r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4602
Expires: Mon, 19 Sep 2022 01:27:01 GMT
Date: Mon, 19 Sep 2022 00:10:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 23:12:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qufFRpH70kDgG8YIC-Sd--rBedKEG_9ddTn6b4Bz49xAsCXx9_A01w==
Age: 3469
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fvf6ec4Su_H1u1moz80vXiIYAySeAjnhSMhTUuj3Ileo_J961oYHKg==
age: 70506
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 00:10:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
qidisj.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: qidisj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 00:10:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.qidisj.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 00:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 00:53:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BM4AnszoQsgQU9faaR33jU-exNbAcA1gVIDgBP8PX8Jm9cDzTAX_XQ==
Age: 418
www.qidisj.com/index.php
200 OK 805 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 20959a0cfe3f62021683e1c299e85023
db7210b1c15f9881eea368f043e26387b60337d3
3046a4605af5e38013a0d4833ef7fc6c1c42cf279d38c8bd67238bfd4b433716
GET /index.php HTTP/1.1
Host: www.qidisj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 00:10:26 GMT
Content-Type: text/html
Content-Length: 805
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:20 GMT
Last-Modified: Sun, 18 Sep 2022 22:57:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.qidisj.com/common.js
200 OK 628 B IP
File type ASCII text, with CRLF line terminators
Hash f428f09f3f061423368a367ef9364309
658cd0bde399b05750a13355c3a05a6b219fe496
a7746b3a373b1e7f1656828ad16a5673fcb4c1c0fd7c3943b29c69ce9a3ab63f
GET /common.js HTTP/1.1
Host: www.qidisj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qidisj.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 00:10:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BCquxykXEGgvpd1rPSwQkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xd7OZmP5FyoCHIp5tTQGGch7LXQ=
www.qidisj.com/tj.js
200 OK 536 B IP
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 65915aaec7050b3fc582336f8ae84227
6d8863e9aa039ae2a29544c39324c931a26b6ed8
e491b6b692a50787e6b07b1018f787a89617df0c3ffd08cb371b21f28be8156b
GET /tj.js HTTP/1.1
Host: www.qidisj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qidisj.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 00:10:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qidisj.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 19 Sep 2022 00:10:20 GMT
Etag: "4078521116"
Expires: Tue, 19 Sep 2023 00:10:20 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=8CF84A958C8D30403002ECE809AC94F4:FG=1; max-age=31536000; expires=Tue, 19-Sep-23 00:10:20 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qidisj.com/
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 19 Sep 2022 00:10:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6e718bed3d2eff83aac560c5b4166327
27c4afe500186df73d114fe87fe24b25c62aa65f
7f56d609b6b33c914e134695fbe2635d8b806fedb246cac68b05952b3c3a5680
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F56D609B6B33C914E134695FBE2635D8B806FEDB246CAC68B05952B3C3A5680"
Last-Modified: Sun, 18 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 06:10:21 GMT
Date: Mon, 19 Sep 2022 00:10:21 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash b3aaa35b4ce4bf1c179ddd330cd73b3b
d490dbb5adf4d78dd1003104b6f704aacf3ca3b4
680009777a77d78ae6417869493da1ba54135f4e7f721ea197becd2957f788cc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 20:57:57 GMT
ETag: "d490dbb5adf4d78dd1003104b6f704aacf3ca3b4"
Last-Modified: Sun, 18 Sep 2022 20:57:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2151
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce190c6d2c0b45-OSL
collect-v6.51.la/v6/collect?dt=4
200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 307
Origin: http://www.qidisj.com
Connection: keep-alive
Referer: http://www.qidisj.com/
HTTP/1.1 200
Server: nginx/1.18.0
Date: Mon, 19 Sep 2022 00:10:21 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.qidisj.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 306
Origin: http://www.qidisj.com
Connection: keep-alive
Referer: http://www.qidisj.com/
HTTP/1.1 200
Server: nginx/1.18.0
Date: Mon, 19 Sep 2022 00:10:21 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.qidisj.com
Access-Control-Allow-Credentials: true
api.share.baidu.com/s.gif?l=http://www.qidisj.com/index.php
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.qidisj.com/index.php
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.qidisj.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qidisj.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 19 Sep 2022 00:10:21 GMT
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7953
Expires: Mon, 19 Sep 2022 02:22:55 GMT
Date: Mon, 19 Sep 2022 00:10:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7953
Expires: Mon, 19 Sep 2022 02:22:55 GMT
Date: Mon, 19 Sep 2022 00:10:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7953
Expires: Mon, 19 Sep 2022 02:22:55 GMT
Date: Mon, 19 Sep 2022 00:10:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ccc0366-1136-421b-87fa-f9dcd1599fc9.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ccc0366-1136-421b-87fa-f9dcd1599fc9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa12988120db56daccc3048e3abbaae6
29f28271148c46e2abb95db8be0b942f2f1c9388
f9e7884e04cce0a312bbaa00c609f21eebe1d74fa1d38ac7ecc45a4369c765de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ccc0366-1136-421b-87fa-f9dcd1599fc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10794
x-amzn-requestid: c86cdd40-854b-495f-bb84-0b408fa24440
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_gHMcIAMFWPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279063-055c553a561ffa1558e63245;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u-NbDjp5yEAVPC-_sdoWMIYzkA6PZmdfK6ZDRUmON3yleRdce5zdwg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:54 GMT
age: 8308
etag: "29f28271148c46e2abb95db8be0b942f2f1c9388"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 8281
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:07:31 GMT
age: 61371
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash febaa50825802847e9cbc0479e7121ba
36355214d6f866681edc3eacd5f1af87b16bdcc2
7a808fbeb6ce87490299fb3d5de52ec450c9161d9098254f1b54a0d4a97b645c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9426
x-amzn-requestid: 6569d647-e17c-4456-8d54-b093e1cc1d7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl9trEPNoAMFteg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257657-7bba0e970a8114a11fd6bf32;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:25:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sO0jibO4hXSxONHRYPgA2WA9U9GBFbVhCGy9F3RwrJqZoAzU90Tpsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:57:45 GMT
age: 58357
etag: "36355214d6f866681edc3eacd5f1af87b16bdcc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcd68f4f4d0188a96a06b1793abf38e1
df40b195d24c1b58123c40f8b01294035c9076a5
6c8d53d76269c3f945cc28f3005bcdbbaf1a748a65a166db6c7161f382a47609
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3375
x-amzn-requestid: 4827cdf6-5641-44cd-a076-d8b29bb34ffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSyFO0IAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790de-45acc6fe6064eb3f23e4ea77;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cScYxWAyH0k8XDOCgN_1sTVufxBo0K5Dbp6_rYiIx3MBWZf_uUkyPQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:50:11 GMT
age: 8411
etag: "df40b195d24c1b58123c40f8b01294035c9076a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: fadb4327-7392-42be-9167-16dd28876400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIqeEg2IAMF-XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254a9-45261b545b58382717b63418;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:24:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WPR4iIPTDBsXF2F8yHkM2G-M9w6V0ykDHY017kKgEjsBNciMxYqo5A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 04:31:06 GMT
age: 70756
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.qidisj.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.qidisj.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.qidisj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qidisj.com/index.php
