r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9631
Expires: Sun, 18 Sep 2022 22:05:13 GMT
Date: Sun, 18 Sep 2022 19:24:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 19:02:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j_Jd4rAoKcP1IC7rThnY3xdqgkeVplA3OxDyzGXyUq9qIiLdAESO8Q==
Age: 1305
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9lbdI83mb1HFykLfCu1m8vcRgcDsX3e_yiUS68zdAhGfQ6LzXEesVg==
age: 53369
X-Firefox-Spdy: h2
www.1390831.com/index.php
107.186.143.135200 OK 803 B URL HTTP/1.1 www.1390831.com/index.php
IP 107.186.143.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f852b94ab13eeff06d776c2ba9b9668a
595dceffa10baf183caa121d098d95ba9d5d0ecb
ebc1f346dba1639d0776cdce9e4cc23cf10086f4e5105ca6e4e47eab48ef4552
GET /index.php HTTP/1.1
Host: www.1390831.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 19:24:43 GMT
Content-Type: text/html
Content-Length: 803
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:24:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.1390831.com/common.js
107.186.143.135200 OK 628 B URL HTTP/1.1 www.1390831.com/common.js
IP 107.186.143.135:0
File type ASCII text, with CRLF line terminators
Hash f428f09f3f061423368a367ef9364309
658cd0bde399b05750a13355c3a05a6b219fe496
a7746b3a373b1e7f1656828ad16a5673fcb4c1c0fd7c3943b29c69ce9a3ab63f
GET /common.js HTTP/1.1
Host: www.1390831.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1390831.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 19:24:43 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.1390831.com/tj.js
107.186.143.135200 OK 537 B IP 107.186.143.135:0
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash dc6af4d482f228ff26306a88213d2f19
7a7520189b17f3311163ad6246494cf97b75797b
129e58ab41fd6d03e391ed07bca8044d253f2bcfd02f45bd67b204dce64679e0
GET /tj.js HTTP/1.1
Host: www.1390831.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1390831.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 19:24:43 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 19:03:22 GMT
Expires: Sun, 18 Sep 2022 19:07:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bwybhW3l20Lym_6xnYRqNtL7UrDLQ-ksCRllD1nDqX8pNuHenfPuMg==
Age: 1281
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1390831.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 18 Sep 2022 19:24:43 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:43 GMT
Last-Modified: Sun, 18 Sep 2022 17:38:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1390831.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 18 Sep 2022 19:24:43 GMT
Etag: "4078521116"
Expires: Mon, 18 Sep 2023 19:24:43 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=C202E3465FF9CCC17207401380E1250F:FG=1; max-age=31536000; expires=Mon, 18-Sep-23 19:24:43 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3c3e652769bd2d12bfafaa76c3af824b
dbc17113fc95b450dca8edb15e62c3300ec4bdf4
dae1a257a9aa77ffc9ea474a1caac17cbda2913a0226fd6e8b5481bd18e34dfc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAE1A257A9AA77FFC9EA474A1CAAC17CBDA2913A0226FD6E8B5481BD18E34DFC"
Last-Modified: Fri, 16 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16661
Expires: Mon, 19 Sep 2022 00:02:24 GMT
Date: Sun, 18 Sep 2022 19:24:43 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4d40b3cf9d69a388d5409a1787fbe15a
a57ad066111cf4bb92ba1a28e2160b20e26bcb94
c20b439679fee332d6d9bea268d6543c98ccde0ca288c04a7653fa2a2fd5ed69
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:13:21 GMT
ETag: "a57ad066111cf4bb92ba1a28e2160b20e26bcb94"
Last-Modified: Sun, 18 Sep 2022 16:13:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3130
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76a75e8efab4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4d40b3cf9d69a388d5409a1787fbe15a
a57ad066111cf4bb92ba1a28e2160b20e26bcb94
c20b439679fee332d6d9bea268d6543c98ccde0ca288c04a7653fa2a2fd5ed69
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:13:21 GMT
ETag: "a57ad066111cf4bb92ba1a28e2160b20e26bcb94"
Last-Modified: Sun, 18 Sep 2022 16:13:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3130
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76a76d3d0b31-OSL
collect-v6.51.la/v6/collect?dt=4
121.37.232.28200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 121.37.232.28:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 300
Origin: http://www.1390831.com
Connection: keep-alive
Referer: http://www.1390831.com/
HTTP/1.1 200
Server: nginx/1.18.0
Date: Sun, 18 Sep 2022 19:24:44 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.1390831.com
Access-Control-Allow-Credentials: true
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5MUQQTYHjlNh+12moqifxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pxw3UMtUgx1LltmoAFX3quVA/8Q=
api.share.baidu.com/s.gif?l=http://www.1390831.com/index.php
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.1390831.com/index.php
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.1390831.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1390831.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 18 Sep 2022 19:24:44 GMT
collect-v6.51.la/v6/collect?dt=4
121.37.232.28200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 121.37.232.28:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 301
Origin: http://www.1390831.com
Connection: keep-alive
Referer: http://www.1390831.com/
HTTP/1.1 200
Server: nginx/1.18.0
Date: Sun, 18 Sep 2022 19:24:44 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.1390831.com
Access-Control-Allow-Credentials: true
www.1390831.com/favicon.ico
107.186.143.135200 OK 1.2 kB URL HTTP/1.1 www.1390831.com/favicon.ico
IP 107.186.143.135:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.1390831.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1390831.com/index.php
Cookie: __vtins__Jb8ywabNUoU5WfA7=%7B%22sid%22%3A%20%229c04b0c8-456e-5bf5-aaac-c7b6fa9a8268%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663530865087%2C%20%22ct%22%3A%201663529065087%7D; __51uvsct__Jb8ywabNUoU5WfA7=1; __51vcke__Jb8ywabNUoU5WfA7=107a66c7-e0ab-566c-8cc9-7f0bdd6378c4; __51vuft__Jb8ywabNUoU5WfA7=1663529065092; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%226b4d897f-9251-57b0-94ed-fc5fc3167235%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663530865103%2C%20%22ct%22%3A%201663529065103%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=0e8ed348-ce03-560e-a741-7be7f2fcb29f; __51vuft__JdQpk0p36jq0lsZj=1663529065105
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 19:24:44 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 23 Sep 2022 19:24:44 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82cf5fbd37fbad1d213e20ba5ab72597
a9ad1142e2343ca38022ca7332c469f4e601e961
6b88c55e165922e12d276321780ba2fdedb91246ba65775f5d98a3eb602c29a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B88C55E165922E12D276321780BA2FDEDB91246BA65775F5D98A3EB602C29A9"
Last-Modified: Sat, 17 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21525
Expires: Mon, 19 Sep 2022 01:23:29 GMT
Date: Sun, 18 Sep 2022 19:24:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5632
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:24:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5632
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:24:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5632
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:24:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wxZ383nT9n_SBMH4D_k--23G7tb-2pQV0yDcUMvD17woMHbc2rx-NQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:53:55 GMT
age: 73850
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 77068
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 43783
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 43876
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2e5759fd404a039955868b121bbd075
04fb3179255ba5ec897ffc4581966945cc9fe2ca
42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: K_ZInDx3OZbVvpWZ5vnimzx-Dk5twaTGv9VGXMZHFpZ0YN7lKZ_5HQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:57:48 GMT
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
content-type: image/jpeg
age: 77217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 76602
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 93982df8e04f13cfa70d9103ce5277e0
5354014dd54e94cf7cc6fe7eded21a4383a78433
945397acb20b44337e4377d1af45f823071e973a28088bb564de769a5093ceae
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1390831.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Sun, 18 Sep 2022 19:24:44 GMT
Etag: fdb9337e51415a73f28b55c7c4cb0b86
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A773C4E8A11670EC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 186815329a30917bcbfebf3f67075ce3
7338d2f4b2afddf13196c16f7466fafa9f41ddbb
559da1aceab68266045b995b299adb9925361cc75bb05e05796159fc25ba384c
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1390831.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Sun, 18 Sep 2022 19:24:44 GMT
Etag: e4250fe08b2240a700283ff68cd57264
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C3F2BCD83BD52844; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=943040530&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=54162&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1390831.com%2Findex.php&tt=%E5%8D%97%E5%AE%89%E9%9C%B8%E7%8B%AD%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=943040530&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=54162&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1390831.com%2Findex.php&tt=%E5%8D%97%E5%AE%89%E9%9C%B8%E7%8B%AD%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=943040530&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=54162&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1390831.com%2Findex.php&tt=%E5%8D%97%E5%AE%89%E9%9C%B8%E7%8B%AD%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1390831.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 18 Sep 2022 19:24:45 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=612CEF532ED81EE5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1330013204&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=54162&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1390831.com%2Findex.php&tt=%E5%8D%97%E5%AE%89%E9%9C%B8%E7%8B%AD%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1330013204&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=54162&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1390831.com%2Findex.php&tt=%E5%8D%97%E5%AE%89%E9%9C%B8%E7%8B%AD%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1330013204&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=54162&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1390831.com%2Findex.php&tt=%E5%8D%97%E5%AE%89%E9%9C%B8%E7%8B%AD%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1390831.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 18 Sep 2022 19:24:45 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B6C7494E8C41861F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70c81208a56e43785465b8697d229d2d
