r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 59be8dfdd6f4ab82f394d3d5b927e065
dc8e8f1bbae495f84322e5efd0c42a39ef5be56c
7f251408f64b28bebfe96f3db5c3dde3d5ad5febbaf2964b3516c114eaa51f4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F251408F64B28BEBFE96F3DB5C3DDE3D5AD5FEBBAF2964B3516C114EAA51F4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16908
Expires: Wed, 02 Nov 2022 23:40:02 GMT
Date: Wed, 02 Nov 2022 18:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44ee7bbc64b0396b20a28944ea4ec4d2
dbb18d4238fa3a980e5c254ff25d3b39590b0159
2cc72ff87dcdabcb0a67d8dda7a7c440f8650ffe77f71602954a3076762be50a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC72FF87DCDABCB0A67D8DDA7A7C440F8650FFE77F71602954A3076762BE50A"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11623
Expires: Wed, 02 Nov 2022 22:11:57 GMT
Date: Wed, 02 Nov 2022 18:58:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f57d2cc1ab8bbee50dff2b2be18b9db
2c8acd2018995b9bbed8f4dbfa33c8044b293080
a25e2337dad42018caefae70e0e596a4006aa9c1fe6af7f29c93a21fda1554b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6371
Cache-Control: max-age=145142
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:14 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 11:17:16 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: t7DHKrtphtcxJ/s3SacKkPoJBblaXqLN0dpy9FPCpIYLe8dEx9uPQQ6vZ/+YznKfRsdT80JArDs=
x-amz-request-id: BGER2MHRMYXZ6QM5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 02 Nov 2022 18:46:00 GMT
age: 734
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 18:58:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
niumo69.xyz/
104.233.145.169200 OK 9.6 kB IP 104.233.145.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462), with CRLF, LF line terminators
Hash 4bb26d5b67b51f191fae36a6be112796
8afc8aff9a86596e6ae7839b08e3c0abdee253e8
e66570a09ab56a0847561cb5ce21cf03b63ff9efd586ba942eea58daa8ef0900
GET / HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd65439b27a0101cd831309f178fbb45
4daa9343dda0f37ba734e2b5500caf2728cf89db
37e6d155f598b5154e3ce96105c39798716b5d35e12a98b9aec172c160de5f6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5687
Cache-Control: max-age=139400
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:15 GMT
Etag: "63622518-1d7"
Expires: Fri, 04 Nov 2022 09:41:35 GMT
Last-Modified: Wed, 02 Nov 2022 08:06:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
niumo69.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.145.169200 OK 6.4 kB URL HTTP/1.1 niumo69.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.145.169:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 62dc779cd52fc5274d0d58bc681126ed
ec57b6123c132089389034ac34e968648addd172
565398da5418716a6b677bd1a6f4db8411b82693be1d6ab33a98f08bf054e576
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:40:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554dda-64a0"
Expires: Thu, 03 Nov 2022 15:06:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/template/RX@04dgr@r/static/niumowang/style.css
104.233.145.169200 OK 7.0 kB URL HTTP/1.1 niumo69.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP 104.233.145.169:0
File type ASCII text, with very long lines (2150), with CRLF line terminators
Hash 0a283d9eea419a321cd77b21629eb697
3fef09312419e3506c363b0cafb104884be4484a
c2389f428edaaac576d6b1b2d8e3189f4db5550710885ea4df5c71490729432d
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: text/css
Last-Modified: Sat, 19 Feb 2022 18:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6211375e-5602"
Expires: Thu, 03 Nov 2022 15:06:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kaahvLEtNVBgcc5rcxIpMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PYhyV8tTPVvSO9pAUnPfv308ats=
niumo69.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.145.169200 OK 10 kB URL HTTP/1.1 niumo69.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.145.169:0
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash 53af61abeb4c1a20e01f446c400e142e
8923004bb318d9e15cf02acfd1173f12327fea2e
70eb9cb2ebbe915e21d0d9996d64d71e94b024308c8fd57cee922d309ad66913
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:43:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554e92-994b"
Expires: Thu, 03 Nov 2022 15:06:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/smbaidu/dibu.js
104.233.145.169200 OK 6.5 kB URL HTTP/1.1 niumo69.xyz/smbaidu/dibu.js
IP 104.233.145.169:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
Hash 777b81e328fcec4008aad647ba319fc8
46c3bd95dfc26c93f20aef1095ef0ac166371cf8
3f10073bfbfa548737f9ef3657cb20569ff6326b483de3e2d0b6dcd4929b963e
GET /smbaidu/dibu.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 29 May 2022 00:27:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6292bde8-531d"
Expires: Thu, 03 Nov 2022 15:06:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/smbaidu/tpwz.js
104.233.145.169200 OK 521 B URL HTTP/1.1 niumo69.xyz/smbaidu/tpwz.js
IP 104.233.145.169:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7ea4ac48fc6044a5969a4644efca9262
d315cd47a14f4c485309d14cd935b94f0d0e1f1c
9f905b48b8dd9d2330b95829fcf2cfa3be6256db71d736052ebd401f1f93ad2f
GET /smbaidu/tpwz.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 00:37:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6340c649-5aa"
Expires: Thu, 03 Nov 2022 15:06:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/smbaidu/tj.js
104.233.145.169200 OK 1.6 kB URL HTTP/1.1 niumo69.xyz/smbaidu/tj.js
IP 104.233.145.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (979)
Hash e8051fb1b32ae7f1310fcfac8b13066f
1360be6c5e38ee44928e513b8ae4758dde8e6896
d03d17f4342cf5884030c4b6ef384c18de1d138d80115d41a4cc8bacabc962eb
GET /smbaidu/tj.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:44 GMT
Content-Type: application/javascript
Last-Modified: Sat, 29 Oct 2022 18:40:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635d738a-1033"
Expires: Thu, 03 Nov 2022 15:06:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
104.233.145.169200 OK 2.9 kB URL HTTP/1.1 niumo69.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP 104.233.145.169:0
File type Unicode text, UTF-8 text, with very long lines (9089), with CRLF line terminators
Hash 31e359f5cacb92dad752b32e3c6c0361
44bba5460162230d7b1b7d413c7382676523ce4b
f481364014b8a1dcd2783962146105225f2a99b0267d17ed941f927bd4b2c1b2
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:41:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554e0c-2506"
Expires: Thu, 03 Nov 2022 15:06:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
104.233.145.169200 OK 2.3 kB URL HTTP/1.1 niumo69.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP 104.233.145.169:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a85918551a0dc3061b8c8f990b9e78c2
16ed58ecab4899f3e8292814e27345f704076dff
31340eb698a2c6f58a54069d7a72fc4e6ce8c27f341ce366842a2a7e1814b537
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:43:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554e6e-1917"
Expires: Thu, 03 Nov 2022 15:06:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo69.xyz/static/images/hot.gif
104.233.145.169200 OK 254 B URL HTTP/1.1 niumo69.xyz/static/images/hot.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 254
Last-Modified: Wed, 29 Sep 2021 05:51:10 GMT
Connection: keep-alive
ETag: "6153fece-fe"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/static/images/empty.jpg
104.233.145.169200 OK 13 kB URL HTTP/1.1 niumo69.xyz/static/images/empty.jpg
IP 104.233.145.169:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/jpeg
Content-Length: 12963
Last-Modified: Thu, 04 Nov 2021 12:44:18 GMT
Connection: keep-alive
ETag: "6183d5a2-32a3"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 531e0c2dff55cb60d730cc192e1ea543
d3f935992d2dfe8be9478d6120eff4f2edcc01f3
ee70f338e1141056669c12a213fa473a5e9f6148d5598c27ec23a61ce1e6fd30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE70F338E1141056669C12A213FA473A5E9F6148D5598C27EC23A61CE1E6FD30"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16459
Expires: Wed, 02 Nov 2022 23:32:35 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f55acdb05aa74249743ad9f8df09aa5
6d810cbc5caa9764fe8aef5cf5ea399eb604cd7e
e73429b08c8652bad7f19d379a3fa4866966f91e1ddb10c0958af4cccae5fe71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E73429B08C8652BAD7F19D379A3FA4866966F91E1DDB10C0958AF4CCCAE5FE71"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5865
Expires: Wed, 02 Nov 2022 20:36:01 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 531e0c2dff55cb60d730cc192e1ea543
d3f935992d2dfe8be9478d6120eff4f2edcc01f3
ee70f338e1141056669c12a213fa473a5e9f6148d5598c27ec23a61ce1e6fd30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE70F338E1141056669C12A213FA473A5E9F6148D5598C27EC23A61CE1E6FD30"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16459
Expires: Wed, 02 Nov 2022 23:32:35 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f55acdb05aa74249743ad9f8df09aa5
6d810cbc5caa9764fe8aef5cf5ea399eb604cd7e
e73429b08c8652bad7f19d379a3fa4866966f91e1ddb10c0958af4cccae5fe71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E73429B08C8652BAD7F19D379A3FA4866966F91E1DDB10C0958AF4CCCAE5FE71"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5865
Expires: Wed, 02 Nov 2022 20:36:01 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.145.169200 OK 60 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 59550
Last-Modified: Sun, 29 May 2022 19:29:15 GMT
Connection: keep-alive
ETag: "6293c98b-e89e"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
kvmaa.com/2bce8945ac6ae3579798b563e15db7a0.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/2bce8945ac6ae3579798b563e15db7a0.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2bce8945ac6ae3579798b563e15db7a0.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvmaa.com/e9e36b33a2faa7c72800b6aef61229ac.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/e9e36b33a2faa7c72800b6aef61229ac.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e9e36b33a2faa7c72800b6aef61229ac.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/e9e36b33a2faa7c72800b6aef61229ac.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvmaa.com/e27e16f06bd973f89ff8eb016904fb5c.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/e27e16f06bd973f89ff8eb016904fb5c.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e27e16f06bd973f89ff8eb016904fb5c.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
niumo69.xyz/dingbu.html
104.233.145.169200 OK 158 B IP 104.233.145.169:0
File type HTML document, ASCII text, with no line terminators
Hash 455925c2ab98491c8cc2af2741f4b237
3b48f945b193deabfc99d0cce493e6977521c797
e67c8971358c23838e842d7132e548523dd027212edebfd1e97eefbaab389dcb
GET /dingbu.html HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: text/html
Content-Length: 158
Last-Modified: Sat, 08 Oct 2022 00:37:07 GMT
Connection: keep-alive
ETag: "6340c633-9e"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.145.169200 OK 73 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 73223
Last-Modified: Sun, 29 May 2022 19:29:12 GMT
Connection: keep-alive
ETag: "6293c988-11e07"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0d3c3e4a61c2a5f236d7d655c53f182
a298c2e8ed5181b6f34d2f60cf487e7104fad06c
53357712def37461e65b538fc4cb36750ecdb81a046c87ad6316c2b67fe49cc0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53357712DEF37461E65B538FC4CB36750ECDB81A046C87AD6316C2B67FE49CC0"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16722
Expires: Wed, 02 Nov 2022 23:36:58 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 399ead9b0b24cc21e276f00c26c9452c
7babd7c0c284df9f560777055f6445bd48656de8
b60a6fe6e6e9e57e37303d3559302e09d7aeb98aab68868ccf01adcc2215d37d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B60A6FE6E6E9E57E37303D3559302E09D7AEB98AAB68868CCF01ADCC2215D37D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19997
Expires: Thu, 03 Nov 2022 00:31:33 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
niumo69.xyz/static/fonts/voltaire.woff
104.233.145.169404 Not Found 7.2 kB URL HTTP/1.1 niumo69.xyz/static/fonts/voltaire.woff
