785f93e9c48df6419a8cae9beefc4
2c0054c168efd3b5a5360a29973494905a35240f
ba78c89bd6a0e8aff574700b01e477255e260de7b30bc17759d66a7bc936aa1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA78C89BD6A0E8AFF574700B01E477255E260DE7B30BC17759D66A7BC936AA1F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Sun, 25 Sep 2022 20:08:31 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b72e55ddc5f44b1a5d1816f1f0f2ffb
50bb2001eacd12f38facbacdccce624ebedab7a3
3aa491b58637a3297f8fb7b66b8dc09ef9cb1b6bdffd048497bffe2dbc03d0f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AA491B58637A3297F8FB7B66B8DC09EF9CB1B6BDFFD048497BFFE2DBC03D0F9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Sun, 25 Sep 2022 20:07:54 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 172552533f516eaa068ded93fe354dc1
6b7777c2a645ee0759ec4c5c832803cc07767a52
82f88b39f6262e11a0e68015c905108f2eaa3cf0579c7c68bb1aa19554a954d9
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 14:08:41 GMT
Etag: 1f1addd598cdb814494b985de31144e0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=400C1A75718CCF0E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 042dd5b8ec0a2461d4c793ebbaf70d8b
12f8a648c9deabbe3184efe23f996ca76e6f9dd1
e2dd46c33af320921a7f1500b4629ecfef83e617c02cd8e6525e7f54e733e867
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2DD46C33AF320921A7F1500B4629ECFEF83E617C02CD8E6525E7F54E733E867"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5674
Expires: Sun, 25 Sep 2022 15:43:15 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
104.110.17.24200 OK 446 kB URL HTTP/2 dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 446 kB (445879 bytes)
Hash dfbf81fb5d0c62a4890d1362f950c5d7
725b5307b3976bd29822d38f3a22d119086498da
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
GET /images/03964120009z0w8i44344.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 445879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15003908
expires: Sat, 18 Mar 2023 05:53:49 GMT
date: Sun, 25 Sep 2022 14:08:41 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 25 Sep 2022 14:08:41 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b228f4c1f3b4968b5affd67d9cfd01
6865155b2989140410c659e2d1f70a618a09f089
11d6d6b0bf568355ca7c19707205d25b47cda195008f9108bb51ff9cdbcf1d5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11D6D6B0BF568355CA7C19707205D25B47CDA195008F9108BB51FF9CDBCF1D5E"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2084
Expires: Sun, 25 Sep 2022 14:43:25 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0bb2929c614b6c96ebe43c95ab1bd9f0
6af6ca2c75454ce4445e7cee7dc3275e2d967b4a
fa389176253f4fbdb27d2a7eb645e6e60de7e3ff2e243e837513544a13ad579e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA389176253F4FBDB27D2A7EB645E6E60DE7E3FF2E243E837513544A13AD579E"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 20:08:41 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e38df505824424dbefbda5bfdcaf2ecd
72bc2acce6674ff54ebd7d456007b89d1796bea5
4dd6639df2a5bdbe0e6595d30f856ca9966d7cecedf81aa250827586a1e7c6bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DD6639DF2A5BDBE0E6595D30F856CA9966D7CECEDF81AA250827586A1E7C6BC"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19150
Expires: Sun, 25 Sep 2022 19:27:51 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e38df505824424dbefbda5bfdcaf2ecd
72bc2acce6674ff54ebd7d456007b89d1796bea5
4dd6639df2a5bdbe0e6595d30f856ca9966d7cecedf81aa250827586a1e7c6bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DD6639DF2A5BDBE0E6595D30F856CA9966D7CECEDF81AA250827586A1E7C6BC"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19147
Expires: Sun, 25 Sep 2022 19:27:48 GMT
Date: Sun, 25 Sep 2022 14:08:41 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0101912000a01jf8t5395.gif?proc=autoorient
104.110.17.24200 OK 423 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101912000a01jf8t5395.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 80\012- data
Size 423 kB (422693 bytes)
Hash e8f8e2de259788e7c2ec5639aab6931e
8a76516927e65b68cd0b67d8fe95cb32c956c096
68d48415ac54b93ba3420a0f034da04d68a3a48ccdad27abcd5aa60d3a67775f
GET /images/0101912000a01jf8t5395.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 422693
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15551976
expires: Fri, 24 Mar 2023 14:08:17 GMT
date: Sun, 25 Sep 2022 14:08:41 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:41 GMT
content-type: text/html
content-length: 162
location: https://acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: text/html
content-length: 162
location: https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.145.194200 OK 43 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=902246229&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=50200&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F87%2Fviewspace-93.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=902246229&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=50200&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F87%2Fviewspace-93.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=902246229&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=50200&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F87%2Fviewspace-93.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 14:08:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D3C76391C1524D75; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1123586870&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=50200&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F87%2Fviewspace-93.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1123586870&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=50200&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F87%2Fviewspace-93.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1123586870&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=50200&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F87%2Fviewspace-93.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 14:08:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=719DDB29A8167472; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.145.194200 OK 49 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
104.21.87.253200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 14 Oct 2022 16:46:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 940962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPC1iVznarxgto32%2BCFinovTS%2F8TkeAtKmHYMjyRJP0ZvHp6QEVubAlqGQYoW03A5I7ktma1AwV0gCeLYiSUyOZZahFou3P6EX1HkGMCWY9vsRwwlndRt23UYTyg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504555848001c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:57:44 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
38.47.102.246302 Found 503 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP 38.47.102.246:0
Hash e13338bdf3a2875df88a14a97d8f713b
81cb2037cbbef5c93f58531c64ab3d73ce2dc7aa
f4261801c4bf57c1f85d0a039fa7c00f4e071f38ff9f93a0aefb6239134f3216
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e13338bdf3a2875df88a14a97d8f713b
81cb2037cbbef5c93f58531c64ab3d73ce2dc7aa
f4261801c4bf57c1f85d0a039fa7c00f4e071f38ff9f93a0aefb6239134f3216
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4261801C4BF57C1F85D0A039FA7C00F4E071F38FF9F93A0AEFB6239134F3216"
Last-Modified: Fri, 23 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16011
Expires: Sun, 25 Sep 2022 18:35:33 GMT
Date: Sun, 25 Sep 2022 14:08:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:57:44 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
www.niumo249.xyz/smbaidu/tj.js
104.233.145.194200 OK 1.7 kB URL HTTP/2 www.niumo249.xyz/smbaidu/tj.js
IP 104.233.145.194:0
Hash 3c2ab9e5ecab302b11baa92ee99489f9
3a538171af357ed4b3a77adea42ce4dc4280ebd3
80b451f8d281645638d7ba98beecb865a4975aa99945c16273e70cc2657fc630
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:40:36 GMT
vary: Accept-Encoding
etag: W/"632a1734-bc8"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/uno2iv1dwgr.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/uno2iv1dwgr.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 304x405, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 9b4567f80d013b5953929fd9cfdf08e6
c64f049776c9b586e8031dd07d021a0fd1a2dd92
c7b0c476984af6e849a445730657d6176ef53c98073655bdcb20c11fd5a88639
GET /upload/vod/2022/09/uno2iv1dwgr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 10065
cf-bgj: h2pri
etag: "632ea343-2751"
last-modified: Sat, 24 Sep 2022 06:27:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3fQkN4JArVIqTH9rzLlmN4O8eSldcnDC1gsam5shfDkjpmgD9Koh3XPWt%2BSF9fxyoMMua5SCoa2xK6y5PP%2Bhc582I2LSXCQMH%2Bf%2BmruDJQm9qRPkplNnSiK%2BS5CVUh5YNax"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455589c5d772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ev1uozkgtyb.jpg
104.21.235.64200 OK 9.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ev1uozkgtyb.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 180050e5ff43f0ffb950a396a4e88732
835610426bbd4579ca8fb57565c37690612bb02a
2687865dbece7b304b703ef3f258e23f5b03cb988d166eb5005c4d886936614c
GET /upload/vod/2022/09/ev1uozkgtyb.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9375
cf-bgj: h2pri
etag: "632ea35b-249f"
last-modified: Sat, 24 Sep 2022 06:27:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk7WNAqQRepQ0Hc7cbxsOSO3srv4hl7rKEHeUs2Q4Tv5sCvf53JPqnWUq5pYw58%2BF9g0ScnGkCoMKFudoZMqJH0v6gFcVPDnndsMx6sMH5jrz1mamhYpWDMl%2BCiDRnwgoRBP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac62772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/cuwoq1s3nlz.jpg
104.21.235.64200 OK 9.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/cuwoq1s3nlz.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5f94c5d240e565517f0d186dbb3261bb