46c2bb5c898db9e91b54546f2ee76c2f9b5917d1
768bcdd7def7d9f63a6441adddcc28ecc83d9fb63a6fcef52c0ac8a3d40a8986
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "768BCDD7DEF7D9F63A6441ADDDCC28ECC83D9FB63A6FCEF52C0AC8A3D40A8986"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1779
Expires: Sun, 18 Sep 2022 19:54:25 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70c81208a56e43785465b8697d229d2d
46c2bb5c898db9e91b54546f2ee76c2f9b5917d1
768bcdd7def7d9f63a6441adddcc28ecc83d9fb63a6fcef52c0ac8a3d40a8986
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "768BCDD7DEF7D9F63A6441ADDDCC28ECC83D9FB63A6FCEF52C0AC8A3D40A8986"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1779
Expires: Sun, 18 Sep 2022 19:54:25 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7372da635a46fd78d1270898c90050e
b8989a7dfb7706265a524e2d7f32ba7a2a606ca1
20ad42695cb8e554a90e0f0dba611a7fba79f3d99e4d28d973ac113a9904271c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20AD42695CB8E554A90E0F0DBA611A7FBA79F3D99E4D28D973AC113A9904271C"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12356
Expires: Sun, 18 Sep 2022 22:50:42 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7372da635a46fd78d1270898c90050e
b8989a7dfb7706265a524e2d7f32ba7a2a606ca1
20ad42695cb8e554a90e0f0dba611a7fba79f3d99e4d28d973ac113a9904271c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20AD42695CB8E554A90E0F0DBA611A7FBA79F3D99E4D28D973AC113A9904271C"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12356
Expires: Sun, 18 Sep 2022 22:50:42 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/5pakazyupnd.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5pakazyupnd.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 429a77e8f10c5b5d325ef0571476bd11
9da054a88257689791311ffd80502f826ba4763e
9f175f4c1e133e95cb9dcafe806a5d9bd8ccdbab4e747307b9a5434ff22548b4
GET /upload/vod/2022/09/5pakazyupnd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 10342
cf-bgj: h2pri
etag: "6326a625-2866"
last-modified: Sun, 18 Sep 2022 05:01:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF%2BiEcb7gb4ZTgjDxRWwpVkoWupPY9Xzl3Oop6%2FzJ26QjjKEmN1idHD1RJJlIIQUHkjJjrpbNf1LizPBAJc3cS%2FDF70gOAZEXMg0HPIf6MTJ%2FRf0osLoilwFRLp149OGukD0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d87edcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/bun0b31vdwf.jpg
104.21.235.64200 OK 5.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/bun0b31vdwf.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 186a841e7711872fc39e1abc5a8b194c
b732863fd471067e76e2ec2aad2ec9675b341742
c1b47fc72753d22dd8eea06d59eb50f2ce4acd34f9c40c45ddc4bc9a9278a8a1
GET /upload/vod/2022/09/bun0b31vdwf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 5280
cf-bgj: h2pri
etag: "6326a608-14a0"
last-modified: Sun, 18 Sep 2022 05:00:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Vlb1Gm8SrBXeB1yLhF3nmAxYO%2BwSB%2BlJeQy2cpNQrmqguPBDDn%2FOStPI1522bWjWP3ZZkjsjZN2c9XJa2eZiKxbvfbPuNJTU984sjVvkych4hnwpX1h4nn6jsbrNMjIiAWj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d877dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/rkbueyvypqc.jpg
104.21.235.64200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/rkbueyvypqc.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 914b909c564c430cc5096ed6dd42b9a3
d95d094508c642927669d8ddec33ae351798b2cf
cc3143dce3ef3e8e79efe20c1df3f5077b92e50fcda375f657927f61ddbc9557
GET /upload/vod/2022/09/rkbueyvypqc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 8759
cf-bgj: h2pri
etag: "6326a626-2237"
last-modified: Sun, 18 Sep 2022 05:01:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cCZwXumwx613GGKVB1UnfHiqcRYyORcMMndSRfdZ%2BiIKR6emxtqKNO8yKK6Mqxqiw2yTW8neh0Y21%2F%2FvD333MGBTm8559JvPG2YDJ2hTDxjJGNwk79CLxO9KhvC4qkpV13g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d880dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kgep1seqtjh.jpg
104.21.235.64200 OK 14 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kgep1seqtjh.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 46bbfd33f3c3e88ce01886c83ed6d77b
64dd0bb48e5f4904bf4df8328dfd801138ea20ba
87abeaab486acfea222f7b1d8f0088c27e20a65092a4302edd6cba8e3f9758e8
GET /upload/vod/2022/09/kgep1seqtjh.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 13842
cf-bgj: h2pri
etag: "6326a627-3612"
last-modified: Sun, 18 Sep 2022 05:01:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdcgjPt9o%2FsBVCFTPT0p%2B8ZTKtnGeWGPdozupbktRhMBJaQmuKsrLBoKo1p%2BKvVfD23WNGYPhERFYWx0QdmxGiPFZ59bAHMsqhrZlxJy5Ji%2FPkv3RSwylJ8wQFIRpU9iv5k6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d881dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/5jukhujxcto.jpg
104.21.235.64200 OK 2.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5jukhujxcto.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2e51f59c7a419d8cdeb2ef6c4e1c813c
84a5cd5a6bf8d99b2d48ab0b3d0753dcdac4ef90
69b0485ea4318010b818a418fea240db16ec1e0d336f77eeb3aa93244fb610d6
GET /upload/vod/2022/09/5jukhujxcto.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 2552
cf-bgj: h2pri
etag: "6326a606-9f8"
last-modified: Sun, 18 Sep 2022 05:00:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XElTMH6iY3d0UoASrCxXzoTe%2BnwL0JpvYKIWdA%2BReclj%2FBmccE6vI%2F6XfY5wawlObh4XaMFXMPU4O%2FNAl3MeHsYlJKlR%2BTjcGEYCStMwCs9u21RUIaiMrH8lzltqZ2BeGzKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d874dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7372da635a46fd78d1270898c90050e
b8989a7dfb7706265a524e2d7f32ba7a2a606ca1
20ad42695cb8e554a90e0f0dba611a7fba79f3d99e4d28d973ac113a9904271c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20AD42695CB8E554A90E0F0DBA611A7FBA79F3D99E4D28D973AC113A9904271C"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12356
Expires: Sun, 18 Sep 2022 22:50:42 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/aly1hyyomjq.jpg
104.21.235.64200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/aly1hyyomjq.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 73bb2df5b546f82bebba8d65e40b5486
7c5c7c030269b9f187009226aa47ff66021fc2bd
b4ab6dba6d11b9d823eb7aca48ab52911b330d95466cc5e9c878b68f70ed7102
GET /upload/vod/2022/09/aly1hyyomjq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 8727
cf-bgj: h2pri
etag: "6326a61e-2217"
last-modified: Sun, 18 Sep 2022 05:01:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5020
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNvrWm7YvYjefTVWDSJoZ%2F030R6Gx7wj1fymexmcYQenKxB5y7l9IxCG2pGrEssUyd%2FP8mTOdY20fDbGy%2BIG6jVA0nfplYGTOpVpAJBtOHZq8ebAprIyI4T%2FMhCuBZT0e8Hw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d87cdcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo243.xyz/static/images/hot.gif
104.233.145.173200 OK 254 B URL HTTP/2 www.niumo243.xyz/static/images/hot.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ka2v43jhqll.jpg
104.21.235.64200 OK 6.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ka2v43jhqll.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 7204de8a1f37b74b66e1cdf69aa90b26
758a652de4f2bd46390bca03249e16e513325217
38e7539074849e35c62f8b4df272105fd29f16f7dc52818fcbc8d877351bfa13
GET /upload/vod/2022/09/ka2v43jhqll.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 6124
cf-bgj: h2pri
etag: "6326a608-17ec"
last-modified: Sun, 18 Sep 2022 05:00:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5020
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSrB9xMe3u0iJcY4r7KJchW4ZawARrSe%2F3oolIuLhhVuGNWAcbuaApK8sUQ%2FuzEI4VwzIj8akxlAsGoXlwhV0mOCISog95aopiniMDCL2FZkGOTSJarDhUzvwyM2d%2BuPHUC0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d87adcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/vjboz4riwlc.jpg
104.21.235.64200 OK 6.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/vjboz4riwlc.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 0120937e433e4d31f44c1dfdd4cf0399
9340aebce8343b2442d8545caf3f52191ea643ea
9ed4fd94d7853ecac719c42871728b3f1959f3b04b38ac4156b630eae7563319
GET /upload/vod/2022/09/vjboz4riwlc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 6564
cf-bgj: h2pri
etag: "6326a607-19a4"
last-modified: Sun, 18 Sep 2022 05:00:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pksJrk6vTo3f9uR1Rl%2FlCdSNL0iS1TxuxN8o3ow6qkdO2F6pifujeHnW6GN0IXda0JAhdatvtKIAFAVWvETgTvrru2SqM7br69abBdNTqp78%2BfaMMbE6rVcHfkFcUVao6L4f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3d875dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/2n4tqylliye.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/2n4tqylliye.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 41d7d4d4300e3d11b0a91f67f08ccf48
682d1b09864aeb098359bc9c35d23cb2f8ebf203
8c0c08d9e7e2f697b6b85d9ed6d7b695f45bed3b6460f074e05ccc37a28d5666
GET /upload/vod/2022/09/2n4tqylliye.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 11758
cf-bgj: h2pri
etag: "6326a628-2dee"
last-modified: Sun, 18 Sep 2022 05:01:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5747
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8p2IcaHoutkaGukozLs6JbFYVuNYh7S5ch66yBP9OhkGufwbAAhPM0KC81MtQk%2FeX6lQMyuA8vzJCpRXKsGz48Qh8mQiYFnpopmU70qsI6lXC9wxjOyzt0fvbZ%2F%2BemryAcm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e89ddcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 19:20:04 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 278
fmtu.netfhtu.com/upload/vod/2022/09/1p0kmuurzqm.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/1p0kmuurzqm.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash dc1c82a827ca87ac8823d59f7bcb1716
8f234cd18a0a295bea2c110ba39841974e0be38e
4916c16a8cc5d1c4264d369e91e32bbed497793164c6d1582a330c2165963517
GET /upload/vod/2022/09/1p0kmuurzqm.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 11978
cf-bgj: h2pri
etag: "6326a628-2eca"
last-modified: Sun, 18 Sep 2022 05:01:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1890
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEzVhGjzCGp99mfBK4MWy%2Bchzrc64XYEimh50Okc2I6C%2BYzhqRpO1ZVuCbPD6P%2BLwctysEMxFMF8aHv%2FVCYl1dZ9tNu%2FCgn3QtXp8Np1zzWCb9JNr%2FOaPImVMJmVYkdNa1Pv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a0dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/zbeelowrq5v.jpg