Cookie: __vtins__JcAbxxcXkBmdAi59=%7B%22sid%22%3A%20%2256b16922-004a-566e-b5f1-da318d1ffe5f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663548002466%2C%20%22ct%22%3A%201663546202466%7D; __51uvsct__JcAbxxcXkBmdAi59=1; __51vcke__JcAbxxcXkBmdAi59=f4e75382-27e7-513a-ba4c-9e493e1cf5dd; __51vuft__JcAbxxcXkBmdAi59=1663546202471; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%2231659595-3736-5be2-b118-4fadcf12beed%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663548002486%2C%20%22ct%22%3A%201663546202486%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=27d1e8f2-5921-5828-b7c6-36087c58c265; __51vuft__JdQpk0p36jq0lsZj=1663546202489
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 00:10:28 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 24 Sep 2022 00:10:28 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d1fac4832c60f83d5ff7435ec280478
f068bdb27a31715bc480dc988d19ef7ef1ddaec0
5905397629a98e638afac3e5bbf8df7334397fd1bd33d1a46d225014502b6af6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5905397629A98E638AFAC3E5BBF8DF7334397FD1BD33D1A46D225014502B6AF6"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21540
Expires: Mon, 19 Sep 2022 06:09:22 GMT
Date: Mon, 19 Sep 2022 00:10:22 GMT
Connection: keep-alive
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 0ad8cffcbf5c5faeba4179e424b44747
c279d99f04cdd548859950f9d7a7ca4cd46a904d
1dbeaedbcb5564a00b84fa945a47f7f04e828739faeeb994e45753589ed88266
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.qidisj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Mon, 19 Sep 2022 00:10:22 GMT
Etag: 153e530c83f523c94f4ebbc1f54645f2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7CD96C6AFF29E6BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 215e0be16d152279131851ed600f4372
8149e35edba1d05d9991fdd3c0c44739f5682b79
cd995ca9b37eb49ff46d11f4f465b12e368c5fa8da2010c1ff155ed1cb217dfd
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.qidisj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Mon, 19 Sep 2022 00:10:22 GMT
Etag: 358d0faed7ec7ca2f100c5c07871d668
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=14E50861CBD9CD4E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45d9dd89fa251550b137a2e0fc031fe7
116327cec9b94b4e9d8bd1f00de5438aa21c00e5
2d0c2d9b64c77f2c397650c10f7970a2b4442e56378f19778dd8105b19501212
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D0C2D9B64C77F2C397650C10F7970A2B4442E56378F19778DD8105B19501212"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1366
Expires: Mon, 19 Sep 2022 00:33:09 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 25a9afe63d91673500a8efa97e5a0bd8
f084f5427f687a070f2d99ca66e67172655ada05
632a80588e4c729a5344194b2f395f92fe303dce1c3e77c18ed6aeeb474bf814
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "632A80588E4C729A5344194B2F395F92FE303DCE1C3E77C18ED6AEEB474BF814"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13262
Expires: Mon, 19 Sep 2022 03:51:25 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1422319246&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=5764&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.qidisj.com%2Findex.php&tt=%E9%85%92%E6%B3%89%E5%B0%89%E5%BA%B7%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1422319246&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=5764&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.qidisj.com%2Findex.php&tt=%E9%85%92%E6%B3%89%E5%B0%89%E5%BA%B7%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1422319246&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=5764&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.qidisj.com%2Findex.php&tt=%E9%85%92%E6%B3%89%E5%B0%89%E5%BA%B7%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.qidisj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 19 Sep 2022 00:10:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C65D19AA9A6C514B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=210665988&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=5764&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.qidisj.com%2Findex.php&tt=%E9%85%92%E6%B3%89%E5%B0%89%E5%BA%B7%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=210665988&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=5764&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.qidisj.com%2Findex.php&tt=%E9%85%92%E6%B3%89%E5%B0%89%E5%BA%B7%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=210665988&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=5764&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.qidisj.com%2Findex.php&tt=%E9%85%92%E6%B3%89%E5%B0%89%E5%BA%B7%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.qidisj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 19 Sep 2022 00:10:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8D3958459A665375; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45d9dd89fa251550b137a2e0fc031fe7
116327cec9b94b4e9d8bd1f00de5438aa21c00e5
2d0c2d9b64c77f2c397650c10f7970a2b4442e56378f19778dd8105b19501212
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D0C2D9B64C77F2C397650C10F7970A2B4442E56378F19778DD8105B19501212"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21539
Expires: Mon, 19 Sep 2022 06:09:22 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45d9dd89fa251550b137a2e0fc031fe7
116327cec9b94b4e9d8bd1f00de5438aa21c00e5
2d0c2d9b64c77f2c397650c10f7970a2b4442e56378f19778dd8105b19501212
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D0C2D9B64C77F2C397650C10F7970A2B4442E56378F19778DD8105B19501212"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21539
Expires: Mon, 19 Sep 2022 06:09:22 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/10yb2z31pl5.jpg
200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/10yb2z31pl5.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 60268d5b2daa0e52c4afee8a1ff4a001
1cd219f340529a73611a4a9f00dda17e3f04a715
3b37812db861de3e40855c60f63c378b36c0210f00118abb52d2c4734e303b4d
GET /upload/vod/2022/09/10yb2z31pl5.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9004
cf-bgj: h2pri
etag: "6326a5a0-232c"
last-modified: Sun, 18 Sep 2022 04:59:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBl24mMppqBHx6DOXrk%2B5WP%2Bsh%2FQazFBRiNoD%2F0JKCTzeTlNYGT7S2QWoS0a2tFgGAAsMV%2FA59GnFJrk3TNYEYNxJX17AhKNvkxv1HzdM8XEZuuYz0u77H%2Bke49N89e3T3K9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf8e4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/rsy32obwb0q.jpg
200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/rsy32obwb0q.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0cfc0c0314fe82b3d9564aa817d0c5af
41f2619533e5085e462a898e760bc123cc34f345
d3d602602e32f233b794fc59df027b10c42418fbdbdf4358e5041ba7bfcb3eb3
GET /upload/vod/2022/09/rsy32obwb0q.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 10376
cf-bgj: h2pri
etag: "6326a5a4-2888"
last-modified: Sun, 18 Sep 2022 04:59:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4013
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FNKm2Lor0umI0cdra0Xo3cuhb3Bs6Kn6rOz68jie%2FKwY9gRgWomRYSRtBaBYabLfxMKVskx3cH4mn6MSpWiAL6Q0f%2BV8tmXxEyJTUvzqoM%2BrH4ksp7ACQ6ZfkOe3QmEjZNT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf924065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/qjgeabx0iao.jpg
200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/qjgeabx0iao.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4286141efbd0fd721d53f65c68c2bdcb
ee52da7b72acf7464e03cd0a2b42fb6375e76aff
c3cbab7b20648cfb92be04e4792e5ee427cda1b9fc80e01b53f6b4f21b13d3fa
GET /upload/vod/2022/09/qjgeabx0iao.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 11544
cf-bgj: h2pri
etag: "6326a5a6-2d18"
last-modified: Sun, 18 Sep 2022 04:59:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpOjf84oPPhE%2FhV%2FBT06Fu1OoSXfiPR8YJREE0lA9VmtRfopzHoyJT9jbZe5DtQ0Z4PLtuj6kMcwyESM%2BCakwnqHjHpIG2DxR0bV9O4gWJh5o0KdcV12qzRc9mK%2FyXEkKbHz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf944065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/1ym30fc1kp2.jpg
200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/1ym30fc1kp2.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4468ce36dc2258785cbff4a5a8139edc
f37f0f8cfe0d2a46c52617cc28b2876b1494a676