16abe1190798a8dbd696792538a62af0630296a8
9933541a5594baecaadec8bfb2af6450736c1d3ead20e3cc0703df9e35052bf0
GET /upload/vod/2022/09/cuwoq1s3nlz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9071
cf-bgj: h2pri
etag: "632ea344-236f"
last-modified: Sat, 24 Sep 2022 06:27:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA6yk15UEw01L4BmJDmbGtht%2BKsetC9z1skUn0gMWhmg2C2dWIm%2FHNcdn8GHmVOOF03NyUD7lwU4neNh4RLPj5ZcxaOzoKgVfc91neG1LnHH7R7DSbxI2miJVVRoPWtvDkYT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac60772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/iaivjdjetui.jpg
104.21.235.64200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/iaivjdjetui.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c6a21632a9a9eb4299412c46ec6b0230
db91e8935dd57d0f0242c28f4c3dbf59816a1a61
89c782b68cd0b7582b88f91abd791e63312254260e846090feceeabff0ab3c54
GET /upload/vod/2022/09/iaivjdjetui.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7607
cf-bgj: h2pri
etag: "632ea345-1db7"
last-modified: Sat, 24 Sep 2022 06:27:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDbdK4l8D7t%2BQJMSkNDdoyADFvsizBL%2FCNHjmVXdyEZ5u9W8uYpwoLGwJhuRAO4Q3rdCtd2Xehvt57Zf6Kw8yMNIxOs2H%2FJNsLyCb%2FH6IjZGVa0ZpSer%2FuCI%2BUbZ88x%2FcCMQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac61772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:57:44 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 375e9b0d953c32593b590d6b454331b6
c86e474ca7d124091e9f12b93ae8e460aff186fc
d7127883bac5aebadb6105102a19a4ade5191c1f99233eb46670da86caaf4cbb
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 14:08:41 GMT
Etag: fab3a5b597ecc18daa0b82454514a3d0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ED2944B085204E68; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmtu.netfhtu.com/upload/vod/2022/09/4wehd3llu1g.jpg
104.21.235.64200 OK 9.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4wehd3llu1g.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5459fdc53d7afb92f5730314940f88b7
34b4f5e4082edbf8e4d76c43e367a549ce36760c
2645eea97a5292a2c1cd90b1fe91422f6705e1e57b4f981c97a06b23a22957ea
GET /upload/vod/2022/09/4wehd3llu1g.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9157
cf-bgj: h2pri
etag: "632ea344-23c5"
last-modified: Sat, 24 Sep 2022 06:27:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn7XG2bI7GYQW3liJU1eaMEFeekzzplAkuqNRMfdL5qejqm8bZ%2Bzq61OJAm06WjF8tY5AC0FpKwgg80tFq7cC4lBMzB8%2BEpMlNge0ZxfI3vmHIO7AX6dmRdyz1SQe178pOYm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac5f772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/w0oan5tstx5.jpg
104.21.235.64200 OK 4.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/w0oan5tstx5.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash af4afc7d1c884d3046a10318e0f678c7
5c1655c788f8ccb1d0bb47dba618f1fd93a80dd0
fef03f702d91059c3c9c474da63d624aa5ae478979018f550a8da28b9cc8cca7
GET /upload/vod/2022/09/w0oan5tstx5.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 4465
cf-bgj: h2pri
etag: "632ea365-1171"
last-modified: Sat, 24 Sep 2022 06:27:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cro9fySF7P7rg5iSB39W9Kv1%2FnGfRkAT9gl%2BsLnLMvKUoGXbLNeuRXkkG2crjb8F1ZMUrdKJ5bfTmR76X4Hw8BlZu9LIy0UBBUoDeKL8D4cII1LM40LAgxXK1E6fWEpDwPk%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac65772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/cf2wt5i0h4e1400cf2wt5i0h4e52999.jpg
172.64.140.29200 OK 7.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/cf2wt5i0h4e1400cf2wt5i0h4e52999.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 72c52f52e64cbcc5fc91eb5bb06b22e1
de0b285019eb7dae79bb48eba8fb69614d55d283
28bbf5adc51804d2b671b31ddd5d4fb2cf112a6881bf6600e9d38c7da4b42b1f
GET /upload/vod/2022/09-24/14/cf2wt5i0h4e1400cf2wt5i0h4e52999.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 6989
cf-bgj: h2pri
etag: "596bf00dbcfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3070
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbpctYkokb1ypqXWeqEbQhWE1rI5%2F0cSq%2FeRjinS12mqbBMbMCv3ka8E%2Bj774ri1w7BLLGx%2Bkf2ghODIShKqYsIBqdrtVDcYg5r6Ph0RWenZYyXktL8EJ2cJ8carczkJy6pB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558cd9275dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/azcwhhllewk.jpg
104.21.235.64200 OK 9.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/azcwhhllewk.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3539360f9f44b1f39ac8a95beb692a80
49fe0c8b36f4d38dcc6efc41b85c6ba7939b01b8
a76d7974f1055eed849b7bd21a5a853e9f7121557637413e598eb2630625ed2b
GET /upload/vod/2022/09/azcwhhllewk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9866
cf-bgj: h2pri
etag: "632ea3b0-268a"
last-modified: Sat, 24 Sep 2022 06:29:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 134
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4g0vbd5Gxx09jf13DRcO%2BFTNnBFYnyZm8psz6v%2FBalOqAMmJo9vFz9DRp5UPJ5taOh4ciY1JQnBVVeBWnojEMNezU8rbNK5OZwomrcLdMt8Ui9DThy%2FQgWv9HUES%2Fc4NPGR3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac68772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/iww251agdi01400iww251agdi051997.jpg
172.64.140.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/iww251agdi01400iww251agdi051997.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 01aad12e9958a7c8275aa87ec665730d
90aa33f06a7be26a5551b938ca84235c279b8791
e12cda92778939ae0078161c9eff9c16ea2d3ba52b9a616080b4d783596df837
GET /upload/vod/2022/09-24/14/iww251agdi01400iww251agdi051997.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9957
cf-bgj: h2pri
etag: "ab84680dbcfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3114
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgzOfG95ICSNaE74qnSPDHRSv33HtRXt4j7KVtznJ2iaiY%2BHZZGmQzoJ4wNTRuDKY1cPrFY3jikY4T65TCVdkPAglPE5ooeDSD%2FYhi7uF%2BVA%2FyniaHPTVfC6onGh5hkhYg4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558cd9175dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/lbjml0dlcea.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lbjml0dlcea.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash dcf250daf5db9e80fbd365c5402dbb3e
1b58f53abc798f2367089f46c7057336ad2ec032
a84c953a9b1b250b592fb73883f2fad8b3170e0accaf818793413d3c3ae0e93d
GET /upload/vod/2022/09/lbjml0dlcea.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 10892
cf-bgj: h2pri
etag: "632ea364-2a8c"
last-modified: Sat, 24 Sep 2022 06:27:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh6AirqzO8okQ1bpQwwY88sTPQpsXtVImDUGEYPeRvhtJI%2FolmNnTKqJQ84Vvd7WlDHrpfsXakvjyWo7hBTEH7np8kXNOstdCxGma%2B35wgcKUBrvk6uQj4AakFv3rhC%2F%2BKuM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac64772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/jzsyin0rnbb1400jzsyin0rnbb50993.jpg
172.64.140.29200 OK 7.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/jzsyin0rnbb1400jzsyin0rnbb50993.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4b0ca26c5eae90f7a8b6bf3f999c025b
4281ee24a973d7d7bd8c7633a93b07de6b2b1a96
b4bd7d746bf4a91f3fd692a83133f80e5bc13c3415084a31753d87b5a645fb2d
GET /upload/vod/2022/09-24/14/jzsyin0rnbb1400jzsyin0rnbb50993.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7614
cf-bgj: h2pri
etag: "93d953ffdacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk97Wkm961q8uyYXHrPrapYf4GZN09%2BI05et3hRkbCd16IqcaErIZ%2BrO2gseLS%2FzJhNvtHBF8zRVvY9F9oFXEz7dCXUP8Z7O5IMuN9K2zRxavD%2FoEeWrLehd%2BymZaEFmIcH9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558cd8f75dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/haidbgq00a1.jpg
104.21.235.64200 OK 9.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/haidbgq00a1.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3adc4a8d11d6d17af1c24c46746eb8b6
04405a2c9bd6e2fe1bf881688ea4d995e854cc09
f9bd21a0407b4f4e8dc95bd736f28edb805306a9ed94317f72904d6605d0550e
GET /upload/vod/2022/09/haidbgq00a1.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9639
cf-bgj: h2pri
etag: "632ea3b2-25a7"
last-modified: Sat, 24 Sep 2022 06:29:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1xPW5XFJ2Wcalf7R8IFgrxb6PevT7dMBzDkz4mS1%2FJqWxqPQpUlfpiZ41NvjHd%2BTf4urov5bX0jnmyz5FFyAzpZqYAvvJrCvc1jQ6Gplpmli6cksrT7%2BovexFgMNa5ZZ55m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc97772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/bdb76ee62e2d3b0527928af1d081b9c5.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/bdb76ee62e2d3b0527928af1d081b9c5.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bdb76ee62e2d3b0527928af1d081b9c5.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/psccz4xgp1w.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/psccz4xgp1w.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 11x18, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 3cc177a3ccf19f39c93b398f04aa6a47
a75e3a73832ab45530d4f55eaa5a63d2f91bc915
2cd1f8fcd689d9c257268a532719e94c7b74a4c1aea8e9b7bec190b263faded1
GET /upload/vod/2022/09/psccz4xgp1w.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 11631
cf-bgj: h2pri
etag: "632ea3af-2d6f"
last-modified: Sat, 24 Sep 2022 06:29:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzNWoqZZOKblcy63UH4tMID%2FdIWGnOxTTfIIS7p8eufq6ZDrDxvyDlkD%2F%2FWjIPL4ewZYlBtyMjPUmzLMclvzGy65qcySq3X64WUir6pvmsjMa8CyC4XLMBqVcg6CpE0hIww9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ac67772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/drinxkhqtiq1400drinxkhqtiq50995.jpg
172.64.140.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/drinxkhqtiq1400drinxkhqtiq50995.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1daf2bf695607f41f1de0406aaf512d5
3833c24c97be24b421c88220d2fd79773e103cea
797c7510a816ffadedeacdf0f90bc6a61a0787c2b51768c89497e9644638ee9d
GET /upload/vod/2022/09-24/14/drinxkhqtiq1400drinxkhqtiq50995.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 8788