104.21.235.64200 OK 9.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/zbeelowrq5v.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash fa464714a72e5a3dfc7cbae76ad84b05
22462797a6633167d309799c66e2de6e8f35a4f4
6d19e24586ebd868fe536385d8b4c740b3d87c5ae52c6fd4dea1f395c6129982
GET /upload/vod/2022/09/zbeelowrq5v.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9899
cf-bgj: h2pri
etag: "6326a629-26ab"
last-modified: Sun, 18 Sep 2022 05:01:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPjJw3ujNsscwZkFBZIRtYzDrayqTmIYPihhsYtAskdWgLVUFXpFhaDcZ6wBdNF%2BPuS9qm25ef8CzoA%2Bqvq6k1eS8X%2Fj4C%2F%2F82RHKO1XMoTuIXPQTbWEZyZrHWk8p512hFN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a1dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/lueesuxvgo3.jpg
104.21.235.64200 OK 8.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lueesuxvgo3.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 32b8756c250639ad61008aadad9fb364
f75a3dd46fdfcefda72f7dc633a6c1f15f215a99
8850908cfcbb45dbb08ce7956fcac3131b9d7a18919b28c7b3e75f4142ce9ced
GET /upload/vod/2022/09/lueesuxvgo3.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 8424
cf-bgj: h2pri
etag: "6326a62a-20e8"
last-modified: Sun, 18 Sep 2022 05:01:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1890
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOBY4UzXSUkYdBWtxmYodNGiO8bVD8D5OdKrifYbRaNpscj3c1m0shfmlkDFGwNKfUYnAR9DTfSoe2mBkYZYTllYy1RHsB3E243teYTeY1QsjuZMoWmOM63Z3XLQ1x58IxTD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a2dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/smtlfev3gvh.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/smtlfev3gvh.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ab99abe6ca68b327d7e843533f6a217d
d5eb645243896fc52151d160c329335ace2a0422
660fdc01ee7549c7718b30638c2def186f6d913d3aa066f147ed944d6db63622
GET /upload/vod/2022/09/smtlfev3gvh.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 11426
cf-bgj: h2pri
etag: "6326a62b-2ca2"
last-modified: Sun, 18 Sep 2022 05:01:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1890
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6AcLtb7RUSFyPeKVpUK6qwOZWGOuadKFVC9CWGeRvyoQcMHAuBuwnEFAxt44Np7lZBlRG87TWcVfBHHHDlpOVT%2BtFKFTcUH4lbw2td50J50r977WxYkzkhmBy62k9sJNs7j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a3dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/10yb2z31pl5.jpg
104.21.235.64200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/10yb2z31pl5.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 60268d5b2daa0e52c4afee8a1ff4a001
1cd219f340529a73611a4a9f00dda17e3f04a715
3b37812db861de3e40855c60f63c378b36c0210f00118abb52d2c4734e303b4d
GET /upload/vod/2022/09/10yb2z31pl5.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9004
cf-bgj: h2pri
etag: "6326a5a0-232c"
last-modified: Sun, 18 Sep 2022 04:59:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3366
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcnEFIucJZfNt1vANtnu9%2FyDxaHKCtgVsg%2FzQdyOUdXsPdpqIH7JaeSlrah7%2BYYUTsUTHaWYgPC6WysbsHG5iIrBBaAD9dRGAf7W4I7i2Hi4Y31Yf15v1og8%2FcXCQkYUL6BJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a6dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/bvkrato5g2m.jpg
104.21.235.64200 OK 6.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/bvkrato5g2m.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 74d79b6891cafd672956c8cee889a975
e7fbd31bc78d3d8937683b64fd75b876e74b9351
129c1ab8c58647dbfa8feca4cd26241c58e74212806eebb543671d8d9fc40107
GET /upload/vod/2022/09/bvkrato5g2m.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 6741
cf-bgj: h2pri
etag: "6326a5a1-1a55"
last-modified: Sun, 18 Sep 2022 04:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLNa5EDrlax8rxsZJJGURlL2sJJcwrBTlrF2J2PHM7hpojAsJOQXrd9%2BXRNSufhEijf9tILsDnNDH%2BF5C2fTi6Qi1OHwhxMcNt5q3fVNN2R1RLMUTaWVFKyRy8QK0nCJj%2FPU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a7dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/5yhgx1oydjr.jpg
104.21.235.64200 OK 9.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5yhgx1oydjr.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 29acd298bcb1e4829595647c28f697c2
e2b7831afea9a7e657caca0b78e86c704402a3d8
50e4521df9efc40f7052f99364b34c84eadbe21224cd26fe6787cadc07b51531
GET /upload/vod/2022/09/5yhgx1oydjr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9381
cf-bgj: h2pri
etag: "6326a5a2-24a5"
last-modified: Sun, 18 Sep 2022 04:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dwl%2Bwg%2F0pbbGqAlulBWuGzW1MBFLJQHqjzL9fo9XTI%2F3eUMAxucvuReEDxeclZ9Y47T0%2B9x7gPG3jngZLhmIBsEeHFAAtJkrBThvfqdnCV6ve08wb7dgYrjJPiEiAgwq4hV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a9dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/gwvvtbulhq3.jpg
104.21.235.64200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/gwvvtbulhq3.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 81ea4ff7495f599ac195d2f16c6a57a3
5411a87121db1dc9e9f3aa06ceecf57e800bb6c1
70a2e78558987b1180773f4eaca0faa62faab5811c8754dd649764273460611a
GET /upload/vod/2022/09/gwvvtbulhq3.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9732
cf-bgj: h2pri
etag: "6326a5a3-2604"
last-modified: Sun, 18 Sep 2022 04:59:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLfdlfpy%2F4QZ3KfvslFAwrtc9HGwNCWsWjx4tuFKjlr4YwAxBLsR4Z5aJaPb3603XbZXgoqUdpev%2BQX4yJSCJIvbtKpt%2BZJnQUyiQZkdLG5p30Zq7ShuZFbeKdhs%2BNJ138EK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8aadcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/rsy32obwb0q.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/rsy32obwb0q.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0cfc0c0314fe82b3d9564aa817d0c5af
41f2619533e5085e462a898e760bc123cc34f345
d3d602602e32f233b794fc59df027b10c42418fbdbdf4358e5041ba7bfcb3eb3
GET /upload/vod/2022/09/rsy32obwb0q.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 10376
cf-bgj: h2pri
etag: "6326a5a4-2888"
last-modified: Sun, 18 Sep 2022 04:59:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogSOojZBTY5GLMVMSVBPV2rSVk0p9tEQ%2F4JPM93BbNt1WSfwsZsr3uuwOigPw2XYFFtA6lUXlKy5nPsb%2FsFNL2gH4GyCNHF8NW3hVFI9vNDuYvEf8c%2BYzV0C3D3SDvhKaBs9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8acdcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kxm1phiobqf.jpg
104.21.235.64200 OK 6.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kxm1phiobqf.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 413e04b0b820193f2f55f3e0bcac0ac8
3246a74f23e273e588d3ac337d6c8513a86848c5
bc7143ee9970390fae71c58dbc412c12cb4737a5db54f2227ac8051921e98607
GET /upload/vod/2022/09/kxm1phiobqf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 6655
cf-bgj: h2pri
etag: "6326a5a5-19ff"
last-modified: Sun, 18 Sep 2022 04:59:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIRIqSYho%2BKr33xk2D%2BLfeLvT2m0DHFB772QgXiA1uce401RhXZ7zpsRtCOW8aXSrwcuYyO2lv1zLY919j74A5CsRzMDQVpmQmT9IRiKF3J64aWi4%2BzCcMkCltqqcdsoBuRT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8addcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/qjgeabx0iao.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/qjgeabx0iao.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4286141efbd0fd721d53f65c68c2bdcb
ee52da7b72acf7464e03cd0a2b42fb6375e76aff
c3cbab7b20648cfb92be04e4792e5ee427cda1b9fc80e01b53f6b4f21b13d3fa
GET /upload/vod/2022/09/qjgeabx0iao.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 11544
cf-bgj: h2pri
etag: "6326a5a6-2d18"
last-modified: Sun, 18 Sep 2022 04:59:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmE0e2lKlEXq4VSscPWCEt0BGfgX%2BpjQoTQph3dXmUjDBwvx%2Fz5rkgaaERDrr%2B%2B1jjqn2hNDL7YMJ%2BAe3yVvywye4aVzFa5w%2BSYjlZ1EQynwHGDro6NVuPTf3Wx8%2Fk8WHHWk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8b0dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/sayaendcls0.jpg
104.21.235.64200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/sayaendcls0.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7c41cb4bfc494d728bd06e81257f6b69
e2e30d3d74089423ca738084825f237c1bc200b8
0b26a248a49bfb9c952ce2cbee66235a0fe634a7cb5127aaad7a7fb1d37c88c1
GET /upload/vod/2022/09/sayaendcls0.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7422
cf-bgj: h2pri
etag: "6326a5a6-1cfe"
last-modified: Sun, 18 Sep 2022 04:59:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxkr06YMP8wfpNWanPGK%2B34KgBRLlPTSZc8pJHjzyFqVLJcl1xTTIVTnc2m0FBgoyQTo%2BgGdkyOGFtLCWFKuGKhtRFbArLZQiwjyjKLLyHjvZy5qHWAznRIpzLW0%2BEjel9ed"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8b2dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/quk12xbokfs.jpg
104.21.235.64200 OK 9.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/quk12xbokfs.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c13ad9233deac8c244e65111e72357fb
699ba055451cf862c390eb55d30ac24915a25438
cb5b1e9b6405b4a35f1db041776482d5b8837ae90915f8dca68c8112ec89ea91
GET /upload/vod/2022/09/quk12xbokfs.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9589
cf-bgj: h2pri
etag: "6326a62c-2575"
last-modified: Sun, 18 Sep 2022 05:01:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmgAbiOJDxJuP4dk0QOvV%2BO7TZHqdBjyewg87fPPM4vRH%2Bs7boxJ54yuIsjSKlBdopLwqoAqtpT29MM9pHGeI1iLUoJAfJdIHMIF%2F8PXEkpWEOA2FVqaqev3qu%2BxObnSD1ts"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8a5dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/3fuuaior33y.jpg
104.21.235.64200 OK 7.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/3fuuaior33y.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dd2fd89ce59678571ca701f22dc063be
6ae9e9480b6267bedebfdaf4487cc2597cdb8e29
04772756fb0f4c7a94d1561dbc72eac4e690ea8264938d0b7cddc28e2698d92c
GET /upload/vod/2022/09/3fuuaior33y.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7116
cf-bgj: h2pri
etag: "6326a5a8-1bcc"
last-modified: Sun, 18 Sep 2022 04:59:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD2zSbtZa2nAiK3NEkVpQieFceIhaVUB3z8Lxx8fcQXOlZ%2Fs4Sy1f5kQO8Bkffpuxypypen27ZdB6CnZ1AQbOG8jtWwPmnmBBUAkZtLH%2BeXVNhMYaUqXYFlt0AItGU4r64OU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8b6dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/reuadyohcbq.jpg
104.21.235.64200 OK 7.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/reuadyohcbq.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2fffe9eb9c7d8baea136b9ac7c4f80bf
875f77188cc01788b99f6962e64f52dcc9707e69
9b22fc920561ef91885482962ae9846c1f8e519221fba15b43187685f7cb196d
GET /upload/vod/2022/09/reuadyohcbq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 6960
cf-bgj: h2pri
etag: "6326a605-1b30"