87bf7b6935815d1b464032fbbccea448806ac99d232a8f3c2ae043d0f7796b61
GET /upload/vod/2022/09/1ym30fc1kp2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7378
cf-bgj: h2pri
etag: "6326a5a7-1cd2"
last-modified: Sun, 18 Sep 2022 04:59:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6690
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlI2ydeRgRKkzDSfjdFBzvxHuOh4wdmrss6MFUIuc1gSWe8ZjJYm5S6%2FpEaXt7yGbJKxRgbUff5zxaODpVpq6xbXgcqB%2FG2dERv64H6VSQh6Pzwe8gbgOCzuQc%2Fqsd73OBkl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf974065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 25a9afe63d91673500a8efa97e5a0bd8
f084f5427f687a070f2d99ca66e67172655ada05
632a80588e4c729a5344194b2f395f92fe303dce1c3e77c18ed6aeeb474bf814
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "632A80588E4C729A5344194B2F395F92FE303DCE1C3E77C18ED6AEEB474BF814"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13262
Expires: Mon, 19 Sep 2022 03:51:25 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/bvkrato5g2m.jpg
200 OK 6.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/bvkrato5g2m.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 74d79b6891cafd672956c8cee889a975
e7fbd31bc78d3d8937683b64fd75b876e74b9351
129c1ab8c58647dbfa8feca4cd26241c58e74212806eebb543671d8d9fc40107
GET /upload/vod/2022/09/bvkrato5g2m.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 6741
cf-bgj: h2pri
etag: "6326a5a1-1a55"
last-modified: Sun, 18 Sep 2022 04:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElPiieMOirRjPjAml0T2w1tHiOjJuuHh%2FbiXulEaJUhdw5HdoVTPJcfyJyjzJRSYE4H%2F2qxvHE%2FhjdITlMmSvyy9v9cqNBN2ChCHArAvQImpW5NTjqRDcl2gG9bL5sM9Je6A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf8f4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/gwvvtbulhq3.jpg
200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/gwvvtbulhq3.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 81ea4ff7495f599ac195d2f16c6a57a3
5411a87121db1dc9e9f3aa06ceecf57e800bb6c1
70a2e78558987b1180773f4eaca0faa62faab5811c8754dd649764273460611a
GET /upload/vod/2022/09/gwvvtbulhq3.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9732
cf-bgj: h2pri
etag: "6326a5a3-2604"
last-modified: Sun, 18 Sep 2022 04:59:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frez1QXR2B2yxAZbyaeNmt47PRt0kPX1WuXbwEvzKFzJf03mSu5svHASVJ68IHagCQLhHf80N%2Fij7KahZda2Ge1ISRk5fG1bIfOZLtR1dLl1waKgU%2B1VQZP2tcJ7atLpaGPq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf914065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/5yhgx1oydjr.jpg
200 OK 9.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5yhgx1oydjr.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 29acd298bcb1e4829595647c28f697c2
e2b7831afea9a7e657caca0b78e86c704402a3d8
50e4521df9efc40f7052f99364b34c84eadbe21224cd26fe6787cadc07b51531
GET /upload/vod/2022/09/5yhgx1oydjr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9381
cf-bgj: h2pri
etag: "6326a5a2-24a5"
last-modified: Sun, 18 Sep 2022 04:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSi2WwZ0KYeiq0r64bP%2FGtIDlB%2FzqSeqkxPW3JqvHPJUxF91VuI8eKcs3z1h2S0m5UgxSwi63TWCBrX8gxY4FQRYTXC%2BCXhDQePeWOvGWr2QiVjsouBePAtpNZldqNwnBbfD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf904065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/3fuuaior33y.jpg
200 OK 7.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/3fuuaior33y.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dd2fd89ce59678571ca701f22dc063be
6ae9e9480b6267bedebfdaf4487cc2597cdb8e29
04772756fb0f4c7a94d1561dbc72eac4e690ea8264938d0b7cddc28e2698d92c
GET /upload/vod/2022/09/3fuuaior33y.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7116
cf-bgj: h2pri
etag: "6326a5a8-1bcc"
last-modified: Sun, 18 Sep 2022 04:59:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6681
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLfB4P0fG1%2BngyAx%2FzE8BuSilX2UxEOtA6wRNh7nlnw3PdZ9E%2BMuzfeCGGNtQpUGty6phS%2FiJWuEgZbkeYXQCKVfnc%2FC%2B5UXldfAorrAGugAqH2tEe5UYFQCPOzqQRr21yfm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf984065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/reuadyohcbq.jpg
200 OK 7.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/reuadyohcbq.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2fffe9eb9c7d8baea136b9ac7c4f80bf
875f77188cc01788b99f6962e64f52dcc9707e69
9b22fc920561ef91885482962ae9846c1f8e519221fba15b43187685f7cb196d
GET /upload/vod/2022/09/reuadyohcbq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 6960
cf-bgj: h2pri
etag: "6326a605-1b30"
last-modified: Sun, 18 Sep 2022 05:00:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ccy%2FVovipIQtq9qsW%2FwIjausIvH4a632AuJo%2FUvOc%2FfJeNS6Lz4SR2IKskU2AwtQLqhbHljd22jPb%2FHYASKNGuumDhmlme%2FmcyJCEElDL881mdLTbs%2FngMHubEV7ezDnmbj1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf9a4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo246.xyz/static/images/hot.gif
200 OK 254 B URL HTTP/2 www.niumo246.xyz/static/images/hot.gif
IP
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Wed, 19 Oct 2022 08:19:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/sayaendcls0.jpg
200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/sayaendcls0.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7c41cb4bfc494d728bd06e81257f6b69
e2e30d3d74089423ca738084825f237c1bc200b8
0b26a248a49bfb9c952ce2cbee66235a0fe634a7cb5127aaad7a7fb1d37c88c1
GET /upload/vod/2022/09/sayaendcls0.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7422
cf-bgj: h2pri
etag: "6326a5a6-1cfe"
last-modified: Sun, 18 Sep 2022 04:59:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIfvJ3%2BKdgIkvCB4LusgDwW3kjgv3sV00feBCqYNbrZ6vVTrx9E%2BlcMObMZMueUUoCH3YR0uB1HRsr%2FI4BhhYzx3uSkesDnnc4u5thI1ZFtXsEE5yxYmQIj4e3zIqzgN25m7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf964065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kvbp3ec3s5t.jpg
200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kvbp3ec3s5t.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f9a0be43c24f5cc57195acc1c59e7e6e
07f920c28731570a5d423aa9fe683bfa7d97cbd2
0b9117ee77c485c7db41629fa1338a629de25bfc40bcbfe63b77532c7208b413
GET /upload/vod/2022/09/kvbp3ec3s5t.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9678
cf-bgj: h2pri
etag: "6326a603-25ce"
last-modified: Sun, 18 Sep 2022 05:00:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO18k4LP4%2F8SSi1tAMAl6XGRejU10a%2FaQwBp%2BrH5e6Bocff3kad6rbIvMffaxdtnsLb1rATdA5e1FFq%2F3RwYw2FQtdYDV1qpvcAzCnIl511PS%2Fuz9kcO2JM%2BdjJa9u%2Bnxdf9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919dfac4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/j5wobt0jgjc.jpg
200 OK 9.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/j5wobt0jgjc.jpg
IP
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash cb2bfa27e63c984b80dc411576de1220
676c053ff6f0e39a7b41434e9cb7992e8b47d005
4078caea247d6757a3d13b493846b84b28c14d1701a05c5fc03c30290f2e8aed
GET /upload/vod/2022/09/j5wobt0jgjc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9251
cf-bgj: h2pri
etag: "6326a602-2423"
last-modified: Sun, 18 Sep 2022 05:00:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA9EEBZSA0u6KxUZK5daKLItZ9OGKYKjuVq1ZMyt4W9T2dKFkePvffIiV%2B6tTEmMr%2FlcM5DFC9dKdVBOWNWIbJBLF5Ylct6BfGOwQU1mwqV24qhx6vr4SOEtl%2BE2KzJ3vbyE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919dfb24065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 770c3a5cd426ab163ebf8dbb931c4726
0950b48a11c495cdbce62d78844ab2652911132b
cf6200ea52c4f7b083a8f519011fc28916455da56ecc296705d6dd2fae1668a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CF6200EA52C4F7B083A8F519011FC28916455DA56ECC296705D6DD2FAE1668A7"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1646
Expires: Mon, 19 Sep 2022 00:37:49 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 14 Oct 2022 16:46:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 372263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09T%2B41NGRL67gMu%2BeIop8%2BuFslsQwE%2BciA3hBwY7cE5b2HNHJj534Wtbhe9vx%2FgSzU4arXaM4An5zp0emXL0iFddKco7LnRnqVi2XJwIKSYEyjmAhiWQAoqva3rf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191a7f0fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fa40601458e24db29b0d6a4c10eaf33e
0f9dc24d3b2a94615e492fa25358cf8883cdfd0c
e32fbef61e5055057c91bd006d36d07f1f583dbf23837c24dd937ba4e884d3fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E32FBEF61E5055057C91BD006D36D07F1F583DBF23837C24DD937BA4E884D3FD"