cf-bgj: h2pri
etag: "399fe0ffdacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUVSJtlJ1uqt5T%2FY%2BtlUeD4iVW7wWnvRl427qRWAjzfW1xkayfoZ0K%2FUm9hEGw3znicvOPjL5kNNvuy9c7bNgBiRiQV8NlioQ0IyoYuR5TAGllwsHCRUzrOW5FqYjqe1xQ71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558cd9075dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tldlcdliwxp.jpg
104.21.235.64200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tldlcdliwxp.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 038f24d17498bbfa2dde77f1f0187705
b21eb2008de2f4e28ca48c870fe9a14330dc7b33
78d107cab245887e7d1498afcad589a902018b422151ecadcc67cbeb612de518
GET /upload/vod/2022/09/tldlcdliwxp.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 8952
cf-bgj: h2pri
etag: "632ea3b1-22f8"
last-modified: Sat, 24 Sep 2022 06:29:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bb%2FDYzcVGkefX5SQDYc80lkS5OpyXlvm77YG0ndlqKCgWRmhyE3Ml%2FH4tEKxKiq6C1RW2bdkmLZIsCFcaMQY6EgN7F9Xl4n4podODrMRNyZdYNvSVFoo9mmpOYXLXqlJQkYE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc95772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/56cc11988c765affc4cee39616e412ce.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/56cc11988c765affc4cee39616e412ce.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /56cc11988c765affc4cee39616e412ce.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/sneupzgvsu11400sneupzgvsu149991.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/sneupzgvsu11400sneupzgvsu149991.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4032b080852989ffe0cbffd5bbc02a7c
9ad62d2f635360b7d58ee9c3d10c78cffd7a421d
e9ff4139e5e45fadeabeee3fc32d604da34a9c057454f51790c53b89f06e12f4
GET /upload/vod/2022/09-24/14/sneupzgvsu11400sneupzgvsu149991.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 10696
cf-bgj: h2pri
etag: "bb54cefedacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZW3E1U9QKp2lF%2Bn5y4L6Ud0u%2FG0UVdVQwcI0B5s1JGJm4Fo2P16XYD1GTr%2BrQO2FXpykCXO7ox5mn3Rm6FQ2SUVz5SChmWweGItugVlN6y4lw7ilr3t4xkHv%2Bylb97JAcEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ddc175dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/yakggxkd2st1400yakggxkd2st47987.jpg
172.64.140.29200 OK 7.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/yakggxkd2st1400yakggxkd2st47987.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 65930452738877280da83661b5040595
9b3b9ed44242d2929278c7013305850b4baadc1a
cd6877bad373d97f8ad02be9bac9c2d9f90d21e432818d0eb95d3402724bbb9a
GET /upload/vod/2022/09-24/14/yakggxkd2st1400yakggxkd2st47987.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7438
cf-bgj: h2pri
etag: "1cc2b9fddacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irNFphPZqoOcd7aKQsrV%2BXsT0Bms8p1SSVTKeNNliXEgKap9h9bMxdHVtWP93j1vi8hNIHm60R9cHHM8lALW%2BbmbHx6V7sJyjcr55Ho6WFZ9tadCEeNmqnsigT4YkddKFE%2Fc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ddbc75dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/bkl45damtyu.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/bkl45damtyu.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash da3586811ffaeae12943733131f9344f
7a1e067930fae030dbe0c6fa3bda790399417bed
c77d46e21ba758cdfb9ee5e1dc31af73e73c7d59850e60062d89d982b5b76d9a
GET /upload/vod/2022/09/bkl45damtyu.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 11199
cf-bgj: h2pri
etag: "632ea3b3-2bbf"
last-modified: Sat, 24 Sep 2022 06:29:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG6cR05XGsRGoauymIepJZcJgq2KESx%2FKbHHIwXMoWfkFnMQz%2FraS4yvq708dBcoIEzqmrioJiIEmTbH1wdaMcRhjC5wX09md1B4Qb1s1oTjRPZp%2FcF%2B4%2BsyoMKrGuqpytoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc98772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4dntgqe3knz.jpg
104.21.235.64200 OK 8.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4dntgqe3knz.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 110dc094fa958421b1e51821846cd1e0
54ad4ac35fe70cbd7e1802ab85bbd4b12ff98e29
e80b9d7ecbdf5b6bcd347cacfd2f3cee99db899d6e898623e2af80da7d80f888
GET /upload/vod/2022/09/4dntgqe3knz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 8575
cf-bgj: h2pri
etag: "632ea3bc-217f"
last-modified: Sat, 24 Sep 2022 06:29:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m8UuwaZQKGmmdtd7tPjHyYY7VXiMQ2WFvDhgVb5SpXo5rCn2%2BmNeoiDO73oUYLmclQjUPZCcsd9Zq7mdPeb9AEd9u9N1gPw%2FnBi3W4gQKLeCjmmGkGTa7ldaSB6zf3ljgpg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc99772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4p1xyadrhyd.jpg
104.21.235.64200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4p1xyadrhyd.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ebf37cdc35234b5e321380abfdf421df
a82ef9b8fc59dca27a8141ff11d1ff8ae4e0fc71
a7a0dcc50b247841a6cbb8b851299a77fc69f5f7e64fd28708312c0e725cc704
GET /upload/vod/2022/09/4p1xyadrhyd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 8703
cf-bgj: h2pri
etag: "632ea2c9-21ff"
last-modified: Sat, 24 Sep 2022 06:25:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dg3WV6%2FKJaDn2spod7PGhJU8mTSPOE10RC49B13BQ4U86j4oy3WbkkSls7M5kY%2FrN5LGhzrERpPj1XJNAcD7eqU1nPiprTU%2BfMj0yjk8rB9d3UU4fSjtJHnqxLzFZNTSKWnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc9c772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/ermdgvrlpes1400ermdgvrlpes45983.jpg
172.64.140.29200 OK 6.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/ermdgvrlpes1400ermdgvrlpes45983.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6f53892646473abd7b01548f5572bfb9
6e971a9c1521512afc126efda9cbb88fe026d2a0
3ec09740c47289def038dab807383d0b594934f6b05f2d4757b951cf0396a83c
GET /upload/vod/2022/09-24/14/ermdgvrlpes1400ermdgvrlpes45983.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 6298
cf-bgj: h2pri
etag: "7cf4a9fcdacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KCDma9y7flKlJFgWy6i8Aqf%2FG24dqH3tb7vYxpsdFC0HG%2B95RiarI3W2R8%2FY223VCKFE4PdldYVZSz4rcauId3%2FgxbcfiXP6r3suUkkhFJt9WxX%2BzipIqDakcd0l6Fe2Obe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ddc075dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/zqrdghlcgv01400zqrdghlcgv048989.jpg
172.64.140.29200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/zqrdghlcgv01400zqrdghlcgv048989.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 06de413fd5a02ac7d90027db35639e32
b43e8a8f3017ff6d7f91bd83d1bc8d6a91c03fff
bb43c3a49fd07970821a062cd5e138c95c0b7967efa02e481d2d25763ead71c4
GET /upload/vod/2022/09-24/14/zqrdghlcgv01400zqrdghlcgv048989.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9716
cf-bgj: h2pri
etag: "7e6d46fedacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYs3hhR%2FMobuDKf7B8VEoCFsE2zZr%2F2Gcge%2B8fgLcKSnBLl3dkxU5OdPUqY04w5J2iRL5xpaBQJRCpy8IT8hcaFoJik4L%2Frfx%2FYHgwAu%2BRDy02%2Fm%2FgIj1IwWAU1S8aRzwK7g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558edc775dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tlynuakpdaf.jpg
104.21.235.64200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tlynuakpdaf.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 653ec5c8bd7c46afc54dd684a59e466f
75109b7a155699c580c2efc5cad9764bf761c0a8
3027bd842b8be463929f04be02f6d0dd9d7f147a5e24a6c28f23320b0bbf6f62
GET /upload/vod/2022/09/tlynuakpdaf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7599
cf-bgj: h2pri
etag: "632ea2c9-1daf"
last-modified: Sat, 24 Sep 2022 06:25:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVz1QqeH%2BWq%2B92D8V3u4y%2FjXFSJ1sSbQ3anKaqMRmdfIxSyOnj3fF7d%2BqYQ4usfarnMtC5I%2BA7VS10e1g%2FXFBVuDSJh2VPrplggzWTgWmav7inaRgAp1v9DOHu5%2BhQjcXCnz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc9b772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ovxrcoarspd.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ovxrcoarspd.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c20f49b8aaed8e5659d775f588deca5c
4dd51ec60411afcbe481b5c9d725818ac2c0b4ea
f19c3381353de100c3caa1055550b6e79b7a83411fde7db660d288b9d94c9e56
GET /upload/vod/2022/09/ovxrcoarspd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 12258
cf-bgj: h2pri
etag: "632ea2ca-2fe2"
last-modified: Sat, 24 Sep 2022 06:25:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3299
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR87xa6kH78LXj2UwLmcgKTIj5Bvf1evfSp0GdYwNEa4P9MA5JCKvDSB5RttFmEqqFnBrlFRh1CPUn9YUS9TLQmOYI%2Fnlz%2BE3JYR8sryxLE94V5iinDtZoWJRliVyO4VlniW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc9d772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/xpzhqil1ge0.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/xpzhqil1ge0.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash eabdd27977d3e8ccac34845f124d0a72
f8f81fcd88baf9c60e9e1103df988a3eae5a7004
49267611636457ca9d1ef629be0c6c75a7c8625c06a8ee5ea659d09ff6c7c062
GET /upload/vod/2022/09/xpzhqil1ge0.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 10041
cf-bgj: h2pri
etag: "632ea2cb-2739"
last-modified: Sat, 24 Sep 2022 06:25:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 89
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnzFpQ%2B14gFitFBWVQdb9bipt4tvLkgze4Pqp7MZoP72sW9%2Bk2tmGfiHk1rgp%2FS6Gsh5NeapZvY8hVOzV4LinAb0hSzTcmXLf1a25DvKK%2FCLFa05oRTvCfPKTDygpU72GAoE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc9e772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/uvv55abafyi.jpg
104.21.235.64200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/uvv55abafyi.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7054219743be9acdb1ded458e5aa9dfb
7541d35164ce324f47dd587084e042b4a775e334
f790f4c6d7837e56445b29779646bd2e49511628cdeed67a02741f0b0753c407
GET /upload/vod/2022/09/uvv55abafyi.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9738
cf-bgj: h2pri
etag: "632ea2cc-260a"
last-modified: Sat, 24 Sep 2022 06:25:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 89