last-modified: Sun, 18 Sep 2022 05:00:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yilV8DdZf707FdiRYjt0J3N2P6%2Bq%2BzRe7%2BVb4zONHTlGqI68ZpDvM8%2F3ZDR0VDEKi7wlWou2v2u9XXSpRJ2S1WrD%2Fqull4iauii8c7fAyUV8eMKVO0bUJpbAl%2BLua2XV01U1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8b7dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/wlwj1hdjf1g.jpg
104.21.235.64200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/wlwj1hdjf1g.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash d88904bde3f07ae2003b03a3dfc4ec71
08183a267bef188c44320da262149b7a0cb0e997
a3360525075aeb6d2f8c28d270d4da3a61946883faeed7e7836034ecd395607b
GET /upload/vod/2022/09/wlwj1hdjf1g.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7351
cf-bgj: h2pri
etag: "6326a604-1cb7"
last-modified: Sun, 18 Sep 2022 05:00:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUgGEorDRqS%2FarLMpztIOn4oLZ8xjoyuRsOXEuzb7%2BuI0LRWlU%2B7g94wN%2BQHl%2BUQI9II2P3hgtS0VhX3fHz3ml6zIz6cH7%2BtCI%2Fz2Ioz2YgwYIy9AuiUsgMAUsZbkVDG%2FprI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8b8dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/1ym30fc1kp2.jpg
104.21.235.64200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/1ym30fc1kp2.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4468ce36dc2258785cbff4a5a8139edc
f37f0f8cfe0d2a46c52617cc28b2876b1494a676
87bf7b6935815d1b464032fbbccea448806ac99d232a8f3c2ae043d0f7796b61
GET /upload/vod/2022/09/1ym30fc1kp2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7378
cf-bgj: h2pri
etag: "6326a5a7-1cd2"
last-modified: Sun, 18 Sep 2022 04:59:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1320
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wo4A5ljUlar0nOTrsm%2FlP9Ut4w6g9oZ%2BXho04Ubtp0JjFDbU%2FGDHI1zYZ%2BVOb0TpiD%2B2IwR6cGTA3IgadOccr3s2pcMm%2F2HfM0FHZlZy%2Blt7Bh7ARgpAuSBr9%2FCICpbg0Ag"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b3e8b4dcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kvbp3ec3s5t.jpg
104.21.235.64200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kvbp3ec3s5t.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f9a0be43c24f5cc57195acc1c59e7e6e
07f920c28731570a5d423aa9fe683bfa7d97cbd2
0b9117ee77c485c7db41629fa1338a629de25bfc40bcbfe63b77532c7208b413
GET /upload/vod/2022/09/kvbp3ec3s5t.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9678
cf-bgj: h2pri
etag: "6326a603-25ce"
last-modified: Sun, 18 Sep 2022 05:00:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9IY8NZ%2FTzs8iIJHnbWObucVZLMn6%2FaLS0AmCVzDxHL3pTSzyJes27wGsDN7a2m24ZhE0XCGx2hrba06TVYujYof4w4t%2FrS1b7RuC3kKvHo02yC74WrnemZ2cguGlVYKDpZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b4190fdcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/j5wobt0jgjc.jpg
104.21.235.64200 OK 9.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/j5wobt0jgjc.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash cb2bfa27e63c984b80dc411576de1220
676c053ff6f0e39a7b41434e9cb7992e8b47d005
4078caea247d6757a3d13b493846b84b28c14d1701a05c5fc03c30290f2e8aed
GET /upload/vod/2022/09/j5wobt0jgjc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9251
cf-bgj: h2pri
etag: "6326a602-2423"
last-modified: Sun, 18 Sep 2022 05:00:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2717
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QgQFqvVelzBYnHmBz42k2SnhpwLgxhi2amTSTIkHceJgzpWszSz3Cm7x5Y%2Fxjzmyj7Abgi4F%2BE4aPa4%2B%2BpccSXuGI8T8BLyDdWclrWPEv6zZlY6znsoAe5OaOyeotPKQfst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b4192edcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/dr1libbhceu.jpg
104.21.235.64200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/dr1libbhceu.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 345ad7fbbe332c4c2101e142c92f45b9
ac59e1869fcc37a5916cdd32f10a5810a0fbffc4
df34de4f478e68519a3d877d4e339790d70e3b2ab412a5ed2c3db239580741a1
GET /upload/vod/2022/09/dr1libbhceu.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 12682
cf-bgj: h2pri
etag: "6326a601-318a"
last-modified: Sun, 18 Sep 2022 05:00:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2717
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIC9yC%2BUyhnTqE%2BTuNeJ2YXj0%2B%2F08a4J6ITMqrGl7pRd0hneYujJuCloaqm8lJFpcxrnybZXNmHD%2FcSk3BTmyxbRGHLZxOzEvv1FLi3OZfvYXftFRRU7X1%2BH%2FT55AtDlkddi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b4295cdcfb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44ca73dabba17d83e5a5741fb5c4da2e
022faf0a0ee7ab74c4cb145b6ab072f85e152f19
67834dc8e68e99c3c30b253c515dd4d4bee66cab78b0f29988b8fd761dbd44a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67834DC8E68E99C3C30B253C515DD4D4BEE66CAB78B0F29988B8FD761DBD44A9"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17023
Expires: Mon, 19 Sep 2022 00:08:29 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-18/13/sv5x423wlyb1301sv5x423wlyb106049.jpg
104.21.235.174200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/sv5x423wlyb1301sv5x423wlyb106049.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 13x10, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dc1f0f565b8feeb75e964b189344c875
1ee4d67cbeb2b217c3e5620025c6134f6a42ab9f
ee95377dbb1b325de7687951dbb056a72cf1e59ac5f66505703cdc2e43895ba9
GET /upload/vod/2022/09-18/13/sv5x423wlyb1301sv5x423wlyb106049.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7311
cf-bgj: h2pri
etag: "26e727ab1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 581
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ0LeTPEVgpZOWC4Mc7FAY0tI5%2BFC55047yFsUdPjDylxgUhQJXMey32bEQBjmcstNpymJEvOujC%2Bh0daHF5lXtLLOI1LSSVbPji9eb5p60vDEVpK%2B8cfjxIqPfXI%2FnwsBsg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b46d8776db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/mwiuioayic21301mwiuioayic2116051.jpg
104.21.235.174200 OK 8.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/mwiuioayic21301mwiuioayic2116051.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 13x10, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7c9c1073f5994eadf9b2fb03c7cdc698
f0e4629ad8142f025b80ae9abbe5baa8178cfbdf
3dd65a3a45244ec14173e53a1ff57be7b6375ab6ed37a5beb5c2bb846337f626
GET /upload/vod/2022/09-18/13/mwiuioayic21301mwiuioayic2116051.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 8094
cf-bgj: h2pri
etag: "91cdafab1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auTzqiVGgi6V9Ab7IQ2nTWkmfKUsnyirYbyN8msrPOdaa%2F6YUowULIXzwhXVWpIY3M40asP1cygM671a2ZE8sousJTHuhmAC4Y6eOcs6dCg1qG3GZS1JzxGOll0nL9cKyZu2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b46d8a76db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg
104.21.235.174200 OK 7.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 36be1f2b24491b56fd8d6e7ea5f9715c
1be456f0ef06e94e25394a48468f444770a89b05
6cbb7388287d11c3c14be43ecde3588a3639edb0642c1646dbbce0a6283efba1
GET /upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7181
cf-bgj: h2pri
etag: "980a0aa1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3yjovPSb8n3%2Fq3EZ7L6gjFQTuNuguR5CD2SzIxu0l9V9RIWvvTMB%2FXoCK4YaWRgYAURkho0uWnFVIPI%2BCP5i7SyY13bG1zBIn9Vwdd2yPx3W27Hr7pXEvmT%2BIMP9vA0IGXf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b46d8476db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 19:20:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
fmlb.netlbtu.com/upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg
104.21.235.174200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ad4517eff3f949a1e836b97324b70d2c
a726b6395801bc8260372ae1007043f659a54cee
f91cb25c0c368bbd3e6c39911771b073b6a158d7d8a8ba950948ed6ac9e1115d
GET /upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9267
cf-bgj: h2pri
etag: "2d1b6da81bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNRo4UuOprk8Y9JrR4dLBDBYMGzM4F3JRwrhmJ6po5KFT5FQA9UqvBQ3DGg1vQv3CDNaSuDtFIzraSECQ3o2cfLC3IW6g%2BXdlCmZVMz9j4J9u6FHEqF%2B8FxpTftrEXz4V61%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b48dd076db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/zrb01trv5bl1301zrb01trv5bl126053.jpg
104.21.235.174200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/zrb01trv5bl1301zrb01trv5bl126053.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 13x10, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 441ba8775d7be70b3f60fe54a977661d
807b41d8f093f2f781670359bd9530ae5b504bb0
5aed83ecbd28a20d732bbd1f3240d2a1bff1713fd7289281e92dd04d18086ed4
GET /upload/vod/2022/09-18/13/zrb01trv5bl1301zrb01trv5bl126053.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9744
cf-bgj: h2pri
etag: "35335ac1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6994
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCevMwQCyiRNbBWXucue4IdXqbyp9hheC1NLvI4jp2cmA5rJ%2Fh%2Bf9ITWIHiHZh6z0Y9NH1RAz6XMZXb8%2Fp1iV%2FH9Y%2BIHdiCKZOArfqOCV7kUbtWNh49nkwI%2FpIqXlm%2FLYFge"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b46d8c76db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg
104.21.235.174200 OK 7.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bbffeb709423dc0ff2221628f182c020
a9f7ccae2b0127563cce0329cfff87b1120edc0a
b0e80eecb3b184b358b75133c9026f98b0efea7c6e829c744b1dcca8a86b5b40
GET /upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 7843
cf-bgj: h2pri
etag: "4af8e9a71bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7a8bHkpN2FUFibE3HCHFev2UiosGkzC%2FSp1WJa5hAJc65MUQrc6yqxf2ovbTp5YA4HLzERrOBSfiPUK%2F5tTY38wzTT65WMHcMXD0Vy3X2Cmf5w0xJbhz3wLH0qAyzWMgosln"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b48dd576db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 19:20:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 19:20:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3596bae821b7744f009c86ffe205ff57
e85c8e24d76667678bc05ccff3f46357e5422985
7738ad15d18b27b31b833d0cac5e02b83dd974d89d33bb9ed91404b184980d46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7738AD15D18B27B31B833D0CAC5E02B83DD974D89D33BB9ED91404B184980D46"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16188
Expires: Sun, 18 Sep 2022 23:54:34 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg
104.21.235.174200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c0b4deef3b7b6e455c3dabd4373e971b
01b2e03544228cc38144e88fd75b8de31e8e6bcc
4e254e0452b7b1d02f74c05bb5e3b84d7190632e76098d01339c72e2da9e2678
GET /upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 8721
cf-bgj: h2pri
etag: "edbf94a91bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfUPdyIdwAoMrZcOc%2FDtYiyBFA7faIsoRbPAaA7%2FsYDSinTxRKcMNxLKZ%2F%2BzmGH7aajEHHqQyEVt68ILw2Mb5xCpsZYNlhft5QhbOD8xyojeHcL2LmDyYKHD0jNmuico5vzd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b4eec576db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg
104.21.235.174200 OK 9.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f6d65c635c33ed84c3d20b9fe8e0ba73
53322f675b9d5fed33727ce5c7ca563a26580cea
cba331a8de5f714ca097aeb155e14d6dbbfc53b314bc793ed0e000d4eae2aa9a
GET /upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 9122
cf-bgj: h2pri
etag: "457b1aaa1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMqZQoKwhGhfGjdKG5%2BTq09f6587J0XjjTxgeW3XmMe2YaXoHbilSfANiz7zzKbbIEsbYzYtVHOxbpg%2BNx%2FmVUkkBwXIG0AmfgMg%2BOxLPPNMwoUk5ksxuhLcQCNDN1ALDGfi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b4fee876db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo243.xyz/smbaidu/tj.js
104.233.145.173200 OK 1.5 kB URL HTTP/2 www.niumo243.xyz/smbaidu/tj.js
IP 104.233.145.173:0
Hash 20730f05041f83b3d4cee11a691ec2d7
b72b62ce40d58a5ea29ade9f456e2afa49f9fd9b
23cf9c8f4d0fd312a4b68e4143e3885971e6600d69746f577d6cd5ef050e2da2
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 20:17:27 GMT
vary: Accept-Encoding
etag: W/"63092a57-bc8"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo243.xyz/smbaidu/tpwz.js
104.233.145.173200 OK 1.4 kB URL HTTP/2 www.niumo243.xyz/smbaidu/tpwz.js
IP 104.233.145.173:0
Hash cc8ede20ef320ab96fcdbc79cf5f8fc8
b45454e80124768f1b3e7a33fcd3f4ffb9255bd7
720f5fef87f4ea39c57f187a07c5c7002ee9d076ff0c599f767159ced1beb952
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 03:09:27 GMT
vary: Accept-Encoding
etag: W/"631173e7-5a8"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg
104.21.235.174200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 02bb2f03e004c58f8c131222a3d327d4
5549899e0365038ac5bacca9672e3a5892f01aa3
5cb5f8f1fef1ede1eb32cedf5963bc402b0c869721ab39fc691bc8449d66c82c
GET /upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpeg
content-length: 8870
cf-bgj: h2pri
etag: "783bfa91bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByVRUphpwMXYzqOc%2F4P86bSe6VUHC7ohpqGpLgyA5RmeraP%2B11WFz42W6OwUuWsRPzRjD2AeLZui82FSCfLkVZfGFyVem%2FAJF7QzbV8NoAJ6u7V%2B4TP002jM3hZOktzGAs99"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b50f2a76db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 006df268b8a04bf27db8ac726f939683
022899920bc71c1f3e3bf989cde4eadde5a3678c
f897a7926b6058a1c45d2243ed66b04e35732d40410ee1652778020a1c599729
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F897A7926B6058A1C45D2243ED66B04E35732D40410EE1652778020A1C599729"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2378
Expires: Sun, 18 Sep 2022 20:04:24 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75f9945833c2b6910a9b2635ffa55af8
199ac43ed64f59a344a0c2b7491daed40a5b2462
8b7645e554ab0d3561939b51fbfe1dd16e953a2c3ed90dc142e142ddacc97303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B7645E554AB0D3561939B51FBFE1DD16E953A2C3ED90DC142E142DDACC97303"
Last-Modified: Fri, 16 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19839
Expires: Mon, 19 Sep 2022 00:55:25 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa40601458e24db29b0d6a4c10eaf33e
0f9dc24d3b2a94615e492fa25358cf8883cdfd0c
e32fbef61e5055057c91bd006d36d07f1f583dbf23837c24dd937ba4e884d3fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E32FBEF61E5055057C91BD006D36D07F1F583DBF23837C24DD937BA4E884D3FD"
Last-Modified: Sat, 17 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Sun, 18 Sep 2022 20:58:40 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5aedd29fe0acf9d78186dccb07cdcb09
b03da32c1f550e86f0a322b1029e17bc324f3494
831992d05d90ccd324f85dd8f2ee8e1f9af5163d6cc4ea958af18b461733b469
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "831992D05D90CCD324F85DD8F2EE8E1F9AF5163D6CC4EA958AF18B461733B469"
Last-Modified: Fri, 16 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7397
Expires: Sun, 18 Sep 2022 21:28:03 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d70e1e7e62f859fe875d634bfd4439e
8eb623f87b14b95402379c76002164731b193559
e9fe853f7c23fdcd8811774c9144108e6736cf572a117b1cdcc1455f636b25a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9FE853F7C23FDCD8811774C9144108E6736CF572A117B1CDCC1455F636B25A7"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15891
Expires: Sun, 18 Sep 2022 23:49:37 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 543c5ce87465d45ca367a2d0189244d9
10bd4076a97976c5488d561c07c2ada3c248ad1e
fa5d70f48d0eb67c38e89b79b892cb2f1ecdcb8d4f30913525d4dd51845b0757
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:09:34 GMT
Expires: Sun, 25 Sep 2022 03:09:33 GMT
Etag: "10bd4076a97976c5488d561c07c2ada3c248ad1e"
Cache-Control: max-age=545686,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc76b59821b503-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98dd7381eb3994dd63a9bef644f7ab8f
75e9b312a710fafe42f4b146f70853b4f7229bf0
69c03b6d476e1212eb2e05dfd5d4b1abe0a616d96150c9482f8364d32cef86c0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "69C03B6D476E1212EB2E05DFD5D4B1ABE0A616D96150C9482F8364D32CEF86C0"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Mon, 19 Sep 2022 01:23:48 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 28303b38b9c7dda46b15e6537e5d8572
bbfbdb1e814ade09c0b96d35234afd915c09e5d0
1d5d1775f6920464b7bdc878424951bbe6a02d0ed56ccb663ba063373c828fc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3413
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 18:27:53 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 727
api.nmw43.com/news/api.php
104.233.148.41200 OK 9.0 kB URL HTTP/2 api.nmw43.com/news/api.php
IP 104.233.148.41:0
Hash c4477274740dafeed3fd262264caee9d
f2144e20dd5d82a2f09284b3ad128769486d97de
1137c8e8113a7bef13c21628889f74a358615d44276b9c671d4ec2a1399b2bb4
GET /news/api.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/news/data.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo243.xyz/smbaidu/dibu.js
104.233.145.173200 OK 6.8 kB URL HTTP/2 www.niumo243.xyz/smbaidu/dibu.js
IP 104.233.145.173:0
Hash d22b25c9c8c07997ef1dbd601e18d250
03e2680d6f9d6a526199b7e9a7499b4c9a0f3b90
40ed5fe8ef35430fb81cefaaed87ce5ff4849fa1da3caecafbb7a51032f518cb
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 782670d37037b21bd1bee9ee5d24f56a
32cada5ed62541b1c9f8f122ffd625d30a6707ec
39b804a8cd6992baeb1c82240b44d1b03add79f43936c0c7d70cf0fabe3d0862
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 22 Sep 2022 15:15:57 GMT
ETag: "32cada5ed62541b1c9f8f122ffd625d30a6707ec"
Last-Modified: Sun, 18 Sep 2022 15:15:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2219
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b5fad6fab4-OSL
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
104.21.87.253200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 104.21.87.253:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 14 Oct 2022 16:46:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 355126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Uh%2B9nJoC3KSFqs8Ckyvpkq5l%2FiA1nCqoyjdTzZHiZmyWdK5arlfmguo1JPE0gj%2FMDREc9ua%2FaHThuYMC1FeN3XcUwcfpFEc%2Bsx5mgn0pcMUzDktvI1iTtWU%2BzgR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b60c5ab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 543c5ce87465d45ca367a2d0189244d9
10bd4076a97976c5488d561c07c2ada3c248ad1e
fa5d70f48d0eb67c38e89b79b892cb2f1ecdcb8d4f30913525d4dd51845b0757
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:09:34 GMT
Expires: Sun, 25 Sep 2022 03:09:33 GMT
Etag: "10bd4076a97976c5488d561c07c2ada3c248ad1e"
Cache-Control: max-age=545686,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc76b5d98ab51d-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ce22d2e136023607c606a82fc48f6edc
eb56221b18fa94c363aa0c9033777aab0ec30b9c
54decf3bec938fd693c8e9522fd594bdd98890ef91ab7735a2f47cf1fa6d8190
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 15:56:06 GMT
ETag: "eb56221b18fa94c363aa0c9033777aab0ec30b9c"
Last-Modified: Sun, 18 Sep 2022 15:56:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2398
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b61f6cb529-OSL
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.147.13200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 15:18:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1569998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkkFEecOuJXNzAJt%2B9mSSJHsNyu9Hh%2B4BjPtasqccizfK5isJNEO5vguhIm77zFUg%2B%2Bv8TxtG1OU0xVtoIsmIpeRA%2BvCR0p2UkA%2F1o%2F3HjV7F9oViX7l%2F8Uc%2Fr0T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b61b84b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 923cf1d24baffb75e6e2ed9e452ca8e6
c91931fca912da91c8b761463d66720251183d16
84fa6049761c3e17a088aa1dc74cefdfc7e5684e14d14635d12ee426b3eb78a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "84FA6049761C3E17A088AA1DC74CEFDFC7E5684E14D14635D12EE426B3EB78A1"
Last-Modified: Fri, 16 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18884
Expires: Mon, 19 Sep 2022 00:39:30 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.3.157200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.3.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 8971318
expires: Thu, 23 Mar 2023 19:24:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b65c51b4f9-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0b7c76300270c2a58bee751edb7dcc9
6a8efdeaf67e625fdd170ae0e0cc121625f0c243
dcbfca90cf615341f11fcd1b4f90e544eb5fa2258d429c0287c5d91e8af50e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCBFCA90CF615341F11FCD1B4F90E544EB5FA2258D429C0287C5D91E8AF50E24"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2081
Expires: Sun, 18 Sep 2022 19:59:27 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e0295651d30a0d2e434e231cf89a0a28
22c934c7c7fe4681568ae9489100b14b5fa1f063
e8402e084684507c2e03ef222610b26bf7a826d5a6c2ac723cd4cd07294ccb2a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:41:13 GMT
ETag: "22c934c7c7fe4681568ae9489100b14b5fa1f063"
Last-Modified: Sun, 18 Sep 2022 16:41:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b67fcfb529-OSL
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
172.67.147.13200 OK 186 kB URL HTTP/2 kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Thu, 29 Sep 2022 15:13:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1656682
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEP3CS5Y9vTTRrshAjn5oy%2BUt6LhrQCe0N5wgDsPXuGveY%2FQpEfJUe%2FMcDxhbZLgKSwvy1d3NUkkSF5dj8s7Rls0nZgxc%2BKCucawZQOK1b789shbnyZS144XfuUf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b68c4cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: text/html
content-length: 162