Last-Modified: Sat, 17 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7378
Expires: Mon, 19 Sep 2022 02:13:21 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5805
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:23 GMT
Last-Modified: Sun, 18 Sep 2022 22:33:38 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5805
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:23 GMT
Last-Modified: Sun, 18 Sep 2022 22:33:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
fmlb.netlbtu.com/upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg
200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c0b4deef3b7b6e455c3dabd4373e971b
01b2e03544228cc38144e88fd75b8de31e8e6bcc
4e254e0452b7b1d02f74c05bb5e3b84d7190632e76098d01339c72e2da9e2678
GET /upload/vod/2022/09-18/13/2yepwnnl4aq13012yepwnnl4aq076043.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 8721
cf-bgj: h2pri
etag: "edbf94a91bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjZEnAKGrfM3pjOcP8aCz7Pjwmd2v4s0qb1NEEoIfn99vRcW4Ty63q1HA1Spi0DAA75pVOUezgEa9cl%2BcGSQNtM1PpNs8M2lW%2Fmek42SHJmv4cnvz9K0c8CiIK1I%2B%2BStMgyb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191aebd888bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/zrb01trv5bl1301zrb01trv5bl126053.jpg
200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/zrb01trv5bl1301zrb01trv5bl126053.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 13x10, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 441ba8775d7be70b3f60fe54a977661d
807b41d8f093f2f781670359bd9530ae5b504bb0
5aed83ecbd28a20d732bbd1f3240d2a1bff1713fd7289281e92dd04d18086ed4
GET /upload/vod/2022/09-18/13/zrb01trv5bl1301zrb01trv5bl126053.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9744
cf-bgj: h2pri
etag: "35335ac1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1759
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3s3dL3pjYBpdVZVdI8UEJbnzSGwm88kLH9rlpGMAGavifYKcAzz%2FF%2FMSpS2NXakrDnTONee9x%2BFJs1pLdvCHVIGYq%2FVOnIpXbFw7ye3i7M%2Byl4c%2Bkf%2BpC8cBfyo9ps1hzwU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191aebdb88bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/sv5x423wlyb1301sv5x423wlyb106049.jpg
200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/sv5x423wlyb1301sv5x423wlyb106049.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 13x10, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dc1f0f565b8feeb75e964b189344c875
1ee4d67cbeb2b217c3e5620025c6134f6a42ab9f
ee95377dbb1b325de7687951dbb056a72cf1e59ac5f66505703cdc2e43895ba9
GET /upload/vod/2022/09-18/13/sv5x423wlyb1301sv5x423wlyb106049.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7311
cf-bgj: h2pri
etag: "26e727ab1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGWefCgqsrjC%2Bxj%2FJ2Fq1fkjvWu%2F1ZyzZCTWEaMnSz35jWRkGWEDLjKvBfgRQeJQzlLrrYKzyKIOZ7qOrO%2FbX3FGuscQfswKS22wEojVk%2Brn1zgHcZN2d%2FmVXgIvk%2B5j%2BVNM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191aebd988bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/mwiuioayic21301mwiuioayic2116051.jpg
200 OK 8.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/mwiuioayic21301mwiuioayic2116051.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 13x10, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7c9c1073f5994eadf9b2fb03c7cdc698
f0e4629ad8142f025b80ae9abbe5baa8178cfbdf
3dd65a3a45244ec14173e53a1ff57be7b6375ab6ed37a5beb5c2bb846337f626
GET /upload/vod/2022/09-18/13/mwiuioayic21301mwiuioayic2116051.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 8094
cf-bgj: h2pri
etag: "91cdafab1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STCFy8h9uSIwWUr1W%2BHPqgTYU4Bv3hgEits5O67h%2BdmAHcL%2F2CXwNzaWZH5yjGu7ijbCfCfqt2556HHYlzsoRRpxpjuPwV5Nx29AREnlYOdkm7irGNs2mfjo%2B0Y8xXfDeO9V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191aebda88bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5805
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:23 GMT
Last-Modified: Sun, 18 Sep 2022 22:33:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
fmlb.netlbtu.com/upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg
200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ad4517eff3f949a1e836b97324b70d2c
a726b6395801bc8260372ae1007043f659a54cee
f91cb25c0c368bbd3e6c39911771b073b6a158d7d8a8ba950948ed6ac9e1115d
GET /upload/vod/2022/09-18/13/dt1thhwl5wl1301dt1thhwl5wl056039.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9267
cf-bgj: h2pri
etag: "2d1b6da81bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAc%2BI1pfANZ3SZDPd%2BXwfMl603NxdOA3upbSDfEDDH5oxQCWU6mvLPcyjkmGuPwpXgbAT%2F5%2BIEBRdQZCpf%2F4ITX1LxJ8N4qYdy4oNBTk8uVLK7amCb0cN3XPKgCf2vkPSA1t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191aebdf88bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo246.xyz/smbaidu/tpwz.js
200 OK 710 B URL HTTP/2 www.niumo246.xyz/smbaidu/tpwz.js
IP
Hash bb5ab7086511fbbbea571a433a8d89cb
6ffd97a77a250186a4a4ebed488c112e5eff25cd
ffdd8978de42ae7e70de1bf0d2b0d7076323ef37126c6824c6f9fc0a0a62b74c
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 03:09:27 GMT
vary: Accept-Encoding
etag: W/"631173e7-5a8"
expires: Mon, 19 Sep 2022 20:19:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg
200 OK 7.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bbffeb709423dc0ff2221628f182c020
a9f7ccae2b0127563cce0329cfff87b1120edc0a
b0e80eecb3b184b358b75133c9026f98b0efea7c6e829c744b1dcca8a86b5b40
GET /upload/vod/2022/09-18/13/dnkmwmudig51301dnkmwmudig5046037.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7843
cf-bgj: h2pri
etag: "4af8e9a71bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBhFnnXkYYQB6A5iqi3X2SWbhDBvvu1%2BHSLvHVR4fpFbGSh7xt4tKMvJqR58qaUU%2BD2RTWNS2jg%2Ff%2FinY9sAarrlw9rP%2BEcqgjrMhE0UtR8WkWPXZkHt5Nd6rUYoqweO2QWa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191b0c0288bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo246.xyz/smbaidu/tj.js
200 OK 2.2 kB URL HTTP/2 www.niumo246.xyz/smbaidu/tj.js
IP
Hash 81c2c51219c37faeb5b3f58499cfcc3a
02bed14c5f886030b6d88b4ede6aa35e630b353a
c36b5940da7ca28b821ef5a100e2bd6559d1d3b499bd8e8195267d42188390f4
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 20:17:27 GMT
vary: Accept-Encoding
etag: W/"63092a57-bc8"
expires: Mon, 19 Sep 2022 20:19:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg
200 OK 7.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 36be1f2b24491b56fd8d6e7ea5f9715c
1be456f0ef06e94e25394a48468f444770a89b05
6cbb7388287d11c3c14be43ecde3588a3639edb0642c1646dbbce0a6283efba1
GET /upload/vod/2022/09-18/13/1gtvxulq0nu13011gtvxulq0nu096047.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7181
cf-bgj: h2pri
etag: "980a0aa1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTau9Z5c3I1x%2F4yKjd%2BUsOWnKOwOsFU0hxqj1cbi5gmBAH4KOUdC3EfRyl5kGnzX%2FcewQS9kYg8RqBTDWyrzdDO5mqh9Bibh5NREFckcst%2FhOaMCgGdjNlGsbTix3%2Bbs1PXZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191b2c2588bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 75f9945833c2b6910a9b2635ffa55af8
199ac43ed64f59a344a0c2b7491daed40a5b2462
8b7645e554ab0d3561939b51fbfe1dd16e953a2c3ed90dc142e142ddacc97303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B7645E554AB0D3561939B51FBFE1DD16E953A2C3ED90DC142E142DDACC97303"
Last-Modified: Fri, 16 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Mon, 19 Sep 2022 00:56:33 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2420
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:23 GMT
Last-Modified: Sun, 18 Sep 2022 23:30:03 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 278
www.niumo246.xyz/smbaidu/dibu.js
200 OK 7.0 kB URL HTTP/2 www.niumo246.xyz/smbaidu/dibu.js
IP
Hash 32c9843c1103ae5b87931c221bae268d
d65dc83559e88306d582199181815878188dce57
7c495bdf1289dd6924e31f91383a8fa8ab1db96c9502e308e9892fecb610ac04
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Mon, 19 Sep 2022 20:19:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ka2v43jhqll.jpg
200 OK 6.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ka2v43jhqll.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 7204de8a1f37b74b66e1cdf69aa90b26
758a652de4f2bd46390bca03249e16e513325217
38e7539074849e35c62f8b4df272105fd29f16f7dc52818fcbc8d877351bfa13
GET /upload/vod/2022/09/ka2v43jhqll.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 6124
cf-bgj: h2pri