IP 104.233.145.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 61770fce11a09cf460d45cb507670b0b
a91724b0e57f8426b0e3572cbcb226359ae6501c
1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a
GET /static/fonts/voltaire.woff HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://niumo69.xyz/template/RX@04dgr@r/static/niumowang/style.css
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
niumo69.xyz/logo.html
104.233.145.169200 OK 826 B IP 104.233.145.169:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d00b7df69522bf71f59047c570152aba
7dfa7d7b78ef9cbe530d38166368902ccc2ba777
39d6e18c64a02091e80c09464c295364a2d6320cce80fe913336635977ca9419
GET /logo.html HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: text/html
Content-Length: 826
Last-Modified: Wed, 24 Nov 2021 04:39:45 GMT
Connection: keep-alive
ETag: "619dc211-33a"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/static/images/empty_288_144.jpg
104.233.145.169200 OK 13 kB URL HTTP/1.1 niumo69.xyz/static/images/empty_288_144.jpg
IP 104.233.145.169:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty_288_144.jpg HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/jpeg
Content-Length: 12963
Last-Modified: Thu, 04 Nov 2021 12:48:12 GMT
Connection: keep-alive
ETag: "6183d68c-32a3"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf16c031bacc851ad0f01337279f2983
5903880fb1cd02366c7093cf909191ebc5d625a4
5717c526df412fe746bd7bca0a256fd83baeb24184c4eea5feb9f0cc0d2fecfa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5717C526DF412FE746BD7BCA0A256FD83BAEB24184C4EEA5FEB9F0CC0D2FECFA"
Last-Modified: Mon, 31 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4605
Expires: Wed, 02 Nov 2022 20:15:01 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7159ab6b564bc0c40772ee81c14871c3
a736abf5162ff36a0d65e1cc09eeb1c64fcdef59
7806de7ef7eb266e33b700c203b921152d2c620d5766d7160d13f7f49900d1fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7806DE7EF7EB266E33B700C203B921152D2C620D5766D7160D13F7F49900D1FB"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21295
Expires: Thu, 03 Nov 2022 00:53:11 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2f714f2661e72ecc94a1b5fb8b01d341
a0da32c16bf5d3fc89dffafe0df02f33491b3ed3
4700c6fb57d499ca6a7573026eba8787a45fbd84f1334daa74dea24eb98d197d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4700C6FB57D499CA6A7573026EBA8787A45FBD84F1334DAA74DEA24EB98D197D"
Last-Modified: Wed, 02 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10116
Expires: Wed, 02 Nov 2022 21:46:52 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ad5579b370bef5a9143038d7dea6718
9463b8c986e52f07fda18d8dabe8ed461db26a50
b57f4a8b78671b7d3250c2ef4d8b13757ff21fec7cc3e8eae4ed1eea36ad2ff2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B57F4A8B78671B7D3250C2EF4D8B13757FF21FEC7CC3E8EAE4ED1EEA36AD2FF2"
Last-Modified: Tue, 01 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8116
Expires: Wed, 02 Nov 2022 21:13:32 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ed592529cf2f8471cbe4ea85a53d44d
0ade117aeff9c97fbb4e5965fc32b98088f4ca48
6c2b7013a461cc86565263ec189e2fcb48486a61d96b3307c4a14aa0c514303a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C2B7013A461CC86565263EC189E2FCB48486A61D96B3307C4A14AA0C514303A"
Last-Modified: Tue, 01 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7242
Expires: Wed, 02 Nov 2022 20:58:58 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5a56b0c821c663998f949e87a01407d0
e95871b93ad6cc937360ed97f9d7f4de3426f98c
1242fbfaa8e4ad3b47f838528564b7ff03c633c226dc24df64c06ea1ea11765a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4554
Cache-Control: max-age=111282
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:16 GMT
Etag: "6361bbb0-116"
Expires: Fri, 04 Nov 2022 01:52:58 GMT
Last-Modified: Wed, 02 Nov 2022 00:37:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5a56b0c821c663998f949e87a01407d0
e95871b93ad6cc937360ed97f9d7f4de3426f98c
1242fbfaa8e4ad3b47f838528564b7ff03c633c226dc24df64c06ea1ea11765a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4554
Cache-Control: max-age=111282
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:16 GMT
Etag: "6361bbb0-116"
Expires: Fri, 04 Nov 2022 01:52:58 GMT
Last-Modified: Wed, 02 Nov 2022 00:37:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
fmtu.netfhtu.com/upload/vod/2022/11/ggiay1tmk1a.jpg
104.21.235.63200 OK 7.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/ggiay1tmk1a.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2e89e83aaad19451e3f54ad19fac4558
ee73b6ebe5420cee78d8474e649db2c3dff2393f
19a4da850023a82b04936bc70de323cc6d25cf34fe28100d6899875a1ccae03a
GET /upload/vod/2022/11/ggiay1tmk1a.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 7791
cf-bgj: h2pri
etag: "63622e2b-1e6f"
last-modified: Wed, 02 Nov 2022 08:45:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4080
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1IxSvBE45i4s0X48neF2QkR7nCu1gtcpkkf%2F8yRqWD7imoUdWxw01mxV8qToJE1kqBTxRgaepQm%2Flek2eiicQXznbnvewfaTHmn4zbVPpO%2FpJ4TrwQ%2B%2Fx6iZAxYB5YCUjkc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c659067576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/kcwb3k3x5bp.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/kcwb3k3x5bp.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b15bbd5c8966a7e68a8bb6b730ba67b9
43384aa784610f3d26089c735d4a00e0dde0193c
198cebfa327728876dae6634eb288f21ba9b053f7edd3c54dd52c7f1643b164e
GET /upload/vod/2022/11/kcwb3k3x5bp.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 11833
cf-bgj: h2pri
etag: "63622e20-2e39"
last-modified: Wed, 02 Nov 2022 08:45:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FnO%2B7V9glosJxff3ZPTMnx04EWvwLmkacJuFxyVo%2BLyT9bbEYQv3NjxRpmxeplmjesZPNZ0M4w%2Ft3U%2BoL3rWf7EYzNiQmWWEXyq7dCLJEISC6%2FloOqhuwkrrK4alybcuX6p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c658ff7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/rnv1oxttxzg.jpg
104.21.235.63200 OK 6.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/rnv1oxttxzg.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 4fe5afe9b792e9a85410905ceccd4472
be66c72741f8cd65df0217d43d17d5ef40d71ef4
77d6e643707d53393a42fc6beeba97a41a217bfb451dbff94525aff5614556d0
GET /upload/vod/2022/11/rnv1oxttxzg.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 6507
cf-bgj: h2pri
etag: "63622ea5-196b"
last-modified: Wed, 02 Nov 2022 08:47:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1770
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpxk7GZfceOdSwbtQzWJ%2Bi44x4xHfaLY7c3Xpobg1%2B%2Fh9n1ST5tju%2BbH2E9GFpHj4nqZ95YYhCBidIxdCLXQXAl755ITUFif2HHtHMfKGqKv4TwnPCZxGVMYv9vyNHmIU4De"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c658f47576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/ptryq5rw0js.jpg
104.21.235.63200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/ptryq5rw0js.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b0a79fe08495a92f5ad861b99c5ea316
80783dd894e7f1d3d0b3319a6e0270e0ac1a180b
6c3c3a4ed9296cbc4b537a72d6ad1c1d6047d3b6ecafea543b5a3024ebd4f97d
GET /upload/vod/2022/11/ptryq5rw0js.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 8160
cf-bgj: h2pri
etag: "63622e23-1fe0"
last-modified: Wed, 02 Nov 2022 08:45:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3%2FdiArc9iYhtc2GdPzWs8xMi28OglawR64arqniUPXk%2BVu9XK9uBSxjfWzwZ%2FjjwS9PMAZyw4mFNlrXfFNZC9HmGWRWsyvzu4Bysh8tHgJvbM5GeryddqYPSt0orw1gve6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c659017576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/hgfbutuuqmi.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/hgfbutuuqmi.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 63d3c67c5215358fa311d30dca313519
5a3c066ff9960f66cea84aef6408e2945f4d207c
1a0e6b739e68fc3eb708d29faccb15b1623afeb7125f4f280d1722746dd7a0e3
GET /upload/vod/2022/11/hgfbutuuqmi.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 12380
cf-bgj: h2pri
etag: "63622e27-305c"
last-modified: Wed, 02 Nov 2022 08:45:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3926
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaGJdzO6YenTbXySy9IVx4kSeofBEkin3cdFr0zOH6ZANddo%2FAHH6L4ypgJk9m4HUFgqF%2BsMzFGVWnsklwkDg5Sjf1b9s85Mp2W8kapAC2gLmxpcxPDctjpKFcETmCX6EatN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c659037576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/cwxogd3rbx2.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/cwxogd3rbx2.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 1b837ef7fc7b0b5185fc09645b7241cd
e52a27abf473993a28c1c78671dbc2c65de23a72
d766bffa5223f458c23490857f42a92521fb5624b7cc1cc2291f8b0e106afd8c
GET /upload/vod/2022/11/cwxogd3rbx2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 10677
cf-bgj: h2pri
etag: "63622eb0-29b5"
last-modified: Wed, 02 Nov 2022 08:47:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FOd9IOst3Lb50jEgUmJ0n19iVfEAxXKmgOs4ZIZL9Zvew9QJ%2B22jiqytNtICj8fqDMS5dvIQiNq6Qvg%2F0Hoya6cSLp652p2AhH72DVLRtL0AbA753n3D3WU2VPI1snzqXzQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c669217576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/fdu4kswwksk.jpg
104.21.235.63200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/fdu4kswwksk.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 787576f06208df5455455633d6cda2a2
1d86d6b5f43ce9f88633cd7bdaeabfaf7d25ac8a
2972e239ebce9476d71eb9cc803beb73ff9eee66e9fdf8d1b14137411d2e4482
GET /upload/vod/2022/11/fdu4kswwksk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 9001
cf-bgj: h2pri
etag: "63622eab-2329"
last-modified: Wed, 02 Nov 2022 08:47:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOCde6XL7QcFAyKc0%2FKzsjzvgGYw%2B3jpNFU94WKqcy4%2F803zCLX9N4OPIQcsWj6VCg%2Fjg9oAdFlmZFCKZqH%2FbbWdmqJGEQU1lhNORktr13rUXV8wk0z5i0vbbSjIiAvpudfx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c6590e7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/gwnw4dj5bjr.jpg
104.21.235.63200 OK 4.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/gwnw4dj5bjr.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 6c25b7e538f93b09a719549e5953a446
fe04cb835e8cb6345aa7ff16ba5f590f6c6d7383
8aa64b768d5ab1b4162cb58a8bb84100064257b779d441842a5e296ca451f909
GET /upload/vod/2022/11/gwnw4dj5bjr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 4007
cf-bgj: h2pri
etag: "63622e2f-fa7"
last-modified: Wed, 02 Nov 2022 08:45:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVAtCzfmqOUHsbObrN7HI5SpRzXdxDlmFvLfdNruZpxGXRkgMyLSwQpCh2bs%2BA71%2BerjK%2BMMfv9aKF%2FlC5TIuLpqbQNbPMxXCm7aaaPimEfnJVon4mS5jQkVtNoKFPHh2e52"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c659097576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5a56b0c821c663998f949e87a01407d0
e95871b93ad6cc937360ed97f9d7f4de3426f98c
1242fbfaa8e4ad3b47f838528564b7ff03c633c226dc24df64c06ea1ea11765a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4554
Cache-Control: max-age=111282
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:16 GMT
Etag: "6361bbb0-116"
Expires: Fri, 04 Nov 2022 01:52:58 GMT
Last-Modified: Wed, 02 Nov 2022 00:37:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
104.21.233.215200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 104.21.233.215:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 02 Dec 2022 09:41:01 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 33435
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueDrhDj3r1ytRIZhRfItYMIGHJ1UK59P%2B3ewm8jZswGkoS8vnlPjJ1%2BoXbrBGublYyTYK4rIgkYUOVL%2FwBdMoMEXbLcM%2FsI%2Fr8DfecRJc5jufmeZKPeFvVrLAtZ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c608c70109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/xdnxdoxjco5.jpg
104.21.235.63200 OK 6.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/xdnxdoxjco5.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash f529be286c68d3979c12bbf9e1e4e4a5
a54a043dd803ea977d2cd9174384cd12b4afe611
787c4daf4551329c0b57a700f80830f68388f5240e1a3004b9117ed021254eb8
GET /upload/vod/2022/11/xdnxdoxjco5.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 6890
cf-bgj: h2pri
etag: "63622eb8-1aea"
last-modified: Wed, 02 Nov 2022 08:47:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkWThowcPC2Jhwkzg98At7AgLbEcQYqRiO1d08%2Bs%2B7J%2BlEF7Z69DkySIh%2FPukG9xDAj0E1N3D970tPu9pxnUI3CRgV8D3qZSd35Dn3UJWcjbK4471bS7sKyxwpAGqo2XDr6w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c6694e7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/iahbrbrhxys.jpg