location: https://acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 595821a3469e36aec60a4182c2630292
dca6d9b729a04f8ebb0957e564dbc4cba084709f
88663ca8659d190ac1a116dad0349c0206cce14ba124b3481cd1ba77d20cd5ba
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:28:01 GMT
ETag: "dca6d9b729a04f8ebb0957e564dbc4cba084709f"
Last-Modified: Sun, 18 Sep 2022 16:28:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1356
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b69bd1b512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e0295651d30a0d2e434e231cf89a0a28
22c934c7c7fe4681568ae9489100b14b5fa1f063
e8402e084684507c2e03ef222610b26bf7a826d5a6c2ac723cd4cd07294ccb2a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:41:13 GMT
ETag: "22c934c7c7fe4681568ae9489100b14b5fa1f063"
Last-Modified: Sun, 18 Sep 2022 16:41:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b69828b529-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 19:20:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e0295651d30a0d2e434e231cf89a0a28
22c934c7c7fe4681568ae9489100b14b5fa1f063
e8402e084684507c2e03ef222610b26bf7a826d5a6c2ac723cd4cd07294ccb2a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:41:13 GMT
ETag: "22c934c7c7fe4681568ae9489100b14b5fa1f063"
Last-Modified: Sun, 18 Sep 2022 16:41:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b6bbf8b512-OSL
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 595821a3469e36aec60a4182c2630292
dca6d9b729a04f8ebb0957e564dbc4cba084709f
88663ca8659d190ac1a116dad0349c0206cce14ba124b3481cd1ba77d20cd5ba
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:28:01 GMT
ETag: "dca6d9b729a04f8ebb0957e564dbc4cba084709f"
Last-Modified: Sun, 18 Sep 2022 16:28:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1356
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc76b718cdb529-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98dd7381eb3994dd63a9bef644f7ab8f
75e9b312a710fafe42f4b146f70853b4f7229bf0
69c03b6d476e1212eb2e05dfd5d4b1abe0a616d96150c9482f8364d32cef86c0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "69C03B6D476E1212EB2E05DFD5D4B1ABE0A616D96150C9482F8364D32CEF86C0"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Mon, 19 Sep 2022 01:23:48 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5fff3ee0c5fa5a1f49714cfc002917af
516fbe0845e49bde6f5f978a0f9a721d7bc0e695
a9cecbe17ad6c1d0f9a059bcd470f50ae55df3e1058ab4cf1b1d8a72b458851b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:45:16 GMT
Expires: Sun, 25 Sep 2022 03:45:15 GMT
Etag: "516fbe0845e49bde6f5f978a0f9a721d7bc0e695"
Cache-Control: max-age=547828,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc76b6fa3eb503-OSL
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 0a12c56cba62d203b93b6a6da7720105
b158bc60b510ba510b4905ab5fbbf2c5ef89006a
96f9e848c9f0e22466e8ea9cdfcd6546eeb88e0bb8832f5ccb9c273c34e2f390
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Sun, 18 Sep 2022 19:24:46 GMT
Etag: 05b8906dcb4f77633902ff763dcb2574
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B8C88F8B422C3215; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
104.21.234.40200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Mon, 17 Oct 2022 13:34:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 107392
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUiQMcBuyWxmwduZZcKK0dLI3Oy8%2FWx%2B9%2BVXAHPrpiBZOnQzAMkOzY%2FbKMI3%2FbKlpzJfzCLlXz3krFO38Rlj465yAsk2JCdEK8yz7CLzX7mrYDucFzI2PmEf7me1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b709127314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.189.203200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.189.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 12 Oct 2022 23:28:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 503799
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSbb%2B4iq%2B9YX5WJaTvNG8cS3feax54AbEFeeJHfPRdfJkU6%2FdJOHiyuEBkpQ6tyeF%2FfkfgtI0K%2B7b1wCxzu%2B7SJM16QXG3g8fXXyM64Z49ONePT4LMxEtsspxZ2RLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b79e7bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 923cf1d24baffb75e6e2ed9e452ca8e6
c91931fca912da91c8b761463d66720251183d16
84fa6049761c3e17a088aa1dc74cefdfc7e5684e14d14635d12ee426b3eb78a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "84FA6049761C3E17A088AA1DC74CEFDFC7E5684E14D14635D12EE426B3EB78A1"
Last-Modified: Fri, 16 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18884
Expires: Mon, 19 Sep 2022 00:39:30 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4c1e2817f22b8d2af60996fb5b80d2cf
f75eb7c1005930b22db927da7c011c2eaf228df1
3e317a2157359a74549e4793ec76d54cc02ac6c1f9d5fc94a208212294117896
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Last-Modified: Sun, 18 Sep 2022 18:48:14 GMT
Server: ECS (amb/6B7F)
X-Cache: HIT
Content-Length: 727
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 06c5ace62ae1c7b745bbefd8f0facd20
8d8c6f8e379afd4607eaf4b46f8277385ec3cc14
d69e229fcc9c1f9b07a6e0d0c2aebbc8995d8c8d821431dd50486a5e06cf14eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D69E229FCC9C1F9B07A6E0D0C2AEBBC8995D8C8D821431DD50486A5E06CF14EB"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2742
Expires: Sun, 18 Sep 2022 20:10:28 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae06db5dedfa08588be8fc8b44e16fdd
61b648ab25bf73fde671dd33dae97339244d6448
dca0dfed48c533f7c4265a261472057e0b4b7b228e7ac7466667c48563c32f9e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCA0DFED48C533F7C4265A261472057E0B4B7B228E7AC7466667C48563C32F9E"
Last-Modified: Fri, 16 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1329
Expires: Sun, 18 Sep 2022 19:46:55 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
104.21.234.40200 OK 1.1 MB URL HTTP/2 nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 1070 x 80\012- data
Size 1.1 MB (1058705 bytes)
Hash 1c8ef0df174c2b2bc21b99e5833a86f5
be5a4efc232a53d5a3a7a49d9e8be6c318801a90
8ef47b086718806f2632e8dd77ea1727a5159627e7dcd318d104b41b887f7795
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 1058705
last-modified: Tue, 12 Apr 2022 07:23:53 GMT
etag: "62552909-102791"
expires: Mon, 17 Oct 2022 18:34:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 89405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpJyOyHF2dei1Ymu8OAOqtmxa0w7XlPeyukbAbfEAevnCl8Y0DMN9JJr9rrPX2riisK5EZTQF6FKGMyZdFxc0SXurnIpSUZqsql7msuUZP98m%2FYUxTFcmmfapBII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b739567314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
47.246.44.227200 OK 716 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 716 kB (716414 bytes)
Hash ba75613bba3b42a68c22abef0e8befee
4e6565415bc8cf1c377c152e75af5095c0ad50b3
9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
GET /obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 716414
date: Sun, 11 Sep 2022 22:03:53 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 11 Sep 2022 09:59:19 GMT
nw-session-id: 2022091117591901015802909726CBE7E96w5x902dy
nw-session-trace: 2022-09-11T17:59:19.981531716+08:00 179
x-bdcdn-cache-status: TCP_HIT
x-length: 716414
x-powered-by: ImageX
x-response-date: Sun, 11 Sep 2022 17:59:19 GMT
x-tt-logid: 2022091117591901015802909726CBE7E9
via: n204-098-236, cache12.l2de2[0,0,206-0,H], cache4.l2de2[0,0], cache4.l2de2[1,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 012eb277ad85307c1451140c48c8451413cd4e1011b4c0d2ed7e7c662e3a84378ac9e81f423ee1b77cd23f59aefb0240ed5dcaf13b41ffeb73514e47759e6a30e9575e07f18680e89a9ec749ba3bc2cc0473d16ec32ecce324b0bbde29676722c3
x-response-lb: image
ali-swift-global-savetime: 1662933833
age: 595253
x-cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:0
x-swift-savetime: Fri, 16 Sep 2022 19:59:46 GMT
x-swift-cachetime: 31111447
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716635290867236140e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
47.246.44.227200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 780295
x-cache: HIT TCP_MEM_HIT dirn:4:12290215
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716635290867636169e
X-Firefox-Spdy: h2
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
172.67.170.228200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 172.67.170.228:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Fri, 30 Sep 2022 15:19:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1569897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dw%2B7NIqeOnAy2sVnAV120FQ3h80mFsBfQx7GhMAwYiVt1%2B9p1rovSNw8tOviGuvRkrKd%2FGGSLtdsnUnsJgcDPfpEGjyDC7MQTU0ZvylEOeyqFXy03lph%2F%2FRhbKC%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b85f48b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
47.246.44.227200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 09 Sep 2022 12:52:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 12:36:51 GMT
nw-session-id: 202209092036500102120750882371BE55ws9ph03dy
nw-session-trace: 2022-09-09T20:36:51.042624887+08:00 134
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 20:36:51 GMT
x-tt-logid: 202209092036500102120750882371BE55
via: n150-050-027, cache2.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017e264c470a200c75817d19215f4f0c4d0c8fe4cd833078a3f0c923d0a53a9f07ec897dc1eeece2414131fc93f86377bc0ecb7a9a69ed94bc789d2202a9035b0ca00f56ecb22ede539d03b4ac81b2968e5922b058dc71ca04727c531b7e170b9e
x-response-lb: image
ali-swift-global-savetime: 1662727978
age: 801108
x-cache: HIT TCP_MEM_HIT dirn:1:460249514
x-swift-savetime: Fri, 09 Sep 2022 13:44:21 GMT
x-swift-cachetime: 31532917
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716635290867276142e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ff6855265231ed46e5adf47f04b3558a
7a1847ffa3cdbee03c7b79b7847428be5db29c42
5db6abd9bfbcc4f08d83fcec629be61e1c669ad9b70e184c26104b359313a885
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:46 GMT
Server: ECS (amb/6B7A)
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5fff3ee0c5fa5a1f49714cfc002917af
516fbe0845e49bde6f5f978a0f9a721d7bc0e695
a9cecbe17ad6c1d0f9a059bcd470f50ae55df3e1058ab4cf1b1d8a72b458851b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:45:16 GMT
Expires: Sun, 25 Sep 2022 03:45:15 GMT
Etag: "516fbe0845e49bde6f5f978a0f9a721d7bc0e695"
Cache-Control: max-age=547828,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc76b79c9cb51d-OSL
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.40200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Tue, 18 Oct 2022 00:10:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 69239