etag: "6326a608-17ec"
last-modified: Sun, 18 Sep 2022 05:00:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RX13l9Le42PTAojpIC50do7nDcpE9DBHcsJ78YOOu7otF%2FZyzKWHexx1A%2Ff7FYlwbg7LEtAzPdQuEmq5JWouGoUT%2FWWAH%2B1gHzxiCV2NpmY4WCjxkv1XfaOs7UiLflldeUdI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af794065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg
200 OK 9.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f6d65c635c33ed84c3d20b9fe8e0ba73
53322f675b9d5fed33727ce5c7ca563a26580cea
cba331a8de5f714ca097aeb155e14d6dbbfc53b314bc793ed0e000d4eae2aa9a
GET /upload/vod/2022/09-18/13/ysus02qugpp1301ysus02qugpp086045.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9122
cf-bgj: h2pri
etag: "457b1aaa1bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrE0VjRQ9XFC6Am9wroBn95oVb%2FlZewCL%2F4svvZFX%2By2jMPEq9KvKjlwliVRFdQfYR4XVFDXMGoFRp7zpqNuakq6yYJSussLYmtuIHjrU743YuGe26VypSfjf10AE6zUO6yK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191b4c3a88bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3596bae821b7744f009c86ffe205ff57
e85c8e24d76667678bc05ccff3f46357e5422985
7738ad15d18b27b31b833d0cac5e02b83dd974d89d33bb9ed91404b184980d46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7738AD15D18B27B31B833D0CAC5E02B83DD974D89D33BB9ED91404B184980D46"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18213
Expires: Mon, 19 Sep 2022 05:13:56 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/vjboz4riwlc.jpg
200 OK 6.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/vjboz4riwlc.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 0120937e433e4d31f44c1dfdd4cf0399
9340aebce8343b2442d8545caf3f52191ea643ea
9ed4fd94d7853ecac719c42871728b3f1959f3b04b38ac4156b630eae7563319
GET /upload/vod/2022/09/vjboz4riwlc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 6564
cf-bgj: h2pri
etag: "6326a607-19a4"
last-modified: Sun, 18 Sep 2022 05:00:55 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmIzVb71PT%2FHQbQOEG%2Bh6mVqIEu7S5h5UKHmWdUnaNrpz%2FEUqjONnvy%2FzQ%2FpbqunUTbDGrB1fqkBI0fQ75J3QyvXgHk8MGa6t%2B3pLYtVacRCCnTt1vTxcK1ICh2ud%2BFb5r8L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af774065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/dr1libbhceu.jpg
200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/dr1libbhceu.jpg
IP
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 345ad7fbbe332c4c2101e142c92f45b9
ac59e1869fcc37a5916cdd32f10a5810a0fbffc4
df34de4f478e68519a3d877d4e339790d70e3b2ab412a5ed2c3db239580741a1
GET /upload/vod/2022/09/dr1libbhceu.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 12682
cf-bgj: h2pri
etag: "6326a601-318a"
last-modified: Sun, 18 Sep 2022 05:00:49 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5ClJFo5r01pMBfPnoYgB1OPkuWNAMqwuSD37M4QUgbWYBSYk%2FWpS5KYoFK4CR8ALbKh4iW7LhMVQQErIoZI5auQxVIYFly2wi7on0LUAwh41IqAjrmuKy90TV0OdSbaBqSZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af764065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 98d7d89958a93e9f4ab508482df9828d
4cebfe52951cdeb0c33b4c6fa4c4b3a58fb53c0e
74ec338e95c2fb09c4d7ec64ea9e8135ee3bbb8077d37f96265348827ac99eb5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74EC338E95C2FB09C4D7EC64EA9E8135EE3BBB8077D37F96265348827AC99EB5"
Last-Modified: Fri, 16 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Mon, 19 Sep 2022 01:05:04 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Mon, 17 Oct 2022 13:34:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 124529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30co0jRviYE3iCJeszR2chwom0kvIrld0Yp1eEQRUvByPjgr%2FZ6u9d9IH%2F1v4U1qS4%2BIfuqzEKsQbuW6E4zph3cBny4UvLDjBP9kFZagzYbuZJS2TBz%2BXka1cVED"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191b281671e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 006df268b8a04bf27db8ac726f939683
022899920bc71c1f3e3bf989cde4eadde5a3678c
f897a7926b6058a1c45d2243ed66b04e35732d40410ee1652778020a1c599729
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F897A7926B6058A1C45D2243ED66B04E35732D40410EE1652778020A1C599729"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Mon, 19 Sep 2022 01:12:09 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/aly1hyyomjq.jpg
200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/aly1hyyomjq.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 73bb2df5b546f82bebba8d65e40b5486
7c5c7c030269b9f187009226aa47ff66021fc2bd
b4ab6dba6d11b9d823eb7aca48ab52911b330d95466cc5e9c878b68f70ed7102
GET /upload/vod/2022/09/aly1hyyomjq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 8727
cf-bgj: h2pri
etag: "6326a61e-2217"
last-modified: Sun, 18 Sep 2022 05:01:18 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZKsY0AhzPmLJq8d%2FfJGiPe2LKi4upOu3JQDmnOP0vAqQLva1i1LK18NW6Z2jEROTGGThCbz1V%2Fjgiil2%2BLOV%2BMCEaf0XhlSB9WxEq5XzDC3kxDgpsWpSYxK7%2BYqVjIKia2s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af7a4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg
200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 02bb2f03e004c58f8c131222a3d327d4
5549899e0365038ac5bacca9672e3a5892f01aa3
5cb5f8f1fef1ede1eb32cedf5963bc402b0c869721ab39fc691bc8449d66c82c
GET /upload/vod/2022/09-18/13/fdqockghnzx1301fdqockghnzx066041.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 8870
cf-bgj: h2pri
etag: "783bfa91bcbd81:0"
last-modified: Sun, 18 Sep 2022 05:01:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0j2FT%2FzHWnO1%2B96zpHYgHH0KUw6bPTHm7UsPD9aYP%2BL3CgfDcJapGVPybz9bmftZ35Zp1jkwlx6p6HNvsFkQThFYGYJe1VzdG1QUe6UcjbsVpaqPLVOxchvlQEe1cyDiXBg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191bbcc588bb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 98d7d89958a93e9f4ab508482df9828d
4cebfe52951cdeb0c33b4c6fa4c4b3a58fb53c0e
74ec338e95c2fb09c4d7ec64ea9e8135ee3bbb8077d37f96265348827ac99eb5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74EC338E95C2FB09C4D7EC64EA9E8135EE3BBB8077D37F96265348827AC99EB5"
Last-Modified: Fri, 16 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Mon, 19 Sep 2022 01:05:04 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 8988455
expires: Fri, 24 Mar 2023 00:10:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191bef9d0b49-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d70e1e7e62f859fe875d634bfd4439e
8eb623f87b14b95402379c76002164731b193559
e9fe853f7c23fdcd8811774c9144108e6736cf572a117b1cdcc1455f636b25a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9FE853F7C23FDCD8811774C9144108E6736CF572A117B1CDCC1455F636B25A7"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1340
Expires: Mon, 19 Sep 2022 00:32:43 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/bun0b31vdwf.jpg
200 OK 5.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/bun0b31vdwf.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 186a841e7711872fc39e1abc5a8b194c
b732863fd471067e76e2ec2aad2ec9675b341742
c1b47fc72753d22dd8eea06d59eb50f2ce4acd34f9c40c45ddc4bc9a9278a8a1
GET /upload/vod/2022/09/bun0b31vdwf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 5280
cf-bgj: h2pri
etag: "6326a608-14a0"
last-modified: Sun, 18 Sep 2022 05:00:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBBTIYSFQ9CfLLqd5ckBpQi0AqC0nuuRLvoR6%2FlK27COUelKZut3k0XOmWIsCQhk18MVJUY%2F3cjLAV%2FChMLcyhkGQ8Pm391SdWu1ptaW1vG73cOQ0oU2PmT5iHY7CG%2BP6fcZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af784065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Tue, 18 Oct 2022 00:10:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 86376
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlhaZML20XXbpnqOnQU5VWe1KCxKFatBWzLiGd5p3RnvRN6XHe9aqWAnX4r%2FMp3c67C309Rx%2BAyTse9tOTXJ2La83WIrEj1PUPeq5ZKH0P9DHxttnmncnljq%2FuEx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191b381e71e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 770c3a5cd426ab163ebf8dbb931c4726
0950b48a11c495cdbce62d78844ab2652911132b
cf6200ea52c4f7b083a8f519011fc28916455da56ecc296705d6dd2fae1668a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CF6200EA52C4F7B083A8F519011FC28916455DA56ECC296705D6DD2FAE1668A7"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8876
Expires: Mon, 19 Sep 2022 02:38:19 GMT
Date: Mon, 19 Sep 2022 00:10:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/5pakazyupnd.jpg
200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5pakazyupnd.jpg
IP