104.21.235.63200 OK 5.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/iahbrbrhxys.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 79a7d23a707ac45bcc49f2bbc9858a2b
a3a1189d2510409d498e073fb59c81fccba9373b
f7d1c4c69bb5008d7a625bca9848e5ce5f6fd67471084157026fd8e2fb70992f
GET /upload/vod/2022/11/iahbrbrhxys.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 5859
cf-bgj: h2pri
etag: "63622e9b-16e3"
last-modified: Wed, 02 Nov 2022 08:47:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1674
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMUNfWrbatYpkMWtgr7%2BZSriVdbY5Uiase3y1lgDzlCpQE3Rn7JVAiqDJ%2FEn%2FgEs5TwYL71oOWmfvwQ7F00sSnjRuEFHGThrYWzPbZRgiamLLtpICcaQR6Yd41YKQ%2F8gjhoM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c6694f7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/q4imbkc524n.jpg
104.21.235.63200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/q4imbkc524n.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash ca298679aedc35c92daf32258b3322d3
5e7bcc4f5aafea9e9279112346d45d248fb7e000
22244dbe888967a00b51830b8d8cebeb05a1f92a148215d5fb27945744fa8de3
GET /upload/vod/2022/11/q4imbkc524n.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 10179
cf-bgj: h2pri
etag: "63622e34-27c3"
last-modified: Wed, 02 Nov 2022 08:45:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4218
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh861h6kni0hHOc%2FEe2%2BUK8BZg7Nr82Ntf%2FOGlnZ8rI29awLhkSV9YgTP8EXlTO%2FWfnkVngRT%2F9ssg9D4Xf0o6nBHZxfX3W6IzKxa6OucdvLmxdcyfOhrUpJiCihio1KRtn%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c6898c7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/okarpktvvmg.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/okarpktvvmg.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 2044d7099e5ba43ab0acb2d0405410a0
1b4eff837e134c439eb137f131d0719af3713457
0c277eb07c3f1fe48610a80524b158d02cd9f2dfc08bea6d807817178b07e607
GET /upload/vod/2022/11/okarpktvvmg.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 12396
cf-bgj: h2pri
etag: "63622eb4-306c"
last-modified: Wed, 02 Nov 2022 08:47:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyS2k2XjfZCrBguvMK0FntZgLVjEofMKnjLVw6ac5gAMKgIpCI2JhXJS%2BANGfPPiLwpTQiN5Tj3%2BBa9NAoduKlcbpK0zuqiKEqZ9jLZV9vdK5284OaqTteaot1fsNERj3wxk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c6694d7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/3gxmv1txrd1.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/3gxmv1txrd1.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3a9abf0f8bd58e68e41bb30e8233df32
536107046295b5a2903e0f3079e797937775e836
04b9f1ae0bec1489b7a25c531cd8b8269353e219ebf8aa3d919286f24d515470
GET /upload/vod/2022/11/3gxmv1txrd1.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 11094
cf-bgj: h2pri
etag: "63622ea0-2b56"
last-modified: Wed, 02 Nov 2022 08:47:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4911
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR9kJmvtwkju5VU6%2BfdTnLotjBDbXhDCQAtIs8QiDTXWZGSZqXyys%2BoTrDHnj3Mcznk9aTruUu1zh5CBPl18e6L3fEtUAQ3lKfwhXgz%2Fl2rIwE8EqJzR5mpvt4uX%2FpeTbmKd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c6c9dd7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 489be531d2c1a61acb57ee3f53d742e5
5fee6fbdad6bdfe04ec614981df7a75d19b89a90
02297d96859dcfcf5f821c62a44e93f77f60dcf4b49f1d17bb1eb13b555304f0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "02297D96859DCFCF5F821C62A44E93F77F60DCF4B49F1D17BB1EB13B555304F0"
Last-Modified: Tue, 01 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 02 Nov 2022 19:52:30 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/o2amlqopofv1627o2amlqopofv045011.jpg
172.67.28.138200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/o2amlqopofv1627o2amlqopofv045011.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63b6af1a996b4448f0f6ef79e15b93a9
55c6046147b4c32b0a7a1f5eaff04a08673c5990
e63f48d2c4f4925701e06e1459528963be3294b66b6b3888af14a3b52812a8d0
GET /upload/vod/2022/11-02/16/o2amlqopofv1627o2amlqopofv045011.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/webp
content-length: 7744
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8284
content-disposition: inline; filename="o2amlqopofv1627o2amlqopofv045011.webp"
etag: "636229d8-205c"
last-modified: Wed, 02 Nov 2022 08:27:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3765
accept-ranges: bytes
server: cloudflare
cf-ray: 763f19c71c11b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/oeknr1gwz301627oeknr1gwz30155033.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/oeknr1gwz301627oeknr1gwz30155033.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 28f26482433b81f50d8e13f7cb2e01b8
268fabfe53c39079accde693b73831dd1534ac52
ffda25b558c4f332ef237cc9a5a9506ce02a0ed824c923037a2efaf5edfb1735
GET /upload/vod/2022/11-02/16/oeknr1gwz301627oeknr1gwz30155033.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 10256
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10743, status=webp_bigger
etag: "636229e3-29f7"
last-modified: Wed, 02 Nov 2022 08:27:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3765
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c71c28b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/2rlaobresyw16272rlaobresyw115027.jpg
172.67.28.138200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/2rlaobresyw16272rlaobresyw115027.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6c37e848026afd44a8c6134b5095f80
564f2736f01ad9adecf4b45fe601c3e5d439baa9
c3a0eb51aeea0962d4c4867dd89e60397c23d7bd5aa7cde6d36da3a48b32702b
GET /upload/vod/2022/11-02/16/2rlaobresyw16272rlaobresyw115027.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/webp
content-length: 7500
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8619
content-disposition: inline; filename="2rlaobresyw16272rlaobresyw115027.webp"
etag: "636229df-21ab"
last-modified: Wed, 02 Nov 2022 08:27:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3765
accept-ranges: bytes
server: cloudflare
cf-ray: 763f19c74c65b506-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f693adf03db730843fe926da74fb3e2
09ef00314322edc4cd71162a545d01a3af1e2842
9222aff49978f56efa734d0dfd7e86e04752d5b21a7840a45ecd7c3534faaf30
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 00:02:25 GMT
Expires: Mon, 07 Nov 2022 00:02:24 GMT
Etag: "09ef00314322edc4cd71162a545d01a3af1e2842"
Cache-Control: max-age=363247,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19c71e960b02-OSL
niumo69.xyz/static/fonts/voltaire.woff
104.233.145.169404 Not Found 7.2 kB URL HTTP/1.1 niumo69.xyz/static/fonts/voltaire.woff
IP 104.233.145.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 61770fce11a09cf460d45cb507670b0b
a91724b0e57f8426b0e3572cbcb226359ae6501c
1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a
GET /static/fonts/voltaire.woff HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://niumo69.xyz/template/RX@04dgr@r/static/niumowang/style.css
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
fmtu.netfhtu.com/upload/vod/2022/11/wnbysuvgy1a.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/wnbysuvgy1a.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 94d8b51343fc02be6115304cd2c642e1
39595264f10a2651e1a18704d39af7347aad703e
23a2c2026f6a1e73b9c18eaf757fbc01ccdb9020d67892a2a105f6a6132c31c9
GET /upload/vod/2022/11/wnbysuvgy1a.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 10978
cf-bgj: h2pri
etag: "63622e96-2ae2"
last-modified: Wed, 02 Nov 2022 08:47:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvXm1yM3nxFu2cnJJEITw6tzBqWsWu5FIxJ1YHIT4av8MLv8fXguFwx9jILKnJY7j45YrWMFTDLeC9dwO9khXJGLDozlxK5%2F5qpziQT8DbfF%2ByDVbzskbZUU%2FFR1DOh1YmNz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c78b507576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/11/xk0mhiwgrxm.jpg
104.21.235.63200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/11/xk0mhiwgrxm.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c6049333c824d4fcce1d6ee0c9e20bff
1c486358794a027f45efd374c83759feb8813070
3f55b1fdb6fc35cd61b5a8ac65b3ae13bd206a7207a448a5b4bfcb82d692a461
GET /upload/vod/2022/11/xk0mhiwgrxm.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: image/jpeg
content-length: 8787
cf-bgj: h2pri
etag: "63622ea8-2253"
last-modified: Wed, 02 Nov 2022 08:47:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4910
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMLon7HhwNoa6pUGgP7SSS7tJ74kPsZneurbBul%2FVj7RrtJ5X%2BRiyKmC4AnMvVvy0NcFT4aa95lxVyanh2tOt8bpOsFW6Qnr14z5M9v5l%2BWbX87XpZ0S%2FEhY26ewVIzB3OG1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c79b607576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8dbaab7b867d7fb0d8c4ad49da70e9a4
cc40c0d3b2c0dee046b127d1f6b34fa40dd99fdd
2542afe5d66d9d71e02b5cae4d82622ae69096269ccbb69048cdcb192da7635d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 16:45:15 GMT
Expires: Mon, 07 Nov 2022 16:45:14 GMT
Etag: "cc40c0d3b2c0dee046b127d1f6b34fa40dd99fdd"
Cache-Control: max-age=423417,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19c78ef60b02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 527a1bd932edd43fe09895d298091d97
002e48c7e5a36187490a13b15712d0f2b8af2776
3feffcb93fbbf22e13c69386e7906a78fd71b0e7771a7113fa7da47da4ff8d8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 15:09:34 GMT
Expires: Wed, 09 Nov 2022 15:09:33 GMT
Etag: "002e48c7e5a36187490a13b15712d0f2b8af2776"
Cache-Control: max-age=590476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19c69877b518-OSL
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 02 Nov 2022 18:58:16 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 527a1bd932edd43fe09895d298091d97
002e48c7e5a36187490a13b15712d0f2b8af2776
3feffcb93fbbf22e13c69386e7906a78fd71b0e7771a7113fa7da47da4ff8d8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 15:09:34 GMT
Expires: Wed, 09 Nov 2022 15:09:33 GMT
Etag: "002e48c7e5a36187490a13b15712d0f2b8af2776"
Cache-Control: max-age=590476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19c68f03b52d-OSL
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.145.169200 OK 410 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 410363
Last-Modified: Sun, 29 May 2022 19:29:14 GMT
Connection: keep-alive
ETag: "6293c98a-642fb"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/images/46cdsgsfheidb4155e.jpg
104.233.145.169200 OK 87 kB URL HTTP/1.1 niumo69.xyz/images/46cdsgsfheidb4155e.jpg
IP 104.233.145.169:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /images/46cdsgsfheidb4155e.jpg HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Wed, 03 Nov 2021 10:48:28 GMT
Connection: keep-alive
ETag: "618268fc-15563"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 551d04affcb358103720c2e788c5439c
4cfaf878cf75646a6551778356ed77e8d4e853ef
13b2319d2178377c45547be0830b34029c20b7477f814e9022903b7d58c1a203
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13B2319D2178377C45547BE0830B34029C20B7477F814E9022903B7D58C1A203"
Last-Modified: Tue, 01 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7274
Expires: Wed, 02 Nov 2022 20:59:30 GMT
Date: Wed, 02 Nov 2022 18:58:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 714b182dc746c334a536c0fb35a51a97
ee95b14ab7da5dcfaffadba86a90851c8df816ec
b987eef074d7b75d13c96995fef00859399f15f3cace879dee42266f7de1d86e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B987EEF074D7B75D13C96995FEF00859399F15F3CACE879DEE42266F7DE1D86E"
Last-Modified: Wed, 02 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17674
Expires: Wed, 02 Nov 2022 23:52:51 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b11166b9cf2afb87651256207826b82
b700b7c61a895fde1e04f095635bf1f1498e3217
2af76e6ea8bb182638f81f20e871eee679180cc434e0a045fd579f9af92b78a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AF76E6EA8BB182638F81F20E871EEE679180CC434E0A045FD579F9AF92B78A2"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16175
Expires: Wed, 02 Nov 2022 23:27:52 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4c8c184659d0fb5128e2afe24be6624d
56ad15165e8744ea3327f6e1ee8c986e9d476d3c