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnxHRmFusk5YQWvqzMtia34QS1OyNZdCs830qMkMdtu3PPId4Wd3Y2huNZt2OFr4n2yq1v5K9OjtmA8R2ZvcP8nthY2p2TCXinI9fKyUI6N9qCwwwJcWpuJ7%2Frmb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b719237314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 92436063a5a756cd98ba562a7b740fcc
a7e252ac4afa95b2980181b70d86cf0eae008e29
a673e735b9e09dfbd9c91a5f397370c7f6b2ae2ba27aa5d526c10e12d4643fc4
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60f8309e02125cdf2dbd6cb7e997ebf9
258b690cd917f34110b0fdc314efe0468c8020c3
368cb9a748fa3639be05255795f4784dd4794320979d99ec51fda92aba45022c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "368CB9A748FA3639BE05255795F4784DD4794320979D99EC51FDA92ABA45022C"
Last-Modified: Fri, 16 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2014
Expires: Sun, 18 Sep 2022 19:58:20 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 06c5ace62ae1c7b745bbefd8f0facd20
8d8c6f8e379afd4607eaf4b46f8277385ec3cc14
d69e229fcc9c1f9b07a6e0d0c2aebbc8995d8c8d821431dd50486a5e06cf14eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D69E229FCC9C1F9B07A6E0D0C2AEBBC8995D8C8D821431DD50486A5E06CF14EB"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2742
Expires: Sun, 18 Sep 2022 20:10:28 GMT
Date: Sun, 18 Sep 2022 19:24:46 GMT
Connection: keep-alive
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
188.114.96.1200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Fri, 23 Sep 2022 23:42:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2144556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdC1%2BxbeF4ETrPBRnyy1llLcegPWlMwUSrBXVuEyOL2UIiCh2IMhvYm33o23N5Nd0s25QUE5NXtqpFrVrsNwS%2FQS29TGSbkgKN0nEjNmnx03j0kViW0%2BmDtHpMeX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b96ba4b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 92739f6a5b0448593a6ed2ffa5b63d80
7090f3cfc9031d4d386b657c417f62e97583a89a
3542a968c757fe718022c4035d1c36ec147c2458dd90b35c122f9a6baeb316a1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 02:47:46 GMT
Expires: Sun, 25 Sep 2022 02:47:45 GMT
Etag: "7090f3cfc9031d4d386b657c417f62e97583a89a"
Cache-Control: max-age=544378,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc76b85c4bb503-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae06db5dedfa08588be8fc8b44e16fdd
61b648ab25bf73fde671dd33dae97339244d6448
dca0dfed48c533f7c4265a261472057e0b4b7b228e7ac7466667c48563c32f9e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCA0DFED48C533F7C4265A261472057E0B4B7B228E7AC7466667C48563C32F9E"
Last-Modified: Fri, 16 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2975
Expires: Sun, 18 Sep 2022 20:14:22 GMT
Date: Sun, 18 Sep 2022 19:24:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash aaa90cd602db4b8188d5d4ccf2ef5589
6a372f1de1bcb721767c4b9de613b2b004ae76f5
07526f5e7aafb17ac42986b5880e7bb8e6043954efcb9bb20dc039fd52e17ebc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5228
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:24:47 GMT
Last-Modified: Sun, 18 Sep 2022 17:57:39 GMT
Server: ECS (amb/6B7F)
X-Cache: HIT
Content-Length: 280
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
182.118.39.165200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 182.118.39.165:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 2891527
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HAzhengzhou-AREACUCC1-CACHE68[3],CHN-HAzhengzhou-AREACUCC1-CACHE64[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE119[42],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,40]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:26:57 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Tue, 18 Oct 2022 19:26:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
u0062.com/86b4c5b5e42b447492665532b841e916.gif
20.24.205.46200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP 20.24.205.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 18 Sep 2022 19:24:47 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.234.200200 OK 1.0 MB URL HTTP/2 acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.234.200:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Mon, 17 Oct 2022 18:35:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 89348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y9YteHfd0ZRcm8745NwhrcjWZtyD1kuqyNL1dr9Jp3s0QkCFzlwPSA5A2yoJnsCpAAeczjK4sEV8zYQGAVHG4ecUUYtUq4XfpzKjsMGwrQcjB0K5ujr6O4Le%2FvUyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76b87c5a777f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=214359781&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=54163&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo243.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=214359781&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=54163&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo243.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=214359781&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=54163&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo243.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 18 Sep 2022 19:24:46 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C393762B07F51A3B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
20.205.44.42200 OK 212 kB URL HTTP/1.1 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 20.205.44.42:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212090 bytes)
Hash 7748134fdc0cc1835a47a2e1f3f3f18e
45c533fb73f4d6cc4f882fdaa1bf8c7cf72c6cb6
ae6f83fd285258413481d2a4a15128dd099e1369bc01b35ec35f33784ef59627
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:36:59 GMT
ETag: W/"632443bb-3f4d0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:26:57 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Tue, 18 Oct 2022 19:26:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
45.61.212.166200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP 45.61.212.166:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Mon, 29 Aug 2022 11:22:05 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-06
content-length: 236734
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4dd63b9e834836ba0c40f17056b2bba7
27f46f839bd15697d9b55f29b76107f5fcedc1de
ae9ee8b23c1c801b0163b818ae1f7530a0002e48a392cd9da887bcd9108eda7f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AE9EE8B23C1C801B0163B818AE1F7530A0002E48A392CD9DA887BCD9108EDA7F"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16877
Expires: Mon, 19 Sep 2022 00:06:04 GMT
Date: Sun, 18 Sep 2022 19:24:47 GMT
Connection: keep-alive
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
45.61.212.166200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP 45.61.212.166:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Fri, 09 Sep 2022 05:02:47 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-06
content-length: 445140
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
45.89.208.114200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 18 Sep 2022 19:24:47 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Thu, 11 Aug 2022 04:54:41 GMT
Connection: keep-alive
ETag: "62f48b91-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4dd63b9e834836ba0c40f17056b2bba7
27f46f839bd15697d9b55f29b76107f5fcedc1de
ae9ee8b23c1c801b0163b818ae1f7530a0002e48a392cd9da887bcd9108eda7f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AE9EE8B23C1C801B0163B818AE1F7530A0002E48A392CD9DA887BCD9108EDA7F"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16877
Expires: Mon, 19 Sep 2022 00:06:04 GMT
Date: Sun, 18 Sep 2022 19:24:47 GMT
Connection: keep-alive
66377311795.com/99083bf2ded945728bbad730efc12df9.gif
103.170.15.80200 OK 150 kB URL HTTP/1.1 66377311795.com/99083bf2ded945728bbad730efc12df9.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 120 x 120\012- data
Size 150 kB (149727 bytes)
Hash 0e9bfaa21ee2581b532cdd480cae8d21
c6d6ac847d1a4c884ac68d0b0a1a558e204b89c0
871c4f67357d0f68b8bbcbb50e15be64f3378be9ab0c9aa60775906c22ff8053
Analyzer Verdict Alert quad9 Sinkholed
GET /99083bf2ded945728bbad730efc12df9.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fa27da-248df"
Date: Mon, 12 Sep 2022 15:07:50 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 15 Aug 2022 11:02:50 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 149727
kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
172.67.218.101200 OK 344 kB URL HTTP/2 kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 172.67.218.101:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo243.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:24:47 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Tue, 18 Oct 2022 19:24:47 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiUS9bjLy1IIC3mzpIHCVjxw8rIb3gI5DX8L4Si70l%2FeVgm%2BsDJeKuPHGCLEKgSrTFAiwoTmFApl3pe2LOIq3v19kEI3tE0sFelBWi3gAM1oKjMIQ7%2FRC4ByMrlI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc76bb8c73b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
121.37.232.28403 Forbidden 0 B URL HTTP/2 collect-v6.51.la/v6/collect?dt=4
IP 121.37.232.28:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 370
Origin: https://www.niumo243.xyz
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx/1.18.0
date: Sun, 18 Sep 2022 19:24:47 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.niumo243.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
103.170.15.80200 OK 1.0 MB URL HTTP/1.1 66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
Analyzer Verdict Alert quad9 Sinkholed
GET /e0b4ad53309b4c0980b2ceb461415106.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2749-f90bb"
Date: Sat, 10 Sep 2022 09:18:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:33:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 1020091
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.145.173200 OK 43 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.177.104200 OK 583 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.177.104:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 583 kB (583062 bytes)
Hash 96ad401d59d1718860499f3d7fa5c036
41f43737b3862db5717b56847f2556b7b1481913
a9cade17dfb0575e6e21d7180bd17c03a67a530d283255454bbd96fb96dc21ab
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: image/gif
Content-Length: 583062
Connection: keep-alive
x-oss-request-id: 6327707EA966993032ACBD09
Accept-Ranges: bytes
ETag: "96AD401D59D1718860499F3D7FA5C036"
Last-Modified: Sat, 17 Sep 2022 15:00:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6566423440635606530
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: lq1AHVnRcYhgSZ89f6XANg==
x-oss-server-time: 3
885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