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 429a77e8f10c5b5d325ef0571476bd11
9da054a88257689791311ffd80502f826ba4763e
9f175f4c1e133e95cb9dcafe806a5d9bd8ccdbab4e747307b9a5434ff22548b4
GET /upload/vod/2022/09/5pakazyupnd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 10342
cf-bgj: h2pri
etag: "6326a625-2866"
last-modified: Sun, 18 Sep 2022 05:01:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW73Av0IQPIa%2BS%2BFfXdb%2Fkae1C8tJmJPWLT3mq2iFxuRFUos6I%2FkfzKLl4RhnMFoiyEcLub%2F1YNMcKPNvYKcS36EM3HicsfVfFXXDvKUhtIjJ2cERNN3umT2goXWATZ7ZRlb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af7b4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 15:18:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1587135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp%2BJecPwUdbEOKaMKW2aAna149wSE6doeuJReZpLVJ%2FfSBHkMeXE4q5jeLVKqUnPpRd3esbHrr28PSt2lMZN%2BXqr3izIWDyMf8wF%2FASXuGsOdAZh2%2FLUaLDJoq9H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191bdea0b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
200 OK 1.1 MB URL HTTP/2 nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP
File type GIF image data, version 89a, 1070 x 80\012- data
Size 1.1 MB (1058705 bytes)
Hash 1c8ef0df174c2b2bc21b99e5833a86f5
be5a4efc232a53d5a3a7a49d9e8be6c318801a90
8ef47b086718806f2632e8dd77ea1727a5159627e7dcd318d104b41b887f7795
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/gif
content-length: 1058705
last-modified: Tue, 12 Apr 2022 07:23:53 GMT
etag: "62552909-102791"
expires: Mon, 17 Oct 2022 18:34:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 106542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30ZFTcWRROEDEhirUAv2s9x0KlybTOMDKUn1w8qEonO%2BUH12XGGrIlgRNEsao4%2B5%2BBHoBi08pIjaJtgGFGsl5T4FfxfdV4ZJH9Vy%2FlIgA9NNezEYr1uGBjV4QrYZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191b483471e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 44ca73dabba17d83e5a5741fb5c4da2e
022faf0a0ee7ab74c4cb145b6ab072f85e152f19
67834dc8e68e99c3c30b253c515dd4d4bee66cab78b0f29988b8fd761dbd44a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67834DC8E68E99C3C30B253C515DD4D4BEE66CAB78B0F29988B8FD761DBD44A9"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2501
Expires: Mon, 19 Sep 2022 00:52:05 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash feaff7cf5a95c7b1ef00da532c821230
4f698f9b936080b67db43d56778338a8596ebb18
9aba86953e8da3624202bbb7d1923798ff9767cad4f7d97718c0ff4525061031
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Last-Modified: Sun, 18 Sep 2022 22:33:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash f5431d021f0fe2d61798bd4c08e09a07
bf4aa4a5b700d79d94c30026bb65aa0d2bb70bff
0dcc4fa7982c09f5319b15829e5b70e0e9cb03e75b3511b2b1954de9f91411fd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 22 Sep 2022 21:37:31 GMT
ETag: "bf4aa4a5b700d79d94c30026bb65aa0d2bb70bff"
Last-Modified: Sun, 18 Sep 2022 21:37:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3570
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191c498f0b45-OSL
kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
200 OK 186 kB URL HTTP/2 kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Thu, 29 Sep 2022 15:13:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1673820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl6m0L5sgEvegt%2BfxdLExOvSfdRtBAqePj3p%2Bdiet%2BKJCvGftXfX8hQLsmZlCEZOv6Gg8qjUxgxnG7sXfr4W1THKNJ68mRdm6WHdIj9MZoTEmWsOgBhYaGuhv7e2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191c7eddb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kgep1seqtjh.jpg
200 OK 14 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kgep1seqtjh.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 46bbfd33f3c3e88ce01886c83ed6d77b
64dd0bb48e5f4904bf4df8328dfd801138ea20ba
87abeaab486acfea222f7b1d8f0088c27e20a65092a4302edd6cba8e3f9758e8
GET /upload/vod/2022/09/kgep1seqtjh.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 13842
cf-bgj: h2pri
etag: "6326a627-3612"
last-modified: Sun, 18 Sep 2022 05:01:27 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkkTAujOd3hPYa%2BNp9YPAOVD21leXiNN0ZRks94ecZO5AuyBz7q%2FJFfGPBDBw6Eet9TUPJvJhUqoIBewvwpnThRa2nd8q7BCCCsFGXd1y87jsQ9bpHnJIPA3exDW8QxXcMdX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af7d4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/rkbueyvypqc.jpg
200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/rkbueyvypqc.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 914b909c564c430cc5096ed6dd42b9a3
d95d094508c642927669d8ddec33ae351798b2cf
cc3143dce3ef3e8e79efe20c1df3f5077b92e50fcda375f657927f61ddbc9557
GET /upload/vod/2022/09/rkbueyvypqc.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 8759
cf-bgj: h2pri
etag: "6326a626-2237"
last-modified: Sun, 18 Sep 2022 05:01:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHK0JuIR3gcElwfghkBpBGCFX%2B%2FIr5jDVPZEYCb%2Fz7eyf%2BPwLMD58ne4WvZoMzElufrgT7%2BoRr%2B2UFH4M3S8enODIdneN2%2B3hByxZUYtcgexvtELUx7pdfwg8FcQblwl9RSP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919af7c4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3dabe8085b0e4c8fb4a938e7c6f31020
8968d5a556efd538a6346b22fa9cc73bfa2bfd68
da08b4fbf4df17f2aec14f39a5f364e25d376246e4cc9192b52419c23ab51102
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA08B4FBF4DF17F2AEC14F39A5F364E25D376246E4CC9192B52419C23AB51102"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7642
Expires: Mon, 19 Sep 2022 02:17:46 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/lueesuxvgo3.jpg
200 OK 8.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lueesuxvgo3.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 32b8756c250639ad61008aadad9fb364
f75a3dd46fdfcefda72f7dc633a6c1f15f215a99
8850908cfcbb45dbb08ce7956fcac3131b9d7a18919b28c7b3e75f4142ce9ced
GET /upload/vod/2022/09/lueesuxvgo3.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 8424
cf-bgj: h2pri
etag: "6326a62a-20e8"
last-modified: Sun, 18 Sep 2022 05:01:30 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xQ6qSoqvqK8efnkyCffcw313GMkpGvCT7MJNkg9tL5Cj2K9onhBA08foign1atFRwHr7mWLn%2B8zujkdOf2lQ7k9V6Ehr7OdpTU4fY8BphpT0Dwy4qJ6ajFac34JDipTTgeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf8b4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/smtlfev3gvh.jpg
200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/smtlfev3gvh.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ab99abe6ca68b327d7e843533f6a217d
d5eb645243896fc52151d160c329335ace2a0422
660fdc01ee7549c7718b30638c2def186f6d913d3aa066f147ed944d6db63622
GET /upload/vod/2022/09/smtlfev3gvh.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 11426
cf-bgj: h2pri
etag: "6326a62b-2ca2"
last-modified: Sun, 18 Sep 2022 05:01:31 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfDjXWCc5S%2B%2BhaXS1jd4S9Pj74foJkQopiun%2Bihy999cRSxPHY79rf0oWqMQEM7v%2FE5m67OFWGoxg6fVKI%2BAZBR1aGWAJeFs0qbAS%2FWdgY2wrCJ6VUip8deSFKWHc0tuVoZl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf8c4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/2n4tqylliye.jpg
200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/2n4tqylliye.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 41d7d4d4300e3d11b0a91f67f08ccf48
682d1b09864aeb098359bc9c35d23cb2f8ebf203
8c0c08d9e7e2f697b6b85d9ed6d7b695f45bed3b6460f074e05ccc37a28d5666
GET /upload/vod/2022/09/2n4tqylliye.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 11758
cf-bgj: h2pri
etag: "6326a628-2dee"
last-modified: Sun, 18 Sep 2022 05:01:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SeoGPUZ7zEc%2FgZqAOSoNBJtJYaSgjElM%2BN2UaVTsTMUmQ28KcgqSwNIKG1Z9j3rzv7gPHlP2RcAkz%2BD5mWMs8dULpvcVqgdzeO6nXoSIVN6ZiXhje0BZTtP8oY%2FhFSrRXmf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf874065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 98d7d89958a93e9f4ab508482df9828d
4cebfe52951cdeb0c33b4c6fa4c4b3a58fb53c0e
74ec338e95c2fb09c4d7ec64ea9e8135ee3bbb8077d37f96265348827ac99eb5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "74EC338E95C2FB09C4D7EC64EA9E8135EE3BBB8077D37F96265348827AC99EB5"
Last-Modified: Fri, 16 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3280
Expires: Mon, 19 Sep 2022 01:05:04 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/1p0kmuurzqm.jpg
200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/1p0kmuurzqm.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash dc1c82a827ca87ac8823d59f7bcb1716