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr7HDPSf%2Bke%2FFWISpruuvBSk1qg3ccegtRZ7JwbOoNHo6kTDBPMi%2B2zub30wa356tm8jYmBszwwf0AM%2FPnb69%2Fxr28MktZh1ndcWBAO44Z587VlSXLDMrWwsAJPXKcnIcimp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc9f772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/0ru3g43ufdv.jpg
104.21.235.64200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/0ru3g43ufdv.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c6d0bc2c7159ff34271e3f233320a67f
c73a57737612b89358f8ca86a8a963876fedba00
05224232f56a35b8df41658f497835117c7f5ffb771f098b6d74e2f305f579db
GET /upload/vod/2022/09/0ru3g43ufdv.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 8239
cf-bgj: h2pri
etag: "632ea2d0-202f"
last-modified: Sat, 24 Sep 2022 06:25:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4374
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plw3%2FTX312%2FI5GWR674YfDXvwR3y4Em%2BNkNUD38hoFyhSSxXJ9D1s2fq%2FSnLMDQ6CnhVUUstWJTblSfehTLdjnaMUEI8S45R2f7BxZRS%2FzwR%2FxCBe%2BcVb7JVX5MkwSeFgib9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bca0772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4smxe3vq1fx.jpg
104.21.235.64200 OK 7.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4smxe3vq1fx.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1e6a40972d0297e55d61431934a37c29
5c6b6d90afac0285a5968d082af21cda5e24b3a2
df7c7f129af21c9d171e2ee82d2313b88fdd76c0de189d293a02be404051c980
GET /upload/vod/2022/09/4smxe3vq1fx.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7102
cf-bgj: h2pri
etag: "632ea2df-1bbe"
last-modified: Sat, 24 Sep 2022 06:25:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4367
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddBX76lrFe3XWfzBBkpQyzZCSWKU0sVacBZmr9oOs6H3Gb8CWS251WAdBEqsuiJXwLKLKGtdx2og4G4r1b3t9e8BlMsPtxXgcDAC2L0W8etVQBUhOZUdX2O9EyJ9LrjqWyX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bca2772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/idqti0bsmzm.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/idqti0bsmzm.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5f6e37ef687974e7b5bab8979cacf119
45dab54877b5d01427b9193d19298c6dfb343125
a58c6ad50864de1229670e032386c8f779ddf9134c1305a3e2adaeaf4fa33b9b
GET /upload/vod/2022/09/idqti0bsmzm.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 10131
cf-bgj: h2pri
etag: "632ea2e0-2793"
last-modified: Sat, 24 Sep 2022 06:25:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 89
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jmjacKnJzRRFrPzuVPUpaY%2FABIX9YEORw9bB8yeqTIpB35NTEl82PMldF97Ce1m55uV83vfuEtnGHTqfyJVDIovSnGKzyrc4euRIeWmonmDUAvdoJGeJnynLyJAvDI0qSbE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bca3772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/jrgg5suakhl.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/jrgg5suakhl.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 14b6e6c6fa7a4787151604aace92fc8e
4da7fe48ca2db81e7c04ffd6cc013f4e9c9fed22
3a0a0ed74979aa93a0544f1ab28ae181b9afe1a37f0309339751b459732fa5fb
GET /upload/vod/2022/09/jrgg5suakhl.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 10552
cf-bgj: h2pri
etag: "632ea2e1-2938"
last-modified: Sat, 24 Sep 2022 06:25:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 89
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyS%2BGgu8NPPKMcwqVJcb8ONHcz7gnXKht2zNuO2XEcw%2BADDvWKe3gwQA21xKF1wy96w7vcer%2BZAT%2BZn8PuXyxhlAKB75qCDEvJfHyr8A%2B9gOcNxFiNSPimFKSzaPmQHsQdvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bca5772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/wsarway3mt2.jpg
104.21.235.64200 OK 6.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/wsarway3mt2.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash be019510e4db9e8a478420465950f447
64a6ccde8c9c3f5429c36e605cca9a98466abc25
52b3fe335ffacadc371a366d03175d7539b86a25af527720dd4bf07020b71c1f
GET /upload/vod/2022/09/wsarway3mt2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 6279
cf-bgj: h2pri
etag: "632ea2e2-1887"
last-modified: Sat, 24 Sep 2022 06:25:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4366
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu6lREVMIxOnD%2F8xuJlpxnyTF3oAHwPtlWHXRHIrURQK8U%2FLsHS%2F4kcM87uGF9OZc6i86XWQJAsnj2ADZpu%2B%2F7CnE2krzSFAT%2BH3HZciEMJkzJ2oK2psCnWRwSZyqWe0KKgn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bca6772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/lbfqntwablu.jpg
104.21.235.64200 OK 7.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lbfqntwablu.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash bd2aa2687362acbc464ca96332539203
7de85b04c2c00a8eff5acd890d6563df212105a2
cb7bc7e71263bda9f52f0ace4e472daa438ec9ccc046f0bafc876fa3d857afcb
GET /upload/vod/2022/09/lbfqntwablu.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7508
cf-bgj: h2pri
etag: "632ea338-1d54"
last-modified: Sat, 24 Sep 2022 06:27:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIm9yUNU8A5%2BswUZoJ7vKCZaKdNAYNLkDLmacOwy2z8bG2IN7n07FsQU9B3VCE28vVjewcH6DEqW9Yfq3UNJgN7yzINSNVzYF5tdi2hc4It4Z9B7JeGJj4pdnJX8JPPdohT%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bca7772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/3bii2oo1utz.jpg
104.21.235.64200 OK 9.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/3bii2oo1utz.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 33f0cc64f85dc88875165996e8e17d7c
26663d69fdf4c7e34463960d785e54a9def5e010
c1fe23559290673227f8fda17a6cb0f2b060abc1dfff15baee2b4a8215c9edcf
GET /upload/vod/2022/09/3bii2oo1utz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9311
cf-bgj: h2pri
etag: "632ea336-245f"
last-modified: Sat, 24 Sep 2022 06:27:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbyNr72tiEV1FxAAwr1PnVEQLWQsZzY6hqRcjFQ2K34YBTE5BtpbUkynkN%2BocPcIIu%2Fx5CnYDEelNJz0%2FU7N1JNEMjW0Yu0%2FP3SPX5q0B3GKFu7Ah3kLbB4y3XR7QQQfH26m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bcaa772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/s3gpef5s53v.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/s3gpef5s53v.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b68fde0ed01e6638f06b7843654e64ea
815c0675b890ed61196b6ac55da2a4c12d314b57
5fde46d7af9235975ae1647f763c6673880e12c089ed8f4204825694b4d2923b
GET /upload/vod/2022/09/s3gpef5s53v.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 11631
cf-bgj: h2pri
etag: "632ea33a-2d6f"
last-modified: Sat, 24 Sep 2022 06:27:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ih9Xnv5GD%2Bc2mWundXvTvuiAxjF805BI3pLRB7M%2FwdSwb%2B%2FIim5c%2FQmOdGqCqzR7RXzTf3l6%2F%2FnC5TzTD8VNoTOeSMaj7eg4iCogI9xmYYiDkKJme4a7IUvxQt1AgwZ6%2F%2BX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bcac772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/aimmzu3jgno.jpg
104.21.235.64200 OK 8.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/aimmzu3jgno.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 99bb82d655228b9bf7f3c09f1b4c6593
0782f70c67d408c25dc6fd25f8fd2263a6542f41
d7081ed0312125978f9edd8a783c7031d42f3f91141911c4af30f8a5b3e9b49a
GET /upload/vod/2022/09/aimmzu3jgno.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 8594
cf-bgj: h2pri
etag: "632ea337-2192"
last-modified: Sat, 24 Sep 2022 06:27:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opoW3%2BetYjBwMtMopgINUXKg3Za0SRb%2Bf3BbchNldLc2gqedwPg6jua%2BOuH9CVYalOdFqzjd87ttiphDTd8sRQD2TuVmK15Oz4qraw13tGZ4law3IcZ25K338jGuiPLtJY3l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bcad772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/q3ywvvs4110.jpg
104.21.235.64200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/q3ywvvs4110.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7151f1059c3e191ac92df1cbe6e01a07
1d9c5e48299612daeb6084ba3dcd96a9762c2a42
110fa10cabd010b735f9b91f1a20e06c85d431f9d145e9944771b361005934e1
GET /upload/vod/2022/09/q3ywvvs4110.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7570
cf-bgj: h2pri
etag: "632ea339-1d92"
last-modified: Sat, 24 Sep 2022 06:27:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba6mmSYxX7O2D%2FgQ%2BUoFRql%2Bi1Cqjx1e%2FR9dXXzModSXNdH7yRW3euTj2NqMHVrCa%2B1cxY%2Bbb6q4Mg3sgDQXHNg8X5Tb1Ju0SAOQcWyw9zIZLzoX6h%2BC9szFM%2B5cCRvM8hGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bcae772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/jizji5wvwey1400jizji5wvwey46985.jpg
172.64.140.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/jizji5wvwey1400jizji5wvwey46985.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash da26e41254d92a51d87588fc2d4a1546
3a3429cea5818dc08a167cc639685536f12712ef
a90c3eb318aab0f2a26f75df519756d049b2812f253d6a1450858128e58465db
GET /upload/vod/2022/09-24/14/jizji5wvwey1400jizji5wvwey46985.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 7319
cf-bgj: h2pri
etag: "8ddb31fddacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRv7UwuhX2%2BRojTuNLqs1XjmYarFrZF0lm3upsOcGd7aVuQe7OT6f5Fz8wMxDYtRY5DWrDJKpC9SYAkqVcVzvOQitOFzB4JYH%2BC2B47zDm34pNSLA4VqsXO9G4ppY99pmnw7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558ddbf75dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.145.194200 OK 25 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/nfi3pw1pz4q.jpg
104.21.235.64200 OK 9.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/nfi3pw1pz4q.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7cc3fb5eec0059c495a0516e7bd77c2a
3d13b621b865e1b2684dbd3f537aed79de126df1
2426d658fcbb45278865e5ae2ced3079cae79189a38e00b4c7e609e4be2c32be
GET /upload/vod/2022/09/nfi3pw1pz4q.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 9509
cf-bgj: h2pri
etag: "632d591e-2525"
last-modified: Fri, 23 Sep 2022 06:58:38 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh6oDSIC3NAwNCmSUf6jG09jczU%2FFLz6Q7bjIOh%2BQFNDQGd6Ah%2Bh3%2FTmCVojkIgS5vXMLYBiCPPIUeI3kCK8l%2BsKYC%2FmRb02t63wPMmaROj243mCuT3FbBl3ifjLmShQAi5n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045558bc9a772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d692d7a986447e8ecaf3763e68f446c4