bd1a53f505e991cb4f72ee3c176d1896cc021a19cd21f30d8c6e974cbbdb2560
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 20:41:20 GMT
Expires: Tue, 08 Nov 2022 20:41:19 GMT
Etag: "56ad15165e8744ea3327f6e1ee8c986e9d476d3c"
Cache-Control: max-age=523982,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19c71810b503-OSL
kvhmm.com/1fa0744ab10fb5dce3ff9a16a13016da.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/1fa0744ab10fb5dce3ff9a16a13016da.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1fa0744ab10fb5dce3ff9a16a13016da.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/1fa0744ab10fb5dce3ff9a16a13016da.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 572328c10201233e7a209d0ceac71e95
e0354d6cd9227a314bdec6041a9dcd64665a5b1d
b7436d8e0769e661f4c193bafde9ad01c8f4ee178c9add821a485975456a7d76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7436D8E0769E661F4C193BAFDE9AD01C8F4EE178C9ADD821A485975456A7D76"
Last-Modified: Mon, 31 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2049
Expires: Wed, 02 Nov 2022 19:32:26 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
niumo69.xyz/nmwys.png
104.233.145.169200 OK 3.1 kB IP 104.233.145.169:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/logo.html
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/png
Content-Length: 3079
Last-Modified: Tue, 02 Nov 2021 14:02:30 GMT
Connection: keep-alive
ETag: "618144f6-c07"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9047b5217ed2bc699b0852be7af6bd69
354be5a0f7a40ce19d514f390844e735c3b41510
c091aeae41ff176cfd6a0cc82a7b3846f64a88413ce7f9851a73945d1f881425
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C091AEAE41FF176CFD6A0CC82A7B3846F64A88413CE7F9851A73945D1F881425"
Last-Modified: Wed, 02 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16808
Expires: Wed, 02 Nov 2022 23:38:25 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
nvhbbb.top/e9e36b33a2faa7c72800b6aef61229ac.gif
172.67.170.188200 OK 297 kB URL HTTP/2 nvhbbb.top/e9e36b33a2faa7c72800b6aef61229ac.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 297 kB (296709 bytes)
Hash 1f10662b641d9f911415e9ce97fb7fd6
7225c09106f46a72c78baf5bd63d31b266e346fa
6dc6083c13089e59609d1a8c22706230951f10ee29f998aba3c35ba839696dcd
GET /e9e36b33a2faa7c72800b6aef61229ac.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 296709
last-modified: Wed, 31 Aug 2022 05:04:04 GMT
etag: "630eebc4-48705"
expires: Mon, 14 Nov 2022 11:55:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1580542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyyPzS2Vl6%2Fxgew0EGFvwLeJ4JUzR5RC0deL0l8JbgZEVZ4Gc7KI0%2FXVbiYuMXLtv%2BtUvM5hq8OWPI07QXEc7GDzIT42UYsZjb58Nj54RofOBwRZT7g7hcAYXyd%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c8aa7c0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/1fa0744ab10fb5dce3ff9a16a13016da.gif
104.21.233.215200 OK 146 kB URL HTTP/2 kvtfff.top/1fa0744ab10fb5dce3ff9a16a13016da.gif
IP 104.21.233.215:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 146 kB (145639 bytes)
Hash 91f6b17ea471666e3d7dabce2fa4e8cc
c80f0058972568ffd18fb7e6ff1b4b430fc6972f
33e87e39f87ed7f42dfb27639f4e3023a89e2f4e7a4d3b4b7959664ac1bde7fe
GET /1fa0744ab10fb5dce3ff9a16a13016da.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 145639
last-modified: Fri, 07 Oct 2022 14:54:17 GMT
etag: "63403d99-238e7"
expires: Fri, 02 Dec 2022 09:02:41 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 35736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhRh8kJmOnIcuY0ElRw3dlf4DW8x57jnDXuD2zeokoHQ8aidMfCeSjC42Dy739L2FDTst9f8BdgJSleIzLfKW7sAjPoiqVAa9b0QSm0vNFI56Y08Mxh%2BHb5fvEeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c8abc70109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7159ab6b564bc0c40772ee81c14871c3
a736abf5162ff36a0d65e1cc09eeb1c64fcdef59
7806de7ef7eb266e33b700c203b921152d2c620d5766d7160d13f7f49900d1fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7806DE7EF7EB266E33B700C203B921152D2C620D5766D7160D13F7F49900D1FB"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21294
Expires: Thu, 03 Nov 2022 00:53:11 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 082b4eefa0ece28e1b178342c6f7361b
6b1ba150bf99cf56367785ab0eb14d6363d06518
59b72c5fe9953d17b3b6cd511fefd9e2c7c1a14823ab5f4b1ca239c46b074eb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59B72C5FE9953D17B3B6CD511FEFD9E2C7C1A14823AB5F4B1CA239C46B074EB9"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2872
Expires: Wed, 02 Nov 2022 19:46:09 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
172.67.170.188200 OK 54 kB URL HTTP/2 nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash 1b0debb707f7274e95ae467969832663
7787ea12e377677eccfcbba7f7fc14b18602ddad
688c201ad0040278d8431382eeeb71ea318699cc7d4ccf167132e5818473d55f
GET /2bce8945ac6ae3579798b563e15db7a0.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 53701
last-modified: Tue, 27 Sep 2022 05:36:32 GMT
etag: "63328be0-d1c5"
expires: Sun, 27 Nov 2022 07:55:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 471769
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RSlmzLBkcEWCHu%2Bzcw8Dic19Nx53IipmmExRp2Ao2NXsWdhYMn4PuNqly6u8kVWftCWUnCMPGJ0dDQJhmTrHvFr8n74XsLs2%2FhPrMCPUU7vxrvUs4EeBcs06GJR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c8eaa70af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 082b4eefa0ece28e1b178342c6f7361b
6b1ba150bf99cf56367785ab0eb14d6363d06518
59b72c5fe9953d17b3b6cd511fefd9e2c7c1a14823ab5f4b1ca239c46b074eb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59B72C5FE9953D17B3B6CD511FEFD9E2C7C1A14823AB5F4B1CA239C46B074EB9"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2823
Expires: Wed, 02 Nov 2022 19:45:20 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
172.67.170.188200 OK 224 kB URL HTTP/2 nvhbbb.top/e27e16f06bd973f89ff8eb016904fb5c.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 224 kB (223983 bytes)
Hash 7954e8c77b425e4e872c267c1428cb59
9a107ff658a34cc89f84bdda9e52b831d8f377b1
9522a5366e80b1acc16d442bcc96ccdcd265603fe7fb6a8b58217c7c4386c0cc
GET /e27e16f06bd973f89ff8eb016904fb5c.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 223983
last-modified: Thu, 22 Sep 2022 05:35:38 GMT
etag: "632bf42a-36aef"
expires: Fri, 25 Nov 2022 11:51:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 630380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp0wMsXrB2Q8y3zHRQHcmm6YXdmH%2F6O9lw9qV2FanI5KVJwy91TMAW1A5eunJY7cfx59O6Fb4etiCMS0aIIt8hzoHhBaNlU2Fi6ykuNjsijrQTdUKzBDhHZpK4um"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c8fab80af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5a56b0c821c663998f949e87a01407d0
e95871b93ad6cc937360ed97f9d7f4de3426f98c
1242fbfaa8e4ad3b47f838528564b7ff03c633c226dc24df64c06ea1ea11765a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4555
Cache-Control: max-age=111282
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:17 GMT
Etag: "6361bbb0-116"
Expires: Fri, 04 Nov 2022 01:52:59 GMT
Last-Modified: Wed, 02 Nov 2022 00:37:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 06d39d3855203987cc9320b0e00f09e5
9ccc5fd9e11a80a1f8d09aa1654e1cd80cae4aaf
da2bad925f9d85d102b728d7971430dcd7177f5e9737e21d7bc76affd3ccbb8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA2BAD925F9D85D102B728D7971430DCD7177F5E9737E21D7BC76AFFD3CCBB8D"
Last-Modified: Tue, 01 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17671
Expires: Wed, 02 Nov 2022 23:52:48 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash c22c36d77a6f5a45b4ddc96d596912a7
b70fe421de4989426039d950a33b829484dd1d80
d43f6d6641200445440c64442a9963deafe597b27d307c9906c3c2364f3ea33e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 16:04:29 GMT
ETag: "b70fe421de4989426039d950a33b829484dd1d80"
Last-Modified: Wed, 02 Nov 2022 16:04:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1735
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19c94eebb51d-OSL
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73826d6137b2bb06fdb3a16851abfbad
f86222a8b2c1a1bbc11cb0fd864e53e0f71c1d29
c1b34cd51c61b424c1dfbfdd8355ec4da588498c4e721ffb3d8bf5372db61a4d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1B34CD51C61B424C1DFBFDD8355EC4DA588498C4E721FFB3D8BF5372DB61A4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5442
Expires: Wed, 02 Nov 2022 20:28:59 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73826d6137b2bb06fdb3a16851abfbad
f86222a8b2c1a1bbc11cb0fd864e53e0f71c1d29
c1b34cd51c61b424c1dfbfdd8355ec4da588498c4e721ffb3d8bf5372db61a4d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1B34CD51C61B424C1DFBFDD8355EC4DA588498C4E721FFB3D8BF5372DB61A4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5442
Expires: Wed, 02 Nov 2022 20:28:59 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7e7ea88c4a5911b0ab6983e557d7c54a
a910e280be053db3a5896c48fcfe9451669c6812
7a6891000c679db0ee5877c4e858ff182a65cf3aa0806d46ecce68d469076b6e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 17:10:38 GMT
ETag: "a910e280be053db3a5896c48fcfe9451669c6812"
Last-Modified: Wed, 02 Nov 2022 17:10:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1787
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19c96f1eb51d-OSL
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
98.126.214.50301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 98.126.214.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
172.67.147.13200 OK 186 kB URL HTTP/2 kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Mon, 28 Nov 2022 15:23:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 358479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVP8XewPrSU1fbulZ6AVc1zvPduQkoaeJBlYD8U6QAta10YXI1T96unVV1Czf7cwouhLH1OurKLP%2FZD%2BLEUWh8UUMcMuQYxaJKYkJ9qK6b0SFF8VmR05Z36V2M2p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c999760b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.147.13200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Tue, 29 Nov 2022 17:58:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 262778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LyvbckWsx1aVkkUURRtetUouVNCaRhGLXI8ZZrL%2BgOimUybbr4of1y9MKNWScsFUaup6VQ%2B%2Fpm3q3k%2Be3zbu9QE8SrgThILqNONmMKPvEfR1sBIT8qXqhIssJVG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c9a9910b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f13b735d7f8265927a3a5b59da1423d3
5f5e8dc66ab08b24072ccc3180b20d8b896d86c5
26b1f699ccda1a2185da66fda3b3048b14e2cbc0135a4f9a7f883e793d4529e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "26B1F699CCDA1A2185DA66FDA3B3048B14E2CBC0135A4F9A7F883E793D4529E9"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4891
Expires: Wed, 02 Nov 2022 20:19:48 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 0113924361f9120fe8515a38b3e97d45
6be512eb2de84196853dfcd7dfc77202856eb756
e87767f8657d968b808a1eec97a95a0fd80bb9b24ccd5bc116785a5e570c4a13
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=664
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
X-N: S
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13094967
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Wed, 02 Nov 2022 18:58:17 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.21.33.100200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.21.33.100:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 23 Nov 2022 23:49:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 760139
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWFsCWAAgT5gYU2p1%2BKGxEdDqeapG8qg1UMt0od5ffd08GvtQj9YzVLZ3ePx%2FWn%2BDI8EiCrFLw57dXfVf58rNxoPrwoUX%2BIrbM1XXKqnlU6CdjMq7R6Z%2BEy%2BqHxGQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c9eb96b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101e12000a4ofel47FE8.gif
104.110.17.24200 OK 322 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101e12000a4ofel47FE8.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322063 bytes)
Hash 3d561aec4b19499cbe6caa3a4da86ced
993594495bb645712cc8c7f2632b01fc88aa72dc
76c31c00bbca98c29b1a488216310f2a510860be279f455019c15f4ee594dd38
GET /images/0101e12000a4ofel47FE8.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 322063
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15500755
expires: Mon, 01 May 2023 04:44:12 GMT