8f234cd18a0a295bea2c110ba39841974e0be38e
4916c16a8cc5d1c4264d369e91e32bbed497793164c6d1582a330c2165963517
GET /upload/vod/2022/09/1p0kmuurzqm.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 11978
cf-bgj: h2pri
etag: "6326a628-2eca"
last-modified: Sun, 18 Sep 2022 05:01:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtQHT61Qzscc9XqBjlab1Qr2BMdkXs03FTFO9ydkA4hd4GoT%2FSw37y0tF7R%2BPWOPnahSGpeN4sKGA4GI2Wbd4FMK7LlH4nzeSmHgitiFr7QEweNZ3xVpfibPiZ7IOPQqHWGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf884065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/quk12xbokfs.jpg
200 OK 9.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/quk12xbokfs.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c13ad9233deac8c244e65111e72357fb
699ba055451cf862c390eb55d30ac24915a25438
cb5b1e9b6405b4a35f1db041776482d5b8837ae90915f8dca68c8112ec89ea91
GET /upload/vod/2022/09/quk12xbokfs.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9589
cf-bgj: h2pri
etag: "6326a62c-2575"
last-modified: Sun, 18 Sep 2022 05:01:32 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo%2FTpuJUTT6kN10tcShfdZY0LMmd0t8vtn9hVKtXgMZBbAJjpv%2BcS%2B2Mr4ALQiZ2C%2FwtIjkVNNvIpH2WUrjuat4KYTV9QeaRb06RXL4a5FjBkQ8EZCq%2FJnWxbfMyhkKa2jCZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf8d4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/5jukhujxcto.jpg
200 OK 2.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5jukhujxcto.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2e51f59c7a419d8cdeb2ef6c4e1c813c
84a5cd5a6bf8d99b2d48ab0b3d0753dcdac4ef90
69b0485ea4318010b818a418fea240db16ec1e0d336f77eeb3aa93244fb610d6
GET /upload/vod/2022/09/5jukhujxcto.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 2552
cf-bgj: h2pri
etag: "6326a606-9f8"
last-modified: Sun, 18 Sep 2022 05:00:54 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVO7SXUnxo%2BwWpNHPY3Dnzi2ZxQ%2FMSts%2B5O%2BZAQI66prYlhTDZAMve%2F58B38f0OHzefr3mG%2BkEW19fqGetqwQIGbUnwlPV0y5taQ%2F3WJWpJ8yaErTjnWem0zWZHEKGlTNIzS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf994065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash f8a6b4ca6d2d57fd90fc22788c6941a6
42ba27632f305aac6b05c3f2a2c4200a7c1a3624
beba10e90f37f598d1366296b7e73a1e2ae199899a7af43e7a673109466bd91a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 23:28:07 GMT
ETag: "42ba27632f305aac6b05c3f2a2c4200a7c1a3624"
Last-Modified: Sun, 18 Sep 2022 23:28:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 572
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191d98adfac0-OSL
fmtu.netfhtu.com/upload/vod/2022/09/kxm1phiobqf.jpg
200 OK 6.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kxm1phiobqf.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 413e04b0b820193f2f55f3e0bcac0ac8
3246a74f23e273e588d3ac337d6c8513a86848c5
bc7143ee9970390fae71c58dbc412c12cb4737a5db54f2227ac8051921e98607
GET /upload/vod/2022/09/kxm1phiobqf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 6655
cf-bgj: h2pri
etag: "6326a5a5-19ff"
last-modified: Sun, 18 Sep 2022 04:59:17 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zLtVAyR0pNe16AVjjFIo1NnpJf7y2DyF0u4ytQywgDT%2B%2B9gu3SUiyTXZ2ydRCeQ61u2tYRFhyyVriIOeC%2B0EeGovBT%2FxM%2BQTU5J5QhXRGzFNox1BIx%2BJMxK6gli%2F49CZBxn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf934065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/wlwj1hdjf1g.jpg
200 OK 7.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/wlwj1hdjf1g.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash d88904bde3f07ae2003b03a3dfc4ec71
08183a267bef188c44320da262149b7a0cb0e997
a3360525075aeb6d2f8c28d270d4da3a61946883faeed7e7836034ecd395607b
GET /upload/vod/2022/09/wlwj1hdjf1g.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 7351
cf-bgj: h2pri
etag: "6326a604-1cb7"
last-modified: Sun, 18 Sep 2022 05:00:52 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fkgv4bwRpyX0i9RLOiJBZdjEN0eXKAMP%2BAVmRafamGOFbEZSdmt7zqjDcXEObnI48PsinZVcaYfpfbDUkae%2FzOJs0rtmdE6eEUv5jyfa%2BI2OtmfbuWZi21LV3XGRhVZyl7l3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919cf9f4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 547fe6a6d1e827a9f8f5c9c6ad9ce5f3
a12a8c32e6e4b244e1ac4b95d39fcda2dfa1c87b
aa753146ae91e51fc7526676b8523c7745f27d6e60ff48be84048bbb29d078dc
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=121
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
X-N: S
fmtu.netfhtu.com/upload/vod/2022/09/zbeelowrq5v.jpg
200 OK 9.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/zbeelowrq5v.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash fa464714a72e5a3dfc7cbae76ad84b05
22462797a6633167d309799c66e2de6e8f35a4f4
6d19e24586ebd868fe536385d8b4c740b3d87c5ae52c6fd4dea1f395c6129982
GET /upload/vod/2022/09/zbeelowrq5v.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:23 GMT
content-type: image/jpeg
content-length: 9899
cf-bgj: h2pri
etag: "6326a629-26ab"
last-modified: Sun, 18 Sep 2022 05:01:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PgAeMPCiZEgXd6f4HBo7bOMoOdT57WozBGA6zOV0CXWXt2QE7yyON%2Ff9vlp3g%2BgUoDbYfJkJrqPSp87J5EbSvkllvd8SefwHxGieW97PB9oayEQDrVAJTdJUHspZYBCVPcf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1919bf8a4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 5fff3ee0c5fa5a1f49714cfc002917af
516fbe0845e49bde6f5f978a0f9a721d7bc0e695
a9cecbe17ad6c1d0f9a059bcd470f50ae55df3e1058ab4cf1b1d8a72b458851b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:45:16 GMT
Expires: Sun, 25 Sep 2022 03:45:15 GMT
Etag: "516fbe0845e49bde6f5f978a0f9a721d7bc0e695"
Cache-Control: max-age=530690,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ce191d8b42fac8-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 92d5bfc28991cd24f08262d34be4114d
57be4ed16c49d6fb621e52388e5dc2ee2672f764
60ca85f29d10e67f1e9e176094ff9842c72cc6540c622a5998f67a3bbb94ab8a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 20:05:54 GMT
ETag: "57be4ed16c49d6fb621e52388e5dc2ee2672f764"
Last-Modified: Sun, 18 Sep 2022 20:05:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1904
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191db8bcfac0-OSL
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: text/html
content-length: 162
location: https://acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 92d5bfc28991cd24f08262d34be4114d
57be4ed16c49d6fb621e52388e5dc2ee2672f764
60ca85f29d10e67f1e9e176094ff9842c72cc6540c622a5998f67a3bbb94ab8a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 20:05:54 GMT
ETag: "57be4ed16c49d6fb621e52388e5dc2ee2672f764"
Last-Modified: Sun, 18 Sep 2022 20:05:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1904
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191dcb76b51e-OSL
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 024c53bd3b5eb4a17bcb2db22d60c1fb
1acf641d7b7a037cd77cd7429b2aaa9864af08a1
cba7adbeabef5d118294648b125186e166b84c466819131c6756eaf14c5de077
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Mon, 19 Sep 2022 00:10:23 GMT
Etag: 88dc810c64f04e37ca609c3b5b1bd4b1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CC7D7F1D2BDFC4D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 92d5bfc28991cd24f08262d34be4114d
57be4ed16c49d6fb621e52388e5dc2ee2672f764
60ca85f29d10e67f1e9e176094ff9842c72cc6540c622a5998f67a3bbb94ab8a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 20:05:54 GMT
ETag: "57be4ed16c49d6fb621e52388e5dc2ee2672f764"
Last-Modified: Sun, 18 Sep 2022 20:05:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1904
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191dd8dafac0-OSL
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 5632174c9ffc4ab6f4794a81f0357ba8
d7efdba9cbc1f1fd3434fee08cd2a4a586d5f21e
7a49651fb54def02d8d6be4924f6ab40e874dd9043b2e25030e4832fc692a3f4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 22:29:19 GMT
ETag: "d7efdba9cbc1f1fd3434fee08cd2a4a586d5f21e"
Last-Modified: Sun, 18 Sep 2022 22:29:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191e18f4fac0-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 5632174c9ffc4ab6f4794a81f0357ba8
d7efdba9cbc1f1fd3434fee08cd2a4a586d5f21e
7a49651fb54def02d8d6be4924f6ab40e874dd9043b2e25030e4832fc692a3f4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 22:29:19 GMT
ETag: "d7efdba9cbc1f1fd3434fee08cd2a4a586d5f21e"
Last-Modified: Sun, 18 Sep 2022 22:29:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ce191e1b8db51e-OSL