ee5ee62c04f5ab801ed594ebf67ca270bc7facde
b7d3d2518f89c9de923283692640f2ff6c8c52f2950bf35d19261388fc145610
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7D3D2518F89C9DE923283692640F2FF6C8C52F2950BF35D19261388FC145610"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1225
Expires: Sun, 25 Sep 2022 14:29:07 GMT
Date: Sun, 25 Sep 2022 14:08:42 GMT
Connection: keep-alive
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 14:11:09 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Tue, 25 Oct 2022 14:11:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
104.21.87.253200 OK 383 kB URL HTTP/2 kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 383 kB (383218 bytes)
Hash 4c8d1145a8990f5db374bf490eaaedf3
20a774fba3e70db44f9b247c9cbc36717d1bcb54
a692017bfeefe2bb565d2148c962984df0022cf636e6bebce0d9bfff5dae26aa
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/gif
content-length: 383218
last-modified: Fri, 16 Sep 2022 11:54:31 GMT
etag: "632463f7-5d8f2"
expires: Sun, 16 Oct 2022 13:15:17 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 780805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZxK7s8dAT70brv7XaDvlDGXMtf7v1ODuRf2whiKafMSrmDIeAmyThO4ZTMsrVQh%2F6DLshXwhpDZqyJiwdrezlSjZ8%2F091zY%2B6Zb6cvo3zmW4Kq3i06PNeV%2BRk%2Fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504555b1acc1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.145.194200 OK 35 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
104.21.87.253200 OK 845 kB URL HTTP/2 kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 845 kB (845033 bytes)
Hash 2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:42 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Fri, 21 Oct 2022 14:13:09 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 345333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sutSv8sGoUJrGzI9NCXb7dPkrn%2BFksv%2FdszKQttO8tVbXNTTd1BvLhlwBn66F1vjLgKBC4aBXGTgnaqNLgvw%2FLcPEYVSVLuma4Hq3bEkcPZV9TfcagJJU5uc4GS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504555b2ad01c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.145.194200 OK 60 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/static/images/empty.jpg
104.233.145.194200 OK 13 kB URL HTTP/2 www.niumo249.xyz/static/images/empty.jpg
IP 104.233.145.194:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.145.194200 OK 111 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.145.194200 OK 19 kB URL HTTP/2 www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.145.194:0
Hash 8568993e0e7be0d37c243412529549a6
3694e1c8635b4a42fed1408d04838b4f72523754
ace59ff3b237d0759ca7ca1e6d6725d78e39369ad6d7c991ab8515cafc63a6cf
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1718801004&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=50201&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo249.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1718801004&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=50201&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo249.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1718801004&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=50201&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo249.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 14:08:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2ACB01AD009D875A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.niumo249.xyz/
104.233.145.194200 OK 320 kB IP 104.233.145.194:0
Size 320 kB (319864 bytes)
Hash 97a1a1dbec64afb38ea459f3958e72d2
333418e62e3590ea53514cad19f2ec0d8fc18880
567633decdaeb1df197dc43972a033167832be90c4c94e3ea0053524a6730a5e
GET / HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=m2f4e4798grgc0lb9621piuk55; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo249.xyz/nmwys.png
104.233.145.194200 OK 3.1 kB URL HTTP/2 www.niumo249.xyz/nmwys.png
IP 104.233.145.194:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:44 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Tue, 25 Oct 2022 22:17:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.145.194200 OK 73 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.145.194200 OK 126 kB URL HTTP/2 www.niumo249.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:44 GMT
content-type: image/gif
content-length: 125587
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-1ea93"
expires: Tue, 25 Oct 2022 22:17:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
104.233.145.194200 OK 140 kB URL HTTP/2 www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP 104.233.145.194:0
Size 140 kB (139642 bytes)
Hash c6f7550677d77ecf4a14c26ad9db7a70
c8e2d027028ac6488d0e8e9af5388b4ed7ef2e37
613e0dac746efe56f6ffdaf0cb39f37f96c4c567161c645cbfd2a5958eaadb08
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:10 GMT
vary: Accept-Encoding
etag: W/"61554e6e-1917"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.145.194200 OK 315 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/images/st1dfgtr5thfhyg.gif
104.233.145.194200 OK 870 kB URL HTTP/2 www.niumo249.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:44 GMT
content-type: image/gif
content-length: 870065
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-d46b1"
expires: Tue, 25 Oct 2022 22:17:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/images/stvf4grh65uh54y.gif
104.233.145.194200 OK 996 kB URL HTTP/2 www.niumo249.xyz/images/stvf4grh65uh54y.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:44 GMT
content-type: image/gif
content-length: 995865
last-modified: Wed, 03 Nov 2021 10:48:32 GMT
etag: "61826900-f3219"
expires: Tue, 25 Oct 2022 22:17:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.145.194200 OK 551 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.hdlxw.com/87/viewspace-93.html
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.hdlxw.com/87/viewspace-93.html
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.hdlxw.com/87/viewspace-93.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 25 Sep 2022 14:08:43 GMT
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.145.194200 OK 410 kB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/style.css
104.233.145.194200 OK 418 kB URL HTTP/2 www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP 104.233.145.194:0
Size 418 kB (418308 bytes)
Hash 6a1c49d97cdd97192d0d7a40ab0b3d14
1359f1aed766158aeefe696cfd8dc78864291772
774bdf4c5f65d367e63fe0508645a56d6a5491f1c8d0dae0fa83eb3e1ea9c46b
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 18:30:54 GMT
vary: Accept-Encoding
etag: W/"6211375e-5602"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ff8e9420a0f16431e2cd382c74f1c199
3c2f9ba4f3428207aaaebde682df08d24f2223e9
1bff5a52cd89db67c46966b6770bcbd46668efb432ebfb49ded128a195f2b038
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 10:04:29 GMT
ETag: "3c2f9ba4f3428207aaaebde682df08d24f2223e9"
Last-Modified: Sun, 25 Sep 2022 10:04:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3119
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504555fae4cb4ff-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ff8e9420a0f16431e2cd382c74f1c199
3c2f9ba4f3428207aaaebde682df08d24f2223e9
1bff5a52cd89db67c46966b6770bcbd46668efb432ebfb49ded128a195f2b038
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 10:04:29 GMT
ETag: "3c2f9ba4f3428207aaaebde682df08d24f2223e9"
Last-Modified: Sun, 25 Sep 2022 10:04:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3119
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504555faf5cb51b-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7fc43ed7cc7db00b682fb986e13aad32
68d21ccbbdb973191c0d4e3272973d56c458203d
049ae31d754990ba58145a27e04a7459f12847bc61f78ee8183d7afd663e456e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 12:51:58 GMT
ETag: "68d21ccbbdb973191c0d4e3272973d56c458203d"
Last-Modified: Sun, 25 Sep 2022 12:51:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1346
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504555faeb4b527-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7fc43ed7cc7db00b682fb986e13aad32
68d21ccbbdb973191c0d4e3272973d56c458203d
049ae31d754990ba58145a27e04a7459f12847bc61f78ee8183d7afd663e456e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 12:51:58 GMT
ETag: "68d21ccbbdb973191c0d4e3272973d56c458203d"
Last-Modified: Sun, 25 Sep 2022 12:51:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1346
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504555fad4fb50b-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 2989cc8c34a54a29e0f18c39ee6a1cf6
f6ad35d90031a328e06e30d1c1b81d94ff52cf32
32ed985a2e1c74e1a94136ace39090b9fafb0fa636134e8b5f15e8200eabd27d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 10:06:40 GMT
ETag: "f6ad35d90031a328e06e30d1c1b81d94ff52cf32"
Last-Modified: Sun, 25 Sep 2022 10:06:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2365
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504555faf31b4f4-OSL
www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.145.194200 OK 1.3 MB URL HTTP/2 www.niumo249.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.145.194:0
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Tue, 25 Oct 2022 22:17:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.2.157200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.2.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 9557155
expires: Thu, 30 Mar 2023 14:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504555fef1a1c0a-OSL
X-Firefox-Spdy: h2
kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