date: Wed, 02 Nov 2022 18:58:17 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.145.169200 OK 551 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 551040
Last-Modified: Sun, 29 May 2022 19:29:13 GMT
Connection: keep-alive
ETag: "6293c989-86880"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.145.169200 OK 126 kB URL HTTP/1.1 niumo69.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/gif
Content-Length: 125587
Last-Modified: Wed, 03 Nov 2021 10:48:26 GMT
Connection: keep-alive
ETag: "618268fa-1ea93"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
content-length: 162
location: https://kvhccc.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.33.12200 OK 919 kB URL HTTP/2 kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.33.12:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvhooo.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Fri, 02 Dec 2022 02:43:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 58492
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45xu2XNxksjyatFpYikBfRCxlx4NycNg8QnSYAJz498AqnBzvsOOQ8vTQpvjRIa3J%2FWTSzCjyv6AMF%2F6PDE5xzzPReoOka3Blyds6CIJkmyP6rtYE1cqnPUPwJaW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19ca0c96b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
content-length: 162
location: https://kvhwww.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2f714f2661e72ecc94a1b5fb8b01d341
a0da32c16bf5d3fc89dffafe0df02f33491b3ed3
4700c6fb57d499ca6a7573026eba8787a45fbd84f1334daa74dea24eb98d197d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4700C6FB57D499CA6A7573026EBA8787A45FBD84F1334DAA74DEA24EB98D197D"
Last-Modified: Wed, 02 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10115
Expires: Wed, 02 Nov 2022 21:46:52 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash abe9b8c3053b367f70741816dfa30f15
bd48c7dbc77da95dda67f02618a61c48ef40ca6d
b9a17f335e24bfa560f7accf561fab087ab8fec3a7857c0da86da1025bc02a85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165739
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:17 GMT
Etag: "6362a234-117"
Expires: Fri, 04 Nov 2022 17:00:36 GMT
Last-Modified: Wed, 02 Nov 2022 17:00:36 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b7ee2452e25badeaf062f5ef5cf2eae1
390f561c3541661cc83098d95474c8488d779a0d
3f8780e808b3518d78a19e9e35324598d0130973036bf2d4bc51f34b9adc1e96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91976
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:17 GMT
Etag: "63618211-118"
Expires: Thu, 03 Nov 2022 20:31:13 GMT
Last-Modified: Tue, 01 Nov 2022 20:31:13 GMT
Server: nginx
Content-Length: 280
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.145.169200 OK 315 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 315353
Last-Modified: Sun, 29 May 2022 19:29:13 GMT
Connection: keep-alive
ETag: "6293c989-4cfd9"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11139
Expires: Wed, 02 Nov 2022 22:03:56 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11139
Expires: Wed, 02 Nov 2022 22:03:56 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.58.206200 OK 211 kB URL HTTP/2 kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.58.206:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Fri, 04 Nov 2022 05:40:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2467073
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnUIvclJQ4n2sX7xLZ5VGvJ83CUGYvK47c8DWkCZmNGuY9G5sdyvoj1nxXPLNViohar9VYjFh4hefGmhIb9%2BpE%2FMxGZFzLtAZiVzhqNcbGnqCiuq148Vf5%2BLfCst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19cb0c620b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11139
Expires: Wed, 02 Nov 2022 22:03:56 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bd19d65-6adb-49b1-b3a5-ffb9ffd23bbc.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bd19d65-6adb-49b1-b3a5-ffb9ffd23bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1e279cf441230b801e53c187094c972
30e0b7d521804604622a09ba566307cc35b1deb6
5d5e6c03bc054bfbb84802523191a97dd404c7d51e180f9cd21f50942129c884
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bd19d65-6adb-49b1-b3a5-ffb9ffd23bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13593
x-amzn-requestid: b4da9d6e-7064-40f7-953c-37847c4b672d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8N93FcAIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619058-1dda64ee1b8e3177189703fc;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:32:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SDjssGYz2eDtKxPPoC-Lx4GYx9yQoPIv7nlKKNvH6uW0KgxLhJIzRA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:52:34 GMT
age: 75943
etag: "30e0b7d521804604622a09ba566307cc35b1deb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55f392ea73e9746f7edb30e319646c4b
09b052e39f5493c2c2b79d92e81e510aeffbfcb4
9a5b1575ed3a943be74e212f41f122178dcf4c89ef0d78eb8cc761508cd453d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9023
x-amzn-requestid: 599a15c5-bd47-4c30-91e5-b445da7e66f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwvQHCsIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e61-1d36740311e6b1e531d44767;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:08:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FdYEabB0P-JcMOvjTK2TdVUCbuCbCEICZXoKHcz2-QdUfpIgey1tWw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 22:12:58 GMT
age: 74719
etag: "09b052e39f5493c2c2b79d92e81e510aeffbfcb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73826d6137b2bb06fdb3a16851abfbad
f86222a8b2c1a1bbc11cb0fd864e53e0f71c1d29
c1b34cd51c61b424c1dfbfdd8355ec4da588498c4e721ffb3d8bf5372db61a4d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1B34CD51C61B424C1DFBFDD8355EC4DA588498C4E721FFB3D8BF5372DB61A4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5442
Expires: Wed, 02 Nov 2022 20:28:59 GMT
Date: Wed, 02 Nov 2022 18:58:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabfa0ff8-fada-4af4-ab5f-529906656572.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabfa0ff8-fada-4af4-ab5f-529906656572.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab331970f5e4f7f2e0ff0c042095ec4e
2b72b9df83cc12db944f6d079d91d6362be036d0
35dd7f4cc581389be9e90be3e7a8663831eeeb89c261cb3eb3fcc66cb9e56f24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabfa0ff8-fada-4af4-ab5f-529906656572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7026
x-amzn-requestid: f5a992f1-beb7-463c-8125-e0f74009f272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8N75GyioAMFsEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6361904b-648797425d1d3d485d17d773;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:31:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ct2UyXUhCL58M5_X1nCM5LhPGWDxuZgav0SiSsm99PUF_ergMz34tw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:40:58 GMT
age: 76639
etag: "2b72b9df83cc12db944f6d079d91d6362be036d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4ebdcc9-b605-4814-b94b-32df2890ba40.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4ebdcc9-b605-4814-b94b-32df2890ba40.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80a15bf497eed7ce0dc0bab1fc27c18d
5da512cc8d716ed6d83db95ffe40a8113aca3036
5f7fc4ccda5c71792416faa54964966731c1d3b612b56891f9d5e5e8f3c69666
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4ebdcc9-b605-4814-b94b-32df2890ba40.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7495
x-amzn-requestid: 4980bd4a-9383-47d4-81de-3c1f1788f917
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8N9sFbOoAMF7mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619057-1451572557667da827b5d123;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:32:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NM1DGRHUQS98x4ZZdBupZAloibcrqieultKoescIzjnRnAMylp3B5g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 22:06:59 GMT
etag: "5da512cc8d716ed6d83db95ffe40a8113aca3036"
content-type: image/jpeg
age: 75078
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec2e029c-fc0b-49fc-86fd-a0353e4bf400.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec2e029c-fc0b-49fc-86fd-a0353e4bf400.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d889392defc575d85e26321730c2722
28177e0094cb108a96751ba23830134e1d4b8e15
758b77490f2f67d8d4297e0060b0a310be6f03dcda4808969147e1610879e836
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec2e029c-fc0b-49fc-86fd-a0353e4bf400.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12840
x-amzn-requestid: c6424625-a000-41be-8043-4ac408d25086
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8OHAG5QIAMFodA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619093-2d8d7616088723ab392f74ff;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:33:07 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _nhbB7wn_tje5pEJa66ub53DJMk6pvkjSfpKsruWEuzYPDoUlm_icg==
via: 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:51:55 GMT
age: 75982
etag: "28177e0094cb108a96751ba23830134e1d4b8e15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48bbdd9c-6fd8-4186-9826-5b75daa3f949.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48bbdd9c-6fd8-4186-9826-5b75daa3f949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e6d78844aa60ad0bd62fc70779a63e8
80dbe6518bd99eb7cab1ba0ff9b5c53d0cc85949
ac1ee1c30bee586a5edd9605a514548e1e91e6ef39c55cc866cf026b8ed3df82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48bbdd9c-6fd8-4186-9826-5b75daa3f949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10496
x-amzn-requestid: 4b3864a5-5e0b-42f3-83b3-c997f66eeb55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8OG_H3oIAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619092-6e450a0c6393d47f4d72ce35;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:33:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8KvfFEQSkb7CkT0DUL3D6JtMUkhRJaKIuHhPnbDLCOIINyEt-1a-A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 22:12:59 GMT
age: 74718
etag: "80dbe6518bd99eb7cab1ba0ff9b5c53d0cc85949"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.145.169200 OK 43 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/gif
Content-Length: 43144
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-a888"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.145.169200 OK 111 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/gif
Content-Length: 110624
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-1b020"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.145.169200 OK 49 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/gif
Content-Length: 48771
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-be83"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d5c3afd09f18e057d31703539dc7af22
4213f8c23291b0af9984d969c0f562cefca7b884
38428e62be3378959b316a1bb6571ca529ec3ec8043fac74fe302e31fc8b4436
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 08:52:36 GMT
Expires: Tue, 08 Nov 2022 08:52:35 GMT
Etag: "4213f8c23291b0af9984d969c0f562cefca7b884"
Cache-Control: max-age=481457,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19c9ac93b518-OSL
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 634 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
Hash 27fc36a97d25ac58f863515f812f9e9b
b1bd0b4367da9ab45114c2722d348bff26abc514
e115a757fd8bc4a1ccd31d82cb96816e32a107f0e4b62b4b5931e4a56da1737f
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTuq1LlbkgO0gRU4ZuLTqUz8iZVvBqV8n%2Fwc98VUVnm4Yg7197fYojb7ZQV7BeCDtvk5QjrWTW6YmQVdKpj3Q2NBNEjel5nGBaoVyDtinvuTLM1nPJFpFhP2tebaFeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c88902b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6de0c785746bdd693df85a87ed12d78a
eaca029ba990888504681f92b99cd01e3f139f93
c346a5df8842a95b8dd205550e30157f94d12996675a29ff4289727e711863e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 11:50:08 GMT
Expires: Mon, 07 Nov 2022 11:50:07 GMT
Etag: "eaca029ba990888504681f92b99cd01e3f139f93"
Cache-Control: max-age=405709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19cbae4c0b4d-OSL
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.40200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Fri, 02 Dec 2022 12:35:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 22995