47.75.19.14200 OK 94 kB URL HTTP/1.1 885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 200\012- data
Hash be67baa9c715136dff120d9645435ea0
c3326ce07fdd64f6e1538d539cfcb60a6bad5fa1
f010c0663ac0e8e9179459c11c8496a73411ed4f99b361868221c4de73e0563a
GET /8f2a8ec30bfc478abefd69fe3ff8bbeb.gif HTTP/1.1
Host: 885841.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 18 Sep 2022 19:24:47 GMT
Content-Type: image/gif
Content-Length: 94436
Connection: keep-alive
x-oss-request-id: 6327707FFC567C3634B89933
Accept-Ranges: bytes
ETag: "BE67BAA9C715136DFF120D9645435EA0"
Last-Modified: Fri, 26 Aug 2022 12:05:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2209351752192578304
x-oss-storage-class: Standard
Content-MD5: vme6qccVE23/Eg2WRUNeoA==
x-oss-server-time: 2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.145.173200 OK 49 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.145.173200 OK 25 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.167200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.167:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 6327707E8A23F737351D7415
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.145.173200 OK 35 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.145.173200 OK 60 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/static/images/empty.jpg
104.233.145.173200 OK 13 kB URL HTTP/2 www.niumo243.xyz/static/images/empty.jpg
IP 104.233.145.173:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
104.233.145.173200 OK 15 kB URL HTTP/2 www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP 104.233.145.173:0
Hash 66e35057f4910cbfee4e99803e5acca4
c4fa9a7844894ecccaa74e63cce812c667bf9fc7
cdc14a23147c5bbb43fd8dbdb5ce792f59112775a872c9acab4d122d035ffcf3
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:10 GMT
vary: Accept-Encoding
etag: W/"61554e6e-1917"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 02f4b10a3889a3edd0baaf0f321c2927
19fefc196b185cd77617c0774318db4a28f796ca
8d2aa2e7e190b80d4ee2d8a6d7de092410f8c34eb5c7a1b47fa7ca4e103e16ae
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:24:48 GMT
Ali-Swift-Global-Savetime: 1663529088
Via: cache21.l2de2[3,3,200-0,M], cache21.l2de2[5,0], cache8.se1[27,26,200-0,M], cache8.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 18 Sep 2022 19:24:48 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16635290884027277e
www.niumo243.xyz/nmwys.png
104.233.145.173200 OK 3.1 kB URL HTTP/2 www.niumo243.xyz/nmwys.png
IP 104.233.145.173:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:55 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Wed, 19 Oct 2022 03:33:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.145.173200 OK 111 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.145.173200 OK 73 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
47.75.19.83200 OK 1.1 MB URL HTTP/1.1 tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
IP 47.75.19.83:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1071505 bytes)
Hash d71a0585aedaa3ec4afda6baec03ac6b
ad3a590c022e5d82b43efc4b9f159eb6598c4890
6bfb388b33c1e444ca7382fceadf93b83a753f7ff0c4c960f7b142732ac28cd8
GET /huazidongtu/hybbff.gif HTTP/1.1
Host: tupaiyy.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 18 Sep 2022 19:24:46 GMT
Content-Type: image/gif
Content-Length: 1071505
Connection: keep-alive
x-oss-request-id: 6327707ED0409B3238E214B7
Accept-Ranges: bytes
ETag: "D71A0585AEDAA3EC4AFDA6BAEC03AC6B"
Last-Modified: Mon, 04 Jul 2022 07:26:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7665046247320685581
x-oss-storage-class: Standard
Content-MD5: 1xoFha7ao+xK/aa67AOsaw==
x-oss-server-time: 1
www.niumo243.xyz/images/ggzz/dbhf.gif
104.233.145.173200 OK 137 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/dbhf.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 137 kB (137392 bytes)
Hash a112d6f3413ecd31e05d8176fe9d3f6d
0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
GET /images/ggzz/dbhf.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 137392
last-modified: Sun, 29 May 2022 19:06:59 GMT
etag: "6293c453-218b0"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/st1dfgtr5thfhyg.gif
104.233.145.173200 OK 870 kB URL HTTP/2 www.niumo243.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 870065
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-d46b1"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.145.173200 OK 126 kB URL HTTP/2 www.niumo243.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 125587
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-1ea93"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.154.254.32200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 39752 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 71b2f860-b61c-4abc-8275-ae0c7092341c
X-Firefox-Spdy: h2
www.niumo243.xyz/images/stvf4grh65uh54y.gif
104.233.145.173200 OK 996 kB URL HTTP/2 www.niumo243.xyz/images/stvf4grh65uh54y.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 995865
last-modified: Wed, 03 Nov 2021 10:48:32 GMT
etag: "61826900-f3219"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.145.173200 OK 315 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
43.154.254.32200 OK 1.3 MB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 1296026
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:22 GMT
cache-control: max-age=2592000
x-delay: 126199 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1296026
chid: 0
fid: 0
x-nws-log-uuid: 8faaa170-5728-4c58-9e0e-372d11cfacfc
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.154.254.32200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 523 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 7f3a722c-52e2-4e2e-a33f-cae4f6fa792f
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.145.173200 OK 551 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.145.173200 OK 410 kB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/4dfsdadsd5ghrt5.gif
104.233.145.173200 OK 411 kB URL HTTP/2 www.niumo243.xyz/images/4dfsdadsd5ghrt5.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 310 x 150\012- data
Size 411 kB (411269 bytes)
Hash e677fef93938e45f94dbdac40dcbe2ee
661f58d604341a3aaeacdb061e105cf88c5a4219
0f3ee208963c41dc1f36259f395e793a7e328aa7ab7a4a924df4d88323284047
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 411269
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-64685"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.145.173200 OK 1.3 MB URL HTTP/2 www.niumo243.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Wed, 19 Oct 2022 03:33:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.154.254.32200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:24:46 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 412 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: ef5bf7d1-ad47-4b3a-afeb-06abf2f52496
X-Firefox-Spdy: h2
s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
203.205.136.77403 Forbidden 490 B URL HTTP/2 s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
IP 203.205.136.77:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type XML 1.0 document text\012- XML document, ASCII text
Hash faadcd3c9e0139a38f469dd0b77b2c0e
b6849dfb57dc6e7f0bd9c31ef50753a2a1bb8040
11aa5542fdeecfb6090bd2543c2cbe1ac5af927dffad8a46e95ab45a43f5cca6
GET /tousu/img/20211016/1690343_1634319306.jpg HTTP/1.1
Host: s.pc.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 18 Sep 2022 19:24:49 GMT
server: tencent-cos
x-cos-request-id: NjMyNzcwODFfODhlM2MwYl9iNWI2XzIzNjk5MWY=
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTQyYWVlY2QwZTk2MDVmZDQ3MmI2Y2I4ZmI5ZmM4ODFjM2NjYTQwYmE0ZDFhOThhMDFlYTNiMTVjOWRkYjZjNTg=
content-length: 490
x-nws-log-uuid: 12812295654691312707
x-cache-lookup: Cache Miss, Hit From Inner Cluster
X-Firefox-Spdy: h2
i.imgtg.com/2022/05/19/hTEgx.gif
219.159.84.135503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP 219.159.84.135:0
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash 8108a74c5783eaf433cb2a0656ccbbbd
887c6d895d10228dd3fd572e4cab70183f568c21
439b87e843e04b0df928e365562ebbaf6c8d58ed0aef610ca66cffd8899fe589
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 19:24:50 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_8fe5aeaf8177cd98e94d3e73921ca9bf1663529090320; expires=Tue, 17-Sep-24 19:24:50 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: bae0be177c783779-142
content-length: 596
X-Firefox-Spdy: h2
img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
23.225.222.18302 Found 0 B URL HTTP/2 img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
IP 23.225.222.18:0
GET /images/6319d98e178bb5a0f9388071.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
cache-control: max-age=3600
X-Firefox-Spdy: h2
api.nmw43.com/news/data.php
104.233.148.41200 OK 0 B URL HTTP/2 api.nmw43.com/news/data.php
IP 104.233.148.41:0
GET /news/data.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1390831.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/style.css
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 18:30:54 GMT
vary: Accept-Encoding
etag: W/"6211375e-5602"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP 23.225.228.58:0
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
9191919199.com//960x60-2.gif
137.175.12.178200 OK 0 B URL HTTP/2 9191919199.com//960x60-2.gif
IP 137.175.12.178:0
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:26:10 GMT
content-type: image/gif
expires: Tue, 18 Oct 2022 19:26:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo243.xyz/static/fonts/voltaire.woff
104.233.145.173404 Not Found 0 B URL HTTP/2 www.niumo243.xyz/static/fonts/voltaire.woff
IP 104.233.145.173:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Sep 2022 03:33:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=jjbso9l525kubs27uaeocsqkhd; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 03:33:54 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Mon, 19 Sep 2022 15:33:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP 23.225.228.58:0
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo243.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo243.xyz/static/fonts/voltaire.woff
104.233.145.173404 Not Found 0 B URL HTTP/2 www.niumo243.xyz/static/fonts/voltaire.woff
IP 104.233.145.173:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo243.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo243.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Sep 2022 03:33:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=v4n8fgaeaallv5rgek92fv627v; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2