104.21.30.227200 OK 186 kB URL HTTP/2 kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Wed, 12 Oct 2022 15:04:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1119833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKdcHVzXqrSDXxXiJuKHRNbYsl9nvShCKKfRcPVXfA1xODOYoTyNbl9LamHUQ6Bx9gQmikOOI0vZNm4B9RQUiV2oBKq29%2B5ysgExko8TRFcLX9yYyJGimR136kB4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455603d6b1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
104.21.30.227200 OK 196 kB URL HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 14:11:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2159856
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRvTECuEb71lIcJ%2BeQoAzwuzzUZhtbQLPu7mg%2Fqy1TYVUD5%2BdmivZ0Q%2Byd6COmEb3K5tYtL228KfTSAreU7Anh0MREWqhh1GuWDQUqLuLnHaaGukHQwmbO89SADi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455603d731bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 898fd4c2814334472d6a881076d7be33
cd5806ab425ab8be8b6398a78ee1b74746c0d3ec
538a2b41e09c55991590dc64196adbb9c4146a65ef63ea87904a84f029d1e99c
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=221
Date: Sun, 25 Sep 2022 14:08:43 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 118546aa5439a68b3b31b1299fd60ad9
327b6e6e5f544b21ae8e7c2dd98e654a9f5db357
dc355c6a3618612cf78cbeb4f11eaa0605345749bc9be57110295704c29fad7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1948
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:43 GMT
Last-Modified: Sun, 25 Sep 2022 13:36:15 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 68cc7cb36e485a42f8e73039a1e740b5
0fdce649e50f6889839f4043b812368de86ec3aa
b512c9ce3bd4d9c8feb631338f2295307c903bba7d8e14fa86b8ff9530cc2a70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:45:16 GMT
Expires: Sun, 02 Oct 2022 03:45:15 GMT
Etag: "0fdce649e50f6889839f4043b812368de86ec3aa"
Cache-Control: max-age=566791,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7504555faeec0b55-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 560404359626973e1abdd59b212ac1e2
d44e105a8169c6b10be70529e890a8c6f78dd354
9b9b440eb3c964ca53df173b6078d58e9536949ff121e2146bccab1d56e99c95
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9B9B440EB3C964CA53DF173B6078D58E9536949FF121E2146BCCAB1D56E99C95"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10481
Expires: Sun, 25 Sep 2022 17:03:24 GMT
Date: Sun, 25 Sep 2022 14:08:43 GMT
Connection: keep-alive
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
104.21.234.40200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Sun, 23 Oct 2022 14:22:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 171952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2ojcadHh50R0WLJqBDFdDsnYBqvjeZAU%2F6GMUKvPJrWlFcwVLZkSEnS4b1IuBZnRQBoxTlZIYnPV4Lj4F3w1SJRynq0WGkjmbdK7r5YJNoEE0OorRbi%2B6z5xep3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455604c27888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
104.21.234.40200 OK 1.1 MB URL HTTP/2 nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 1070 x 80\012- data
Size 1.1 MB (1058705 bytes)
Hash 1c8ef0df174c2b2bc21b99e5833a86f5
be5a4efc232a53d5a3a7a49d9e8be6c318801a90
8ef47b086718806f2632e8dd77ea1727a5159627e7dcd318d104b41b887f7795
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 1058705
last-modified: Tue, 12 Apr 2022 07:23:53 GMT
etag: "62552909-102791"
expires: Sun, 23 Oct 2022 18:49:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 155948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lndDsDZVSTnhsZuCWOlK06Xg52hmiSTjTlq7XhckzKU%2BylM8RUoAHhUqw1bDtqNpEworf1lAxRA6mUbSKCgWNJVu%2BYgPz6Wne9YGNJoeWHKGHlRwLToazvvQr0sI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455604c24888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.40200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Mon, 24 Oct 2022 05:32:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 117395
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azXmRE427y3ZBpFYPE38XSvwczmseiIRckyiNQZt3FIT39gjv%2FpbXQU4zSa0UtbGboILcdQrXTXEM7W3wiazEKwVHyLU8ah4CZIClDrp4%2Fa94Nc%2Ba8b%2BxCPyP3Ye"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455604c1d888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 085133e122f8e225e2a9010ddc93ecba
c8904e8aa33a18066339d7165d76f531c7a08e35
839ac759ab00111026d47c47d9ee984d5119850100692579005af9c56d16e914
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:43 GMT
Server: ECS (amb/6BA2)
Content-Length: 279
p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
47.246.44.226200 OK 716 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 716 kB (716414 bytes)
Hash ba75613bba3b42a68c22abef0e8befee
4e6565415bc8cf1c377c152e75af5095c0ad50b3
9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
GET /obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 716414
date: Sat, 24 Sep 2022 04:33:40 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 24 Sep 2022 04:33:40 GMT
nw-session-id: 202209241233390101581631462D336B91ltrjt02dy
nw-session-trace: 2022-09-24T12:33:40.008558871+08:00 48
x-bdcdn-cache-status: TCP_MISS
x-length: 716414
x-powered-by: ImageX
x-response-date: Sat, 24 Sep 2022 12:33:40 GMT
x-tt-logid: 202209241233390101581631462D336B91
via: n150-056-026, cache12.l2de2[0,0,206-0,H], cache15.l2de2[0,0], cache15.l2de2[2,0], cache7.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01ae1fe144e68d0f0feb182d9c88d86f13533760f85cf656db329d8d2c634d9ee3c2278de54c43163db1ce54f9c8931828bcee7b80af2afa93a24b4bbc2e4aa87cc54c7c78646be430e7195eabf0dfd1f60bb2d4c3922a8fcee1209aa7fabdd90d
x-response-lb: image
ali-swift-global-savetime: 1663994020
age: 120903
x-cache: HIT TCP_MEM_HIT dirn:11:13777983 mlen:0
x-swift-savetime: Sat, 24 Sep 2022 19:34:48 GMT
x-swift-cachetime: 31481932
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616641149236298858e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ad9c203d1c86b5f0a3efaf788fadd4af
15b14b06cc59f46b130c141625939e7a4ba40169
82bbee7042b0c5fdc40bbeafdaeba7b704e63f2ce5ca2fadd8477b9ea83a46ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:43 GMT
Server: ECS (amb/6B75)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 118546aa5439a68b3b31b1299fd60ad9
327b6e6e5f544b21ae8e7c2dd98e654a9f5db357
dc355c6a3618612cf78cbeb4f11eaa0605345749bc9be57110295704c29fad7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:43 GMT
Server: ECS (amb/6B84)
Content-Length: 727
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07a82c6fdae1c1049c677ae0be5320aa
a1d14b92506217cbbf82a38a0285c573fee3d5ed
ee2cbe91e54cf8d1d0047c87c183ef0d0f37dc72b47c569e2f481078f9c02a3a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EE2CBE91E54CF8D1D0047C87C183EF0D0F37DC72B47C569E2F481078F9C02A3A"
Last-Modified: Fri, 23 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Sun, 25 Sep 2022 16:40:01 GMT
Date: Sun, 25 Sep 2022 14:08:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 118546aa5439a68b3b31b1299fd60ad9
327b6e6e5f544b21ae8e7c2dd98e654a9f5db357
dc355c6a3618612cf78cbeb4f11eaa0605345749bc9be57110295704c29fad7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:43 GMT
Server: ECS (amb/6BB4)
Content-Length: 727
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f7f0f215503a8fd10630ec625a6703c
7c936c0044e404f15733e1a7815d7485e9a6dabb
a0804827befec3e7eb6940cc987be3950195d2310de20b82cb835f19746964a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0804827BEFEC3E7EB6940CC987BE3950195D2310DE20B82CB835F19746964A9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12385
Expires: Sun, 25 Sep 2022 17:35:08 GMT
Date: Sun, 25 Sep 2022 14:08:43 GMT
Connection: keep-alive
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.189.203200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.189.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 12 Oct 2022 23:28:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1089636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KImffsuCqK%2BGjsK7lFITaSWbwDEzgO%2FbMxmgo8nGPB1n5CpoxTsN%2Brbit99jMwadz4Jf2eEKLBKQeiR%2FszqeuylrFWB0QPNu7Zw89vTBdaAf8Od1hUSUXB7JxLnIsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045561bccfb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
47.246.44.226200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 1366132
x-cache: HIT TCP_MEM_HIT dirn:11:446486805
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616641149237778955e
X-Firefox-Spdy: h2
kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
172.67.164.169200 OK 211 kB URL HTTP/2 kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 172.67.164.169:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Wed, 05 Oct 2022 00:35:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1776777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4b3e%2F1r6zFw08sEaEVJHQ%2BwnnKB2Fh4y3vrj7sDxMmQdRlEcVmPfO%2BE5MsPwd%2BJZ5JhpxiSnH6y%2BKJQTYF7mYnCtTv8V6BEMz9q%2BlJOAjEqtdBLqE4X4jUt9ODw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045561cdab0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.33.12200 OK 919 kB URL HTTP/2 kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.33.12:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvhooo.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Mon, 24 Oct 2022 22:39:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 55764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sfk3QnqZTiEakW1oC1gL%2FGrO9q6NgIiC6aM%2F5vPCDzOcKWN9X2sgsomEbN4FIvITaGacumCtyVDbOAKupiqermKOux4N9C%2B3wO04%2FBqBSSYGD6i3rdC1kyzVAn10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045561cb47b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.234.201200 OK 1.0 MB URL HTTP/2 acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.234.201:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sun, 23 Oct 2022 22:12:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 143776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zszYPubU1nVXW3f7n8xC41d2%2FpvlFq4GuGJwlWpqj5fxSQgiT0ydgA%2FDuRXQqN2KH9hntwjXq9OcZGAkxyIjZWVDd%2FAMbpbGp29em1RKbNPlpnR53zYo8iInHIO1eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045561addc06b2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b99db651e89733bb111e2edf00cb22f