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDOtz%2BNGwLDVpGEx%2B5EZ16crND7xyJtFTVtbmg%2F2g4c%2FRNB%2FuVfXvCpibcZowKu7Ws4gTW%2BfOrWsu2MMp36V2YO8EDwwmIOSmRGmxjp3V54bfJY37DsQ7n4XaMa4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19cb2e414172-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vjnhby.com/81b3a1d4168744fdb2491b0402b7a708.gif
45.61.212.162200 OK 348 kB URL HTTP/2 vjnhby.com/81b3a1d4168744fdb2491b0402b7a708.gif
IP 45.61.212.162:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347872 bytes)
Hash 1ace5409fd371542532d2c9a27131b87
98c7c29f6d64296235a6be4b8259ffce72fd6691
8794843b5991bae6c5224e7e49f7389e2560098704392c0b10dc621bf38e3113
GET /81b3a1d4168744fdb2491b0402b7a708.gif HTTP/1.1
Host: vjnhby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63415a26-54ee0"
server: nginx
date: Wed, 02 Nov 2022 10:35:19 GMT
content-type: image/gif
last-modified: Sat, 08 Oct 2022 11:08:22 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 347872
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 633 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
Hash fbe0a581508c20025ab549f56d4d31d8
b9893b3ab1e2cde9eb49e40a5afd956fab00578a
b5193eb15a056cd2f8c613aa59fb07c7ac6f3669d5206321d63d1c6db1cb31e9
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpqlIP0Dfd%2BosEMMXW2XmuQOupRT%2Fl9BJ4OYEHr6MX5B4mgZmWLCgKYS1t%2FWKBF66UM8TazdKxL6eFM08z8KHP8OYhhcldw4nrtxYAhbuW94HQWp8htR2ZdAYJtfSmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c97a28b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6de0c785746bdd693df85a87ed12d78a
eaca029ba990888504681f92b99cd01e3f139f93
c346a5df8842a95b8dd205550e30157f94d12996675a29ff4289727e711863e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 11:50:08 GMT
Expires: Mon, 07 Nov 2022 11:50:07 GMT
Etag: "eaca029ba990888504681f92b99cd01e3f139f93"
Cache-Control: max-age=405709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 763f19cb5dcbb503-OSL
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.145.169200 OK 25 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:47 GMT
Content-Type: image/gif
Content-Length: 25278
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-62be"
Expires: Sat, 03 Dec 2022 03:06:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
45.61.212.141200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP 45.61.212.141:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Mon, 19 Sep 2022 02:42:19 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-11
content-length: 236734
X-Firefox-Spdy: h2
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
45.61.212.162200 OK 259 kB URL HTTP/2 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 45.61.212.162:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632443bb-3f4d0"
server: nginx
date: Wed, 02 Nov 2022 08:13:46 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 09:36:59 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 259280
X-Firefox-Spdy: h2
573569djd.com/356620c6207a4935a9e2a8e76ef12f22.gif
103.170.15.110200 OK 876 kB URL HTTP/1.1 573569djd.com/356620c6207a4935a9e2a8e76ef12f22.gif
IP 103.170.15.110:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 876 kB (875540 bytes)
Hash 5ca1fe78c084a4a1547464064dad6e69
1bb4144143dddce0c2357dabf5548b4e925b068a
848de6d13c434849ecfc2a7b155159cc16a5517356606edbee2ee878300181c9
Analyzer Verdict Alert quad9 Sinkholed
GET /356620c6207a4935a9e2a8e76ef12f22.gif HTTP/1.1
Host: 573569djd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8e26-d5c14"
Date: Sun, 30 Oct 2022 14:44:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:09:10 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 875540
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
172.247.77.90200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 02 Nov 2022 18:57:57 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Wed, 10 Aug 2022 11:34:50 GMT
Connection: keep-alive
ETag: "62f397da-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
45.61.212.141200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP 45.61.212.141:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Sat, 08 Oct 2022 07:00:54 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-11
content-length: 445140
X-Firefox-Spdy: h2
87798.me/gg/960x120.gif
192.74.243.119200 OK 307 kB IP 192.74.243.119:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 307 kB (306806 bytes)
Hash d7af8813ea687210e2835237781ecfa2
0988d26c3a015938156841f56fe58b5c40be9bca
54f431871134994f681d4602e18c78ac9b34c4eafa7f0fdcc3baa6539ed966fd
GET /gg/960x120.gif HTTP/1.1
Host: 87798.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 306806
last-modified: Wed, 02 Nov 2022 16:21:17 GMT
etag: "636298fd-4ae76"
expires: Fri, 02 Dec 2022 18:58:17 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
72agg.com/gg/960x60-2.gif
137.175.12.178200 OK 567 kB URL HTTP/2 72agg.com/gg/960x60-2.gif
IP 137.175.12.178:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 567 kB (566629 bytes)
Hash c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90
GET /gg/960x60-2.gif HTTP/1.1
Host: 72agg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 19:00:16 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Fri, 02 Dec 2022 19:00:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
files.imgopen.vip/uploads/2022/10/20/6350f32333f55.gif
104.21.68.49200 OK 279 kB URL HTTP/2 files.imgopen.vip/uploads/2022/10/20/6350f32333f55.gif
IP 104.21.68.49:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 279 kB (279126 bytes)
Hash bb4674d6d7768a797ce7bcf2e91a1883
755f1d89868ee8d022e6c6217e8bc05df15036d0
bc4250c8a9d0600a1628bf9ac93b3dc093405cf818ab24133152a304342e0e75
GET /uploads/2022/10/20/6350f32333f55.gif HTTP/1.1
Host: files.imgopen.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: image/gif
content-length: 279126
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Wed, 02 Nov 2022 16:53:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xGSpqTXFEdTn6E12zS3hurU4Mw8i9VvrZ35WJxbSNi%2FDlKgyNqN66JSDct55tsdlCtaktysIt1mrz17K2gVBhcLyzPB0usscjGyUed57JWq4lcZXNLpO4BH8gM%2BGaX9W4mD5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c5eb84b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash abe9b8c3053b367f70741816dfa30f15
bd48c7dbc77da95dda67f02618a61c48ef40ca6d
b9a17f335e24bfa560f7accf561fab087ab8fec3a7857c0da86da1025bc02a85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=165739
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "6362a234-117"
Expires: Fri, 04 Nov 2022 17:00:37 GMT
Last-Modified: Wed, 02 Nov 2022 17:00:36 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.145.169200 OK 35 kB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:47 GMT
Content-Type: image/gif
Content-Length: 34559
Last-Modified: Sun, 29 May 2022 19:29:15 GMT
Connection: keep-alive
ETag: "6293c98b-86ff"
Expires: Sat, 03 Dec 2022 03:06:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo69.xyz/images/4dfsdadsd5ghrt5.gif
104.233.145.169200 OK 411 kB URL HTTP/1.1 niumo69.xyz/images/4dfsdadsd5ghrt5.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 310 x 150\012- data
Size 411 kB (411269 bytes)
Hash e677fef93938e45f94dbdac40dcbe2ee
661f58d604341a3aaeacdb061e105cf88c5a4219
0f3ee208963c41dc1f36259f395e793a7e328aa7ab7a4a924df4d88323284047
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:45 GMT
Content-Type: image/gif
Content-Length: 411269
Last-Modified: Wed, 03 Nov 2021 10:48:26 GMT
Connection: keep-alive
ETag: "618268fa-64685"
Expires: Sat, 03 Dec 2022 03:06:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 442 B IP 93.184.220.29:0
Hash 23cfabd806a41da747bd7e272ab75966
1ffbb1f9cd3b3ef25e74dd0a68e328f10c9d507a
78dbea1ece86ada2c5fa10f40fd44d986d36165f90e2fc8662e5306ccf8d9d0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=91976
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "63618211-118"
Expires: Thu, 03 Nov 2022 20:31:14 GMT
Last-Modified: Tue, 01 Nov 2022 20:31:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 351
Origin: http://niumo69.xyz
Connection: keep-alive
Referer: http://niumo69.xyz/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=39e788e3800578e5415; path=/
HWWAFSESTIME=1667415492914; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://niumo69.xyz
Access-Control-Allow-Credentials: true
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f13b735d7f8265927a3a5b59da1423d3
5f5e8dc66ab08b24072ccc3180b20d8b896d86c5
26b1f699ccda1a2185da66fda3b3048b14e2cbc0135a4f9a7f883e793d4529e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "26B1F699CCDA1A2185DA66FDA3B3048B14E2CBC0135A4F9A7F883E793D4529E9"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4890
Expires: Wed, 02 Nov 2022 20:19:48 GMT
Date: Wed, 02 Nov 2022 18:58:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5718b6f0090085740c3e2c82c438bd5
1db57d4e87dce619b285acf75acdbe230ddff32d
465baca347e80dd3de5a7740b3fc3316551061e32038e983ed42fd711947447a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "465BACA347E80DD3DE5A7740B3FC3316551061E32038E983ED42FD711947447A"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 03 Nov 2022 00:58:18 GMT
Date: Wed, 02 Nov 2022 18:58:18 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/rtyskoeqkr51627rtyskoeqkr5165035.jpg
172.67.28.138200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/rtyskoeqkr51627rtyskoeqkr5165035.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 1d5f9d723c2d444cfbe91d4c660df13c
3483fae467ad29f3e7de864de618751b96bd0c5d
5a2ecdb8072ccde52801737dc98c383d0c01433db18a080f4e9b4f8c6dc1cf3d
GET /upload/vod/2022/11-02/16/rtyskoeqkr51627rtyskoeqkr5165035.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 9435
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9889, status=webp_bigger
etag: "636229e4-26a1"
last-modified: Wed, 02 Nov 2022 08:27:16 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c71c2bb506-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 512875bfbba775821f3c7d12e3de8820
dbe37822df7798052734ee6139955338b93815f4
f51a076ec9782926d5ad006859fd5a582c5df14061ebfcd3ff5add66946d3263
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5765
Cache-Control: max-age=131576
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "6362063d-118"
Expires: Fri, 04 Nov 2022 07:31:14 GMT
Last-Modified: Wed, 02 Nov 2022 05:55:09 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b79665fe2d8133b0b56be10b696c84aa
7f4f5c06b1af721ad8a5e3d1376d6247fbba3672
da0418dd952bcff66c86774fdd74f059d385c5d1c9410df58ab2584cb65547d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3776
Cache-Control: max-age=132835
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "636212ed-117"
Expires: Fri, 04 Nov 2022 07:52:13 GMT
Last-Modified: Wed, 02 Nov 2022 06:49:17 GMT
Server: ECS (amb/6B8C)
X-Cache: HIT
Content-Length: 279
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/00kgxdchzlq162700kgxdchzlq095023.jpg
172.67.28.138200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/00kgxdchzlq162700kgxdchzlq095023.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ebe2264489e4468255793d3d61728eba
4ba003d42c13426844b17f44c522c0c21da00da1
4756ffb650f996be678134b40aca47b5910cbb4f2f33be0c25c2e4958e6892d3
GET /upload/vod/2022/11-02/16/00kgxdchzlq162700kgxdchzlq095023.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 7368
last-modified: Wed, 02 Nov 2022 08:27:09 GMT
etag: "636229dd-1cc8"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c71c1eb506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/kdgxnkyjsdd1627kdgxnkyjsdd185041.jpg
172.67.28.138200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/kdgxnkyjsdd1627kdgxnkyjsdd185041.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f51ae4c299fb3e0b53834ffb97dd3f3b
3ca5ff63f4967076da7ebeed34c2ba3d5363a1c3
45409c9f94069f4b550d1cb469d7e527b99b59a2468079d552f3a4eaf3ac1f6f
GET /upload/vod/2022/11-02/16/kdgxnkyjsdd1627kdgxnkyjsdd185041.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 7148
last-modified: Wed, 02 Nov 2022 08:27:19 GMT
etag: "636229e7-1bec"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c70c09b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/o4h34dhmur51627o4h34dhmur5175037.jpg
172.67.28.138200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/o4h34dhmur51627o4h34dhmur5175037.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 32c97f4347d2ddce6d93edde37cd3110