6977e7cbd53158f643197982f023be6104f86224
282e97c71432a95a6848a94ff59bc7e91c9eff6fd83d090825c68beb0cf51c40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "282E97C71432A95A6848A94FF59BC7E91C9EFF6FD83D090825C68BEB0CF51C40"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3492
Expires: Sun, 25 Sep 2022 15:06:55 GMT
Date: Sun, 25 Sep 2022 14:08:43 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
47.246.44.226200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 09 Sep 2022 12:52:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 12:36:51 GMT
nw-session-id: 202209092036500102120750882371BE55ws9ph03dy
nw-session-trace: 2022-09-09T20:36:51.042624887+08:00 134
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 20:36:51 GMT
x-tt-logid: 202209092036500102120750882371BE55
via: n150-050-027, cache2.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017e264c470a200c75817d19215f4f0c4d0c8fe4cd833078a3f0c923d0a53a9f07ec897dc1eeece2414131fc93f86377bc0ecb7a9a69ed94bc789d2202a9035b0ca00f56ecb22ede539d03b4ac81b2968e5922b058dc71ca04727c531b7e170b9e
x-response-lb: image
ali-swift-global-savetime: 1662727978
age: 1386945
x-cache: HIT TCP_MEM_HIT dirn:4:442424542
x-swift-savetime: Fri, 09 Sep 2022 13:44:21 GMT
x-swift-cachetime: 31532917
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616641149238248989e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 085133e122f8e225e2a9010ddc93ecba
c8904e8aa33a18066339d7165d76f531c7a08e35
839ac759ab00111026d47c47d9ee984d5119850100692579005af9c56d16e914
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:43 GMT
Server: ECS (amb/6B82)
Content-Length: 279
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
45.89.208.114200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Thu, 11 Aug 2022 04:54:41 GMT
Connection: keep-alive
ETag: "62f48b91-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash 2b52d6f3418410e14c8d5f80ed991849
433fe266711e84fb471b57d8ed666d73a7de2e71
681a096b4890de0f6beaf23e2e5a617fc1ba50699a65bbb71362a3d571b0cc4b
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash 2b52d6f3418410e14c8d5f80ed991849
433fe266711e84fb471b57d8ed666d73a7de2e71
681a096b4890de0f6beaf23e2e5a617fc1ba50699a65bbb71362a3d571b0cc4b
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07a82c6fdae1c1049c677ae0be5320aa
a1d14b92506217cbbf82a38a0285c573fee3d5ed
ee2cbe91e54cf8d1d0047c87c183ef0d0f37dc72b47c569e2f481078f9c02a3a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EE2CBE91E54CF8D1D0047C87C183EF0D0F37DC72B47C569E2F481078F9C02A3A"
Last-Modified: Fri, 23 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9077
Expires: Sun, 25 Sep 2022 16:40:01 GMT
Date: Sun, 25 Sep 2022 14:08:44 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 560404359626973e1abdd59b212ac1e2
d44e105a8169c6b10be70529e890a8c6f78dd354
9b9b440eb3c964ca53df173b6078d58e9536949ff121e2146bccab1d56e99c95
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9B9B440EB3C964CA53DF173B6078D58E9536949FF121E2146BCCAB1D56E99C95"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10480
Expires: Sun, 25 Sep 2022 17:03:24 GMT
Date: Sun, 25 Sep 2022 14:08:44 GMT
Connection: keep-alive
kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
104.21.11.149200 OK 214 kB URL HTTP/2 kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 214 kB (213726 bytes)
Hash 81ccccc41d243817a1410c75dad08ce4
9b3915c9ca4f109febc0316fece6de5920daf5fa
82782b1bc275199a4dbf88991a53a8fb4ec9e15717e5a8f3bd8dd39245cb665c
GET /bdb76ee62e2d3b0527928af1d081b9c5.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:44 GMT
content-type: image/gif
content-length: 213726
last-modified: Sat, 24 Sep 2022 08:44:56 GMT
etag: "632ec388-342de"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 78154
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f67Ek9xBhbjL1bOHegglS%2FCGUuJ1Q2JzYpG%2BIylo8WjKamOZJBx2ZSz66caF%2Bm%2BzLYk695iOdxapQ6XcXJZT0QgdYzEXTgpo%2BHWrmU6ixoOlTOw9OXwLt4CTACZN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045563fb9b1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
104.21.11.149200 OK 469 kB URL HTTP/2 kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 469 kB (469238 bytes)
Hash 77dc9f46896736ff82652d425e3d7c0c
a0456a2a8328e68ece702aa5f25429dc5d1d1a65
72df92f0ecdf69f4101ef47f405351d754fe3ad3ded507d368a15e606e6f25d6
GET /56cc11988c765affc4cee39616e412ce.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:44 GMT
content-type: image/gif
content-length: 469238
last-modified: Wed, 14 Sep 2022 07:32:35 GMT
etag: "63218393-728f6"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 945959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLuHmtIQMVeeF%2FZ0qfedEWEhZS92q8r13BxzkMV1C1kpfsh%2FnUchlxj8TDiRy4XSyv1NP%2FZlkASf2X%2BcZQTe2t0Ud0lIqdWTh%2BhkbM0YV%2FddNplzH2pHQ44ocpXV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75045563fb9a1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash 2b52d6f3418410e14c8d5f80ed991849
433fe266711e84fb471b57d8ed666d73a7de2e71
681a096b4890de0f6beaf23e2e5a617fc1ba50699a65bbb71362a3d571b0cc4b
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dc88bd520f9ca8d250adcbda5a03e4bb
bcb37558c61c370bd6dee1e4cd8c342ad648b5bf
ddf67c392b9a630d9ca237a83016f61bbf16f98ec6e11b8cd26692535e655ae0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 06:43:01 GMT
Expires: Sat, 01 Oct 2022 06:43:00 GMT
Etag: "bcb37558c61c370bd6dee1e4cd8c342ad648b5bf"
Cache-Control: max-age=491055,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75045562298e0b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ad9c203d1c86b5f0a3efaf788fadd4af
15b14b06cc59f46b130c141625939e7a4ba40169
82bbee7042b0c5fdc40bbeafdaeba7b704e63f2ce5ca2fadd8477b9ea83a46ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:44 GMT
Server: ECS (amb/6B84)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 82d0d6324d2ec235eca748c2775d9c78
6b5971ddd9f600c73938163b57aebe34c9abd909
b0ce2cbe4144c839145255c4859c3e5c49c429ea5a87b082e141cc7ea86051ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 14:08:44 GMT
Server: ECS (amb/6B73)
Content-Length: 727
collect-v6.51.la/v6/collect?dt=4
139.9.63.194403 Forbidden 0 B URL HTTP/2 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 369
Origin: https://www.niumo249.xyz
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Sun, 25 Sep 2022 14:08:44 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.niumo249.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 000e6c4f7f7f67dd58c9d69ccf1fd1ab
bd0e152927e5874f6fbe643b3ff3917a20edcddb
7ffd2d237f9db05af62a13c94543d3f5057a7fbae6f1dd577ca2595ee9b6a11c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 02:47:48 GMT
Expires: Sun, 02 Oct 2022 02:47:47 GMT
Etag: "bd0e152927e5874f6fbe643b3ff3917a20edcddb"
Cache-Control: max-age=563342,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750455659cc00b55-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab1551bf96d4312c96063b432f25addc
03d34990f8a1d8cb50df48cdd496772dc45ceee6
504868d776e2b39947f2352a4c8f34b6bf581b96d2b5daf01183c995d14f9983
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "504868D776E2B39947F2352A4C8F34B6BF581B96D2B5DAF01183C995D14F9983"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3817
Expires: Sun, 25 Sep 2022 15:12:21 GMT
Date: Sun, 25 Sep 2022 14:08:44 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=564646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75045565a84b0b02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=564646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75045565aeffb4f4-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=564646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75045566adbe0b55-OSL
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.177.104200 OK 304 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.177.104:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 304 kB (304285 bytes)
Hash 230cbf723011f9f91ccc4214312245d0
55184e10225ead4ef852ec40dbb140e52552b38f
1b67ae25d6213db18947e1f8e42bc4f7dc02ae41bf7941c73395c79741870236
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: image/gif
Content-Length: 304285
Connection: keep-alive
x-oss-request-id: 633060EB1F48743332F01BD9
Accept-Ranges: bytes
ETag: "230CBF723011F9F91CCC4214312245D0"
Last-Modified: Mon, 19 Sep 2022 11:04:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10033225339777913705
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Iwy/cjAR+fkczEIUMSJF0A==
x-oss-server-time: 3
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 14:08:44 GMT
content-type: text/html
content-length: 162
location: https://acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
45.61.212.125200 OK 1.0 MB URL HTTP/1.1 66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
IP 45.61.212.125:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
Analyzer Verdict Alert quad9 Sinkholed
GET /e0b4ad53309b4c0980b2ceb461415106.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2749-f90bb"
Date: Fri, 09 Sep 2022 05:49:14 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:33:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-25
Content-Length: 1020091
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=564646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75045566ad5cb4eb-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0376b5a1e7127ededf254f5ddc67fc7
05dcecad7c8ddb9523edc4a7bf495f6b503e167f
59b6c3c06dcf0d2077dccabdcf5b275a0670254dad2de808ca35971a29230208