fd06948f7cc0322b943b50ad77d0b1b3138746f0
f059b609acc09d30b686629a7b9a8fe5b4b8660111b56a377075cf22ae6298d3
GET /upload/vod/2022/11-02/16/o4h34dhmur51627o4h34dhmur5175037.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 7034
last-modified: Wed, 02 Nov 2022 08:27:17 GMT
etag: "636229e5-1b7a"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c71c2db506-OSL
X-Firefox-Spdy: h2
kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
104.21.235.61200 OK 1.6 MB URL HTTP/2 kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
IP 104.21.235.61:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Sun, 20 Nov 2022 19:55:18 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1033380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6SPWmJEoz%2FaoltdVSumSFyoL%2B4%2Ff8cGT6%2Fxj8LakmEcnskn9ixRpz1fHo3mEZMGoNNSvU9axRsBKifUT%2FvXb%2FlhCMo%2Fmbii4yRQMi5n41pRcm8zI5qZ%2BFRx86yV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19d10e300dc0-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.8 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash da3cde31e79dba10fbba84308627a91d
e4f5bb05f36701da891140d6de5080673a414c7b
778c137c3b71d5ee37027143689c6b7da67c08afb67cb8bc1c1f4cf4f192c30e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 16:03:48 GMT
ETag: "64ae188b0e0d07f2b08af0378f40be9b827ccfbd"
Last-Modified: Wed, 02 Nov 2022 16:03:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19d02a83b51d-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f5051c57163d101b2d7a386c9f9ab34e
b6646a99fb62f33fa4a9ab209705a22658f2c8a9
e5a7c59f3ee2614b78581ba700f8e461e5fa2e1a3fa36e7266690214a102e461
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 06 Nov 2022 17:46:35 GMT
ETag: "b6646a99fb62f33fa4a9ab209705a22658f2c8a9"
Last-Modified: Wed, 02 Nov 2022 17:46:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2284
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19d2ba3eb4f4-OSL
kvhccc.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.233.190200 OK 1.0 MB URL HTTP/2 kvhccc.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.233.190:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvhccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Fri, 02 Dec 2022 09:14:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 35019
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Fel2xNUkJrr7pXt9YDSwcSgPEpHkhBaZebae7dDJ4n1e8%2BHflc1BbRq9fJ59SQbRTblkTQB8%2B80fFA2SdxcSpVHBW1eHzs6CE7V5eH1sXbVehZzDlTO2J2smDo0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19d12e1e0dac-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 62486c2f6444fe7c4a5de7cccf75cd87
64ae188b0e0d07f2b08af0378f40be9b827ccfbd
584099dc24b9c40776029d0e0c358356d65e0f402a106376cfbedc0ede4bfe02
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 16:03:48 GMT
ETag: "64ae188b0e0d07f2b08af0378f40be9b827ccfbd"
Last-Modified: Wed, 02 Nov 2022 16:03:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19d08971b50f-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf16c031bacc851ad0f01337279f2983
5903880fb1cd02366c7093cf909191ebc5d625a4
5717c526df412fe746bd7bca0a256fd83baeb24184c4eea5feb9f0cc0d2fecfa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5717C526DF412FE746BD7BCA0A256FD83BAEB24184C4EEA5FEB9F0CC0D2FECFA"
Last-Modified: Mon, 31 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4603
Expires: Wed, 02 Nov 2022 20:15:01 GMT
Date: Wed, 02 Nov 2022 18:58:18 GMT
Connection: keep-alive
niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.145.169200 OK 1.3 MB URL HTTP/1.1 niumo69.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:47 GMT
Content-Type: image/gif
Content-Length: 1270430
Last-Modified: Sun, 29 May 2022 19:29:12 GMT
Connection: keep-alive
ETag: "6293c988-13629e"
Expires: Sat, 03 Dec 2022 03:06:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 035451e385ceaf0f9c5391466e5f3966
f51a9545d399761810ad7f73117174b6f086df4c
33b88e70bc6431026534d4757a3e765e4020da4e438dca97507c3995968f52ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6428
Cache-Control: max-age=99833
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "636187a7-2d7"
Expires: Thu, 03 Nov 2022 22:42:11 GMT
Last-Modified: Tue, 01 Nov 2022 20:55:03 GMT
Server: ECS (amb/6B8C)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 035451e385ceaf0f9c5391466e5f3966
f51a9545d399761810ad7f73117174b6f086df4c
33b88e70bc6431026534d4757a3e765e4020da4e438dca97507c3995968f52ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1231
Cache-Control: max-age=94636
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "636187a7-2d7"
Expires: Thu, 03 Nov 2022 21:15:34 GMT
Last-Modified: Tue, 01 Nov 2022 20:55:03 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 727
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 62486c2f6444fe7c4a5de7cccf75cd87
64ae188b0e0d07f2b08af0378f40be9b827ccfbd
584099dc24b9c40776029d0e0c358356d65e0f402a106376cfbedc0ede4bfe02
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 16:03:48 GMT
ETag: "64ae188b0e0d07f2b08af0378f40be9b827ccfbd"
Last-Modified: Wed, 02 Nov 2022 16:03:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19d0fe2b1bfa-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 62486c2f6444fe7c4a5de7cccf75cd87
64ae188b0e0d07f2b08af0378f40be9b827ccfbd
584099dc24b9c40776029d0e0c358356d65e0f402a106376cfbedc0ede4bfe02
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 16:03:48 GMT
ETag: "64ae188b0e0d07f2b08af0378f40be9b827ccfbd"
Last-Modified: Wed, 02 Nov 2022 16:03:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19d0faa40afe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 512875bfbba775821f3c7d12e3de8820
dbe37822df7798052734ee6139955338b93815f4
f51a076ec9782926d5ad006859fd5a582c5df14061ebfcd3ff5add66946d3263
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5765
Cache-Control: max-age=131576
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: "6362063d-118"
Expires: Fri, 04 Nov 2022 07:31:14 GMT
Last-Modified: Wed, 02 Nov 2022 05:55:09 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5718b6f0090085740c3e2c82c438bd5
1db57d4e87dce619b285acf75acdbe230ddff32d
465baca347e80dd3de5a7740b3fc3316551061e32038e983ed42fd711947447a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "465BACA347E80DD3DE5A7740B3FC3316551061E32038E983ED42FD711947447A"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 03 Nov 2022 00:58:18 GMT
Date: Wed, 02 Nov 2022 18:58:18 GMT
Connection: keep-alive
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/900X60.gif
47.75.19.39200 OK 254 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/900X60.gif
IP 47.75.19.39:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /900X60.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: image/gif
Content-Length: 253519
Connection: keep-alive
x-oss-request-id: 6362BDC9D0409B343075C537
Accept-Ranges: bytes
ETag: "F744E995971941B6A95FCD2636F5A545"
Last-Modified: Thu, 13 Oct 2022 11:14:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 2
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
47.246.44.224200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[3,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 4666707
x-cache: HIT TCP_HIT dirn:11:439081176
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716674154987645666e
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 62486c2f6444fe7c4a5de7cccf75cd87
64ae188b0e0d07f2b08af0378f40be9b827ccfbd
584099dc24b9c40776029d0e0c358356d65e0f402a106376cfbedc0ede4bfe02
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 06 Nov 2022 16:03:48 GMT
ETag: "64ae188b0e0d07f2b08af0378f40be9b827ccfbd"
Last-Modified: Wed, 02 Nov 2022 16:03:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763f19d14bb40b39-OSL
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 717 kB URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
Size 717 kB (716576 bytes)
Hash a8e2055835b9abe785e675de32514dfa
a2757bead880ae3d851e95111f88c9b8ec5a52f8
4c14108479e3d76b157c18a580d571091c3a100f3355410e70d31a1b2cb6e751
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbSGWwfJ4JguyTBBOC559iE1jrDY8eqee9P%2FvTDTPJiH%2Fj1HJdhk9dbfL4KrKtL1N4WVEJewF3G1tjc5DkujjFSA1iq%2BCo7q7TTVe1DkdsTW%2B0OGqkJ2Nd%2FVplqcMic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c8c947b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/326bde0fa0d749c2949fc8519c5a5510
47.246.44.224200 OK 440 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/326bde0fa0d749c2949fc8519c5a5510
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 440 kB (439790 bytes)
Hash 07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /obj/tos-cn-i-dy/326bde0fa0d749c2949fc8519c5a5510 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Fri, 21 Oct 2022 12:52:33 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 12:50:14 GMT
nw-session-id: 2022102120501401013817220204654F072b4dm01dy
nw-session-trace: 2022-10-21T20:50:14.966729786+08:00 44
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 20:50:14 GMT
x-tt-logid: 2022102120501401013817220204654F07
via: n204-098-015, cache16.l2de2[160,160,206-0,M], cache17.l2de2[161,0], cache17.l2de2[162,0], cache4.se1[0,0,200-0,H], cache3.se1[2,0]
x-request-ip: fdbd:dc01:26:287::131
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01c1ecee9d82f98e0b80233b7b0fe63e3517b458cad14a954427f654d1c8430cab5daaac2cf9dda78ae468f8ceec8b3d3f233d6b6c963959330c10637a3e10e90e0d9e47d33c33e57d3cadd9d00dfc3dbcd703aa5465ee3a51ece8feb69ac28098
x-response-lb: image
ali-swift-global-savetime: 1666356753
age: 1058745
x-cache: HIT TCP_HIT dirn:11:369937113
x-swift-savetime: Fri, 21 Oct 2022 12:52:33 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716674154987795682e
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.23.69200 OK 504 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 504 kB (503886 bytes)
Hash 99b6864d342d9dd3e484f1b391847485
729c13c0b9c8dd46f1cae7afaca50d19b6dfa442
164d48c8c94575e833992fd9407e880c4d7be4187ba892279d7e2b95ffde6bf1
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: image/gif
Content-Length: 503886
Connection: keep-alive
x-oss-request-id: 6362BDC92E5F223230E757CF
Accept-Ranges: bytes
ETag: "99B6864D342D9DD3E484F1B391847485"
Last-Modified: Thu, 13 Oct 2022 10:55:19 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3865870131131298233
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: mbaGTTQtndPkhPGzkYR0hQ==
x-oss-server-time: 3
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.154.254.32200 OK 3.5 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x120, components 3\012- data
Hash e6c80d1f69b4f8999b3139349785ff68
e72338fa08e0519ff2151512070e2a3b368e6991
30fe42c7d54be79048c295b3dc2e6e1f541bad76ed10d72932c54691b812018e
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 3485
cache-control: no-cache
x-errno: -108
x-info: illref
x-rtflag: 1
x-nws-log-uuid: 8d83f1bf-c8ed-4044-bf7c-3c280d393d8a
X-Firefox-Spdy: h2
niumo69.xyz/images/st1dfgtr5thfhyg.gif
104.233.145.169200 OK 870 kB URL HTTP/1.1 niumo69.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/gif
Content-Length: 870065
Last-Modified: Wed, 03 Nov 2021 10:48:28 GMT
Connection: keep-alive
ETag: "618268fc-d46b1"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
askzyimg.com/20221102/WJObjGjF/1.jpg
162.209.131.156200 OK 100 kB URL HTTP/2 askzyimg.com/20221102/WJObjGjF/1.jpg
IP 162.209.131.156:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x334, components 3\012- data
Hash a3907aaf82f3b5d2f130cf2ec0b52e4c
c63b5f2cb6551a61aeb0aaf065373332c6c9a674
7845e63861f3e921b7559d130a7266f78fa248966fac5aff5637d31d90b0a988
GET /20221102/WJObjGjF/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 99459
last-modified: Wed, 02 Nov 2022 12:15:52 GMT
etag: "63625f78-18483"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.154.254.32200 OK 3.5 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x120, components 3\012- data
Hash e6c80d1f69b4f8999b3139349785ff68
e72338fa08e0519ff2151512070e2a3b368e6991
30fe42c7d54be79048c295b3dc2e6e1f541bad76ed10d72932c54691b812018e
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 3485
cache-control: no-cache
x-errno: -108
x-info: illref
x-rtflag: 1
x-nws-log-uuid: fb8d296c-f153-4d7c-a28d-a657af7c472c
X-Firefox-Spdy: h2
362728tdg.com/9169712a342d4e34b1c66a9b8af93bf9.gif
45.61.212.52200 OK 584 kB URL HTTP/1.1 362728tdg.com/9169712a342d4e34b1c66a9b8af93bf9.gif
IP 45.61.212.52:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
Analyzer Verdict Alert quad9 Sinkholed
GET /9169712a342d4e34b1c66a9b8af93bf9.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6350ff85-8e959"
Date: Wed, 02 Nov 2022 08:13:47 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 20 Oct 2022 07:57:57 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 584025
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 5f28f97810ab90bd8a123c04a6252163
c351e92c5f3925135fb0995869da13471c0cdf1d
a573d3d3aa0d7da4fb32633df71a513fb827d1f89fb2ca13ea2e462caf0ea561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1579
Cache-Control: max-age=149693
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:19 GMT
Etag: "63625d5d-2d7"
Expires: Fri, 04 Nov 2022 12:33:12 GMT
Last-Modified: Wed, 02 Nov 2022 12:06:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
616182863.com/5df7107094b446238663a2c1ff7a0e99.gif
47.75.19.145200 OK 68 kB URL HTTP/1.1 616182863.com/5df7107094b446238663a2c1ff7a0e99.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Hash 7fb729164de96495010d31173b4dfde9
48e6c18b318b6dbe66739b2a97b1ca536a260a5b
eb89dbf10519257d735db5ba0731ed566cd5b8fac2a72ffd7bd299a9e8c4c10b
GET /5df7107094b446238663a2c1ff7a0e99.gif HTTP/1.1
Host: 616182863.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 02 Nov 2022 18:58:18 GMT
Content-Type: image/gif
Content-Length: 67749
Connection: keep-alive
x-oss-request-id: 6362BDCA1F85633438491DAF
Accept-Ranges: bytes
ETag: "7FB729164DE96495010D31173B4DFDE9"
Last-Modified: Tue, 27 Sep 2022 08:24:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3572186298259414675
x-oss-storage-class: Standard
Content-MD5: f7cpFk3pZJUBDTEXO0396Q==
x-oss-server-time: 1
askzyimg.com/20221102/sQBNycJk/1.jpg
162.209.131.156200 OK 137 kB URL HTTP/2 askzyimg.com/20221102/sQBNycJk/1.jpg
IP 162.209.131.156:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x334, components 3\012- data
Size 137 kB (136589 bytes)
Hash bdde3df5dac8f9c086761771a3a5faab
e5cd85a5b4152495a7062e0bac02129383f67895
38bc68825443f3923db1e2e93b73e84bc72f14a76bcf57423e54d0781207e007
GET /20221102/sQBNycJk/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 136589
last-modified: Wed, 02 Nov 2022 12:15:51 GMT
etag: "63625f77-2158d"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.154.254.32200 OK 3.5 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x120, components 3\012- data
Hash e6c80d1f69b4f8999b3139349785ff68
e72338fa08e0519ff2151512070e2a3b368e6991
30fe42c7d54be79048c295b3dc2e6e1f541bad76ed10d72932c54691b812018e
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 3485
cache-control: no-cache
x-errno: -108
x-info: illref
x-rtflag: 1
x-nws-log-uuid: 85c3ffe3-c853-4931-9c14-43d22c7f435c
X-Firefox-Spdy: h2
askzyimg.com/20221102/fH2xQbg1/1.jpg
162.209.131.156200 OK 117 kB URL HTTP/2 askzyimg.com/20221102/fH2xQbg1/1.jpg
IP 162.209.131.156:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x334, components 3\012- data
Size 117 kB (117304 bytes)
Hash 1cbdbe7e4e53059d9e723ca51b164010
10ba934b129fa115240c5c0efdda120630ca7e54
2624fb1eb9315f9c95c30029d84337b7bf3c2e9c903a4eaeadc5927e47edde4b
GET /20221102/fH2xQbg1/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 117304
last-modified: Wed, 02 Nov 2022 12:15:52 GMT
etag: "63625f78-1ca38"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
askzyimg.com/20221102/WgwuFGcN/1.jpg
162.209.131.156200 OK 121 kB URL HTTP/2 askzyimg.com/20221102/WgwuFGcN/1.jpg
IP 162.209.131.156:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 492x277, components 3\012- data
Size 121 kB (120645 bytes)
Hash 284f6a77e91eb0508eb4ff88474263b4
a867a1d84570c923957a43780fadd4a33a958668
43eb8b5f77d10e6a7f1d6b77b1114a35d0908f73520e60deacadbfacdad0659a
GET /20221102/WgwuFGcN/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 18:58:18 GMT
content-type: image/jpeg
content-length: 120645
last-modified: Wed, 02 Nov 2022 12:15:51 GMT
etag: "63625f77-1d745"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
287335kmu.com/8d616168276e4ae99e1d748861f557d9.gif
45.61.212.230200 OK 1.0 MB URL HTTP/1.1 287335kmu.com/8d616168276e4ae99e1d748861f557d9.gif
IP 45.61.212.230:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
GET /8d616168276e4ae99e1d748861f557d9.gif HTTP/1.1
Host: 287335kmu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba169-f90bb"
Date: Sun, 30 Oct 2022 13:04:24 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:31:21 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-30
Content-Length: 1020091
niumo69.xyz/images/stvf4grh65uh54y.gif
104.233.145.169200 OK 996 kB URL HTTP/1.1 niumo69.xyz/images/stvf4grh65uh54y.gif
IP 104.233.145.169:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:46 GMT
Content-Type: image/gif
Content-Length: 995865
Last-Modified: Wed, 03 Nov 2021 10:48:32 GMT
Connection: keep-alive
ETag: "61826900-f3219"
Expires: Sat, 03 Dec 2022 03:06:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 9ed32e986890463aa438b81c0704cc82
ff6d3549acef67191fb9a4c759150b1f66b9d34c
33ba6e7f3306351ec3e58103d74cfc43406528b16844eb391560c3f48a081f36
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Wed, 02 Nov 2022 18:58:18 GMT
Etag: babdb4c70d0afeb63a0f45bcf5223bf5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=28D8B69E94E6DDE1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=166535291&si=43710706cbe9431ef5bccf7937e9a282&v=1.2.97&lv=1&sn=8494&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fniumo69.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=166535291&si=43710706cbe9431ef5bccf7937e9a282&v=1.2.97&lv=1&sn=8494&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fniumo69.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=166535291&si=43710706cbe9431ef5bccf7937e9a282&v=1.2.97&lv=1&sn=8494&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fniumo69.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 02 Nov 2022 18:58:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AFE4C5D875E24B67; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hj0o9a4p5jllpx5WUibIcKshzqhv96UKqU0Olgub0mB74Q/0
43.154.254.32200 OK 369 kB URL HTTP/2 p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hj0o9a4p5jllpx5WUibIcKshzqhv96UKqU0Olgub0mB74Q/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 369 kB (369108 bytes)
Hash d3f9f17ed067ebb6ee0792014656333e
1f5593ee409f13d7734fd538a9a779dbe469a7c1
69da833d60a8ae1c0d5f64a25dfb6b42579ac7d20046a2db7c2be4256b601b68
GET /qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hj0o9a4p5jllpx5WUibIcKshzqhv96UKqU0Olgub0mB74Q/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 02 Nov 2022 18:58:19 GMT
content-type: image/gif
content-length: 369108
vary: Accept,Origin
last-modified: Mon, 10 Oct 2022 19:35:45 GMT
cache-control: max-age=2592000
x-delay: 49822 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 369108
chid: 0
fid: 0
x-nws-log-uuid: d38b98f4-3859-403e-a5c8-789ed8708d2e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b79665fe2d8133b0b56be10b696c84aa
7f4f5c06b1af721ad8a5e3d1376d6247fbba3672
da0418dd952bcff66c86774fdd74f059d385c5d1c9410df58ab2584cb65547d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3778
Cache-Control: max-age=132835
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 18:58:20 GMT
Etag: "636212ed-117"
Expires: Fri, 04 Nov 2022 07:52:15 GMT
Last-Modified: Wed, 02 Nov 2022 06:49:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
120.52.95.241200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 120.52.95.241:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 18:58:19 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 7612773
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HElangfang-AREACUCC1-CACHE20[3],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 02 Nov 2022 18:58:17 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 6362BDC9DA8A7931353A722F
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaJH%2BKQfC%2BmkM3DkQEKyOmX23ZTxJp%2FLBPM3qBEwKx1q0UJu8FGEx7HcgaUrjGPeMIEmW8MXmwYrcbPyKyadiHLJvnp7fRFt2T%2F%2F%2FPVv%2F%2Fw85HIQxLZmKckhvfVqPHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c9aa8fb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.9367x.com/images/635d16984f08383fd57b7486.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9367x.com/images/635d16984f08383fd57b7486.gif
IP 3.36.126.81:0
GET /images/635d16984f08383fd57b7486.gif HTTP/1.1
Host: img.9367x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/fe66cae36d8a4863843857f60137db15
cache-control: max-age=3600
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwqocalwi1CkNsadswEtcYbbSpd%2FwYBRKjXfA9RSMgo7LPiL7ncoekwSLVob5MiW8%2Fi74MOqd4BDzg85oWD36Btyy67OJGpBA81IT38wlF4MfKRhgwHHGSJuWxkiYqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19cacc20b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:16 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FZXEBFBbQHs4KTd7ue5%2FAWTVb0h10hV5o%2Bhb3JZPurdtl4w1kEFjcYuMRkcJJeMOVL1EM5Uf7j00YRYqZpSVEfNQTIyKwAFi%2Bi52V2KggfYbN1xxXhriWfcmUm6g0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c5fd74b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niumo69.xyz/favicon.ico
104.233.145.169200 OK 0 B IP 104.233.145.169:0
GET /favicon.ico HTTP/1.1
Host: niumo69.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo69.xyz/
Cookie: PHPSESSID=m3fqdih80ob3kbj4p3mfr6kpsu; __vtins__JSZHOzdyKyPQoQSO=%7B%22sid%22%3A%20%22861cedfb-1fb5-5b68-ab80-b41374f9bed7%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201667417296777%2C%20%22ct%22%3A%201667415496777%7D; __51uvsct__JSZHOzdyKyPQoQSO=1; __51vcke__JSZHOzdyKyPQoQSO=265af089-074c-5d8c-9fe1-915f748bc946; __51vuft__JSZHOzdyKyPQoQSO=1667415496786; Hm_lvt_43710706cbe9431ef5bccf7937e9a282=1667415499; Hm_lpvt_43710706cbe9431ef5bccf7937e9a282=1667415499
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 03 Nov 2022 03:06:52 GMT
Content-Type: image/x-icon
Content-Length: 16958
Last-Modified: Tue, 02 Nov 2021 15:19:42 GMT
Connection: keep-alive
ETag: "6181570e-423e"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP 3.36.126.81:0
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.u2695.com/images/63528a7a3ce47c907dcb148c.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u2695.com/images/63528a7a3ce47c907dcb148c.gif
IP 3.36.126.81:0
GET /images/63528a7a3ce47c907dcb148c.gif HTTP/1.1
Host: img.u2695.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo69.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/326bde0fa0d749c2949fc8519c5a5510
cache-control: max-age=3600
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFpzoyfTZy%2B6XIFFjeDs85rC7ebGNJK4oxtrfhE5Pbq%2BriiNoF2Eha3ha8U6nmVzU86qfzK6kEEBAORQX0PT4UEza3OjO1zFZl6TNt5Q2I%2FYnB%2FkrOK1lBdn0%2FSZOSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c939deb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ft7yeJz26hDxJ91mOatZLEdyJwdH6%2BZObDfjLbuhlyEbZUwSRUena%2BLIMQm7Xys1IHxf%2B%2BgI4c4l7sqDt1S5Ns0va5K1UcWWkLvZi8FVak2Z%2Bth3Q8FX%2FS6w0aqbFTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c9eaf7b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12vjDxPSn9LbK3%2FYtittCce7h0XecBs9nsns7N%2B0Xh%2BLTk2U0%2B49rRk0A7r9FkcoIXSVqllZWb3Ape3O26MGHosK3bk5SXCJoOEc8xkhV5OjRrW45%2BbJ3kwX6%2BgHWDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19c848aab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s1.xptou.com/1970/01/04/00047149ab022.gif
104.21.83.132301 Moved Permanently 0 B URL HTTP/2 s1.xptou.com/1970/01/04/00047149ab022.gif
IP 104.21.83.132:0
GET /1970/01/04/00047149ab022.gif HTTP/1.1
Host: s1.xptou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo69.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 02 Nov 2022 18:58:17 GMT
content-type: text/html
location: https://s1.xptou.com/1970/01/04/00047149ab022.gif
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRx5BHNwZAfT9ruq%2B5F%2BcnfErzDoEPzyjZqfHFWAr9xiJul%2BgJ1GswPVCqdRJszhKfg1%2BXH%2Fxot4lHPuwfNEYuw2s9A5MTePi7QvNzNVFRfzolwJYCtx2Jngs%2FJkD9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 763f19ca4b77b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2