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "59B6C3C06DCF0D2077DCCABDCF5B275A0670254DAD2DE808CA35971A29230208"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7823
Expires: Sun, 25 Sep 2022 16:19:07 GMT
Date: Sun, 25 Sep 2022 14:08:44 GMT
Connection: keep-alive
acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
104.21.235.96200 OK 344 kB URL HTTP/2 acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 104.21.235.96:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: acooss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo249.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:44 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Tue, 25 Oct 2022 04:31:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 34633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuD%2BxEcfuLRWACRbA3hLDO1lF3LX9OWvbOXzVfC2rzKNnY7919r30OP8%2BX%2FPJXgta5tkPypaj0cn9swMKlOUQRvly9uuq3pLjJILRA74KryolVrQk7I%2BRLnYg0DL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750455682eb976b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0376b5a1e7127ededf254f5ddc67fc7
05dcecad7c8ddb9523edc4a7bf495f6b503e167f
59b6c3c06dcf0d2077dccabdcf5b275a0670254dad2de808ca35971a29230208
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "59B6C3C06DCF0D2077DCCABDCF5B275A0670254DAD2DE808CA35971A29230208"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7823
Expires: Sun, 25 Sep 2022 16:19:07 GMT
Date: Sun, 25 Sep 2022 14:08:44 GMT
Connection: keep-alive
u0062.com/86b4c5b5e42b447492665532b841e916.gif
20.239.191.22200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP 20.239.191.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
103.170.15.109200 OK 219 kB URL HTTP/1.1 95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
IP 103.170.15.109:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 128 x 128\012- data
Size 219 kB (218557 bytes)
Hash 4dea2422e271cea76f0e1129e96a4ab7
5c24ffa9522829ba0c163284f74a60815336c084
d3edbddff31ba83b46fef890e2e6bfd8308e909581de17000b95921d12230036
Analyzer Verdict Alert quad9 Sinkholed
GET /fd1d4490b68648e2ba933a8a6394fb13.gif HTTP/1.1
Host: 95865127529.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6329479d-355bd"
Date: Wed, 21 Sep 2022 03:43:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 20 Sep 2022 04:54:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-39
Content-Length: 218557
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
20.239.191.27200 OK 212 kB URL HTTP/1.1 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 20.239.191.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212090 bytes)
Hash 7748134fdc0cc1835a47a2e1f3f3f18e
45c533fb73f4d6cc4f882fdaa1bf8c7cf72c6cb6
ae6f83fd285258413481d2a4a15128dd099e1369bc01b35ec35f33784ef59627
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:36:59 GMT
ETag: W/"632443bb-3f4d0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
182.118.39.171200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 182.118.39.171:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 14:08:44 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 3477365
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=9
via: CHN-HAzhengzhou-AREACUCC1-CACHE65[9],CHN-HAzhengzhou-AREACUCC1-CACHE64[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE119[42],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,40]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
i.imgtg.com/2022/05/19/hTEgx.gif
219.159.84.135503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP 219.159.84.135:0
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash 18644a8313b3029eb084a8a0903bef30
6e52b1c86fc232275c23864cc55aa316c4f13a2b
a1f13b92ff56deeb1c7d68db9b3471583ee0daf43090aa3e9f0596deefdf5c25
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 14:08:45 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_91a267219e16a1d7434903dd92b812431664114925243; expires=Tue, 24-Sep-24 14:08:45 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: bb3a224486f3377b-142
content-length: 596
X-Firefox-Spdy: h2
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
45.61.212.174200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP 45.61.212.174:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Sat, 17 Sep 2022 04:35:43 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-14
content-length: 236734
X-Firefox-Spdy: h2
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
45.61.212.174200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP 45.61.212.174:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Sat, 17 Sep 2022 04:35:43 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-14
content-length: 445140
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.129.255.47200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 116 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 4d488c1c-52df-4664-8191-be239278936c
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.129.255.47200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 70234 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: cd6c7707-8cc0-4397-a10b-d21466446ff5
X-Firefox-Spdy: h2
885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
47.75.19.14200 OK 94 kB URL HTTP/1.1 885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 200\012- data
Hash be67baa9c715136dff120d9645435ea0
c3326ce07fdd64f6e1538d539cfcb60a6bad5fa1
f010c0663ac0e8e9179459c11c8496a73411ed4f99b361868221c4de73e0563a
GET /8f2a8ec30bfc478abefd69fe3ff8bbeb.gif HTTP/1.1
Host: 885841.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 25 Sep 2022 14:08:44 GMT
Content-Type: image/gif
Content-Length: 94436
Connection: keep-alive
x-oss-request-id: 633060EC051F683936B83105
Accept-Ranges: bytes
ETag: "BE67BAA9C715136DFF120D9645435EA0"
Last-Modified: Fri, 26 Aug 2022 12:05:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2209351752192578304
x-oss-storage-class: Standard
Content-MD5: vme6qccVE23/Eg2WRUNeoA==
x-oss-server-time: 3
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 00e6ce5100b85a87f430a9e000f3f834
02bf014b033567b4f0db30e4b13179f0ce8f2ded
2b26716650cc953349a86504d9886a8ed344c6118ff425de896d6bf205aa824b
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 14:08:45 GMT
Ali-Swift-Global-Savetime: 1664114925
Via: cache11.l2de2[2,2,200-0,M], cache11.l2de2[3,0], cache5.se1[24,23,200-0,M], cache5.se1[25,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 25 Sep 2022 14:08:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916641149257667274e
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.129.255.47200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 25 Sep 2022 14:08:43 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 69489 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 5cb433a7-cf7f-4bb7-b7c6-7b76df72a85f
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.167200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.167:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 25 Sep 2022 14:08:43 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 633060EB23C05430387BC3D7
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 2
s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
203.205.136.105403 Forbidden 494 B URL HTTP/2 s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
IP 203.205.136.105:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type XML 1.0 document text\012- XML document, ASCII text
Hash 9391d9ed9eca4f2bea7b56408f87a11f
06afeaecd96df006c461f827465545720524a859
268e94cb963e42d394ac2da3657d481897ea2e0141e9c8e0eed02bbabddc77a6
GET /tousu/img/20211016/1690343_1634319306.jpg HTTP/1.1
Host: s.pc.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 14:08:46 GMT
server: tencent-cos
x-cos-request-id: NjMzMDYwZWVfNDgzNjQwMGJfMTMwYWJfMjljNWU3Yg==
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTQyYWVlY2QwZTk2MDVmZDQ3MmI2Y2I4ZmI5ZmM4ODFjM2NjYTQwYmE0ZDFhOThhMDFlYTNiMTVjOWRkYjZjNTg=
content-length: 494
x-nws-log-uuid: 14683010744707534040
x-cache-lookup: Cache Miss
X-Firefox-Spdy: h2
api.nmw43.com/news/data.php
104.233.148.41200 OK 0 B URL HTTP/2 api.nmw43.com/news/data.php
IP 104.233.148.41:0
GET /news/data.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP 23.225.222.2:0
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo249.xyz/static/fonts/voltaire.woff
104.233.145.194404 Not Found 0 B URL HTTP/2 www.niumo249.xyz/static/fonts/voltaire.woff
IP 104.233.145.194:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 25 Sep 2022 22:17:45 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=h5hhrjho2fjtkib6uv7v24l1fe; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo249.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.145.194:0
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
9191919199.com//960x60-2.gif
137.175.12.178200 OK 0 B URL HTTP/2 9191919199.com//960x60-2.gif
IP 137.175.12.178:0
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 14:10:11 GMT
content-type: image/gif
expires: Tue, 25 Oct 2022 14:10:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo249.xyz/smbaidu/tpwz.js
104.233.145.194200 OK 0 B URL HTTP/2 www.niumo249.xyz/smbaidu/tpwz.js
IP 104.233.145.194:0
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo249.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 22:17:43 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 03:09:27 GMT
vary: Accept-Encoding
etag: W/"631173e7-5a8"
expires: Mon, 26 Sep 2022 10:17:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
38.47.102.248302 Found 0 B URL HTTP/2 img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
IP 38.47.102.248:0
GET /images/6319d98e178bb5a0f9388071.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo249.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
cache-control: max-age=3600
X-Firefox-Spdy: h2