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 12 Oct 2022 23:28:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 520937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMJKumi2hRjZKoY9o4dARITsHWxSifd72qqv7rfSVcQwSUuQIG7bGiN6g%2BMyJLxs382hcBW9YK3WFYPoWhR9z9FTx7VL7lQxYoWhJtgWxmwpf1sIOgCLH5tRzv9v%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191e2c76b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash cdd21939c6530b77a957b80bdac5d7cf
654e984e654ee0381c2f55423dd86a0c19232ca4
041f93c532b7c041a01a8143f12a38cc9f7b3c2624d9745ed9a4a78b65ec0145
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1905
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Last-Modified: Sun, 18 Sep 2022 23:38:39 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 09 Sep 2022 12:52:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 12:36:51 GMT
nw-session-id: 202209092036500102120750882371BE55ws9ph03dy
nw-session-trace: 2022-09-09T20:36:51.042624887+08:00 134
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 20:36:51 GMT
x-tt-logid: 202209092036500102120750882371BE55
via: n150-050-027, cache2.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[3,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 017e264c470a200c75817d19215f4f0c4d0c8fe4cd833078a3f0c923d0a53a9f07ec897dc1eeece2414131fc93f86377bc0ecb7a9a69ed94bc789d2202a9035b0ca00f56ecb22ede539d03b4ac81b2968e5922b058dc71ca04727c531b7e170b9e
x-response-lb: image
ali-swift-global-savetime: 1662727978
age: 818246
x-cache: HIT TCP_HIT dirn:1:437759083
x-swift-savetime: Fri, 09 Sep 2022 13:44:21 GMT
x-swift-cachetime: 31532917
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816635462244058697e
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash cdd21939c6530b77a957b80bdac5d7cf
654e984e654ee0381c2f55423dd86a0c19232ca4
041f93c532b7c041a01a8143f12a38cc9f7b3c2624d9745ed9a4a78b65ec0145
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Server: ECS (amb/6BBA)
Content-Length: 727
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 062c98766e2d3f5c9d916b553492c104
583e26e15acf64cf7a97bd278913c37194f31568
93e0403eb25fb40224e8c619ecbee03e0d599e9f1622fbebb7603e93741cade5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "93E0403EB25FB40224E8C619ECBEE03E0D599E9F1622FBEBB7603E93741CADE5"
Last-Modified: Sun, 18 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19056
Expires: Mon, 19 Sep 2022 05:28:00 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 797433
x-cache: HIT TCP_HIT dirn:4:453249041
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816635462245448737e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 543c5ce87465d45ca367a2d0189244d9
10bd4076a97976c5488d561c07c2ada3c248ad1e
fa5d70f48d0eb67c38e89b79b892cb2f1ecdcb8d4f30913525d4dd51845b0757
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:09:34 GMT
Expires: Sun, 25 Sep 2022 03:09:33 GMT
Etag: "10bd4076a97976c5488d561c07c2ada3c248ad1e"
Cache-Control: max-age=528548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ce191e79b71bfa-OSL
ocsp.digicert.com/
200 OK 727 B IP
Hash cdd21939c6530b77a957b80bdac5d7cf
654e984e654ee0381c2f55423dd86a0c19232ca4
041f93c532b7c041a01a8143f12a38cc9f7b3c2624d9745ed9a4a78b65ec0145
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Server: ECS (amb/6BA3)
Content-Length: 727
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Fri, 30 Sep 2022 15:19:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1587035
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uInmYiuqamwD1cucZq8YEtX3y0DaJ6gUtRGnJ7EF%2BOqJp%2FwGhwSpCKsFmOl3BLMJY1sYB88yEc4Dv6pB%2BEZlxkmJH%2FhM%2B%2FfFFXieARuZbNVBxz50sNbede4x6PcC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce191faca9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 543c5ce87465d45ca367a2d0189244d9
10bd4076a97976c5488d561c07c2ada3c248ad1e
fa5d70f48d0eb67c38e89b79b892cb2f1ecdcb8d4f30913525d4dd51845b0757
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:09:34 GMT
Expires: Sun, 25 Sep 2022 03:09:33 GMT
Etag: "10bd4076a97976c5488d561c07c2ada3c248ad1e"
Cache-Control: max-age=528548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ce191e1b58fac8-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 60f8309e02125cdf2dbd6cb7e997ebf9
258b690cd917f34110b0fdc314efe0468c8020c3
368cb9a748fa3639be05255795f4784dd4794320979d99ec51fda92aba45022c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "368CB9A748FA3639BE05255795F4784DD4794320979D99EC51FDA92ABA45022C"
Last-Modified: Fri, 16 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5402
Expires: Mon, 19 Sep 2022 01:40:26 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
200 OK 716 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 716 kB (716414 bytes)
Hash ba75613bba3b42a68c22abef0e8befee
4e6565415bc8cf1c377c152e75af5095c0ad50b3
9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
GET /obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 716414
date: Sun, 18 Sep 2022 19:04:31 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 18 Sep 2022 14:38:56 GMT
nw-session-id: 202209182238560102081611000BF9F38Dn8g2f02dy
nw-session-trace: 2022-09-18T22:38:56.161807151+08:00 74
x-bdcdn-cache-status: TCP_HIT
x-length: 716414
x-powered-by: ImageX
x-response-date: Sun, 18 Sep 2022 22:38:56 GMT
x-tt-logid: 202209182238560102081611000BF9F38D
via: n131-120-016, cache12.l2de2[0,0,206-0,H], cache1.l2de2[1,0], cache1.l2de2[1,0], cache7.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:8:568::226
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01f78d6d2a7045cd41fed8edab3bc4a3c07892d7ad064c8a5a2c41963f9a95e22af633e65136778616b5657ec134e5747ed99637fe5014a6714e613eb276114d4fa64797bb2d9095509ef0de44fa09b2e2598a31ebab5769ddf75077314ef07b68
x-response-lb: image
ali-swift-global-savetime: 1663527872
age: 18352
x-cache: HIT TCP_HIT dirn:11:71912852 mlen:0
x-swift-savetime: Sun, 18 Sep 2022 19:53:21 GMT
x-swift-cachetime: 31533071
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816635462246228768e
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 062c98766e2d3f5c9d916b553492c104
583e26e15acf64cf7a97bd278913c37194f31568
93e0403eb25fb40224e8c619ecbee03e0d599e9f1622fbebb7603e93741cade5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "93E0403EB25FB40224E8C619ECBEE03E0D599E9F1622FBEBB7603E93741CADE5"
Last-Modified: Sun, 18 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19056
Expires: Mon, 19 Sep 2022 05:28:00 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
3p8801.co/hg960x60.gif
200 OK 139 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 00:12:36 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Wed, 19 Oct 2022 00:12:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 92739f6a5b0448593a6ed2ffa5b63d80
7090f3cfc9031d4d386b657c417f62e97583a89a
3542a968c757fe718022c4035d1c36ec147c2458dd90b35c122f9a6baeb316a1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 02:47:46 GMT
Expires: Sun, 25 Sep 2022 02:47:45 GMT
Etag: "7090f3cfc9031d4d386b657c417f62e97583a89a"
Cache-Control: max-age=527240,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ce19203a3b1bfa-OSL
www.niumo246.xyz/
200 OK 9.0 kB IP
Hash 703406ab650852da82d2b1ae492138c8
bcdada8420598a251de359d267df1a00850ab5e8
6d7b9db94ee086760f584ecad07270d33a5e6611ee67624076f34f618948697e
GET / HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=38ogp3hl8jmfu4bcuootcutop4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash ff6855265231ed46e5adf47f04b3558a
7a1847ffa3cdbee03c7b79b7847428be5db29c42
5db6abd9bfbcc4f08d83fcec629be61e1c669ad9b70e184c26104b359313a885
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Server: ECS (amb/6B7E)
Content-Length: 279
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Fri, 23 Sep 2022 23:42:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2161694
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYklZ72ye0Itcpo%2B%2F%2BWRV3At7PyLsqpDZovYAP7k1OFaLXxTNjedJyfAaD307C209n0i6sjKIZwGpl7C7dGVRbiylcgez5Jj8eLhzHkFIsPba8dOgBqb%2F7hUYCRU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1920c93eb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo246.xyz/static/fonts/voltaire.woff
404 Not Found 7.2 kB URL HTTP/2 www.niumo246.xyz/static/fonts/voltaire.woff
IP
Hash a2c5e3dfe48878c48937ffee8c214177
5322e3e7020e01fa696ad321eeed138f67c52289
4c931882f98f4804b2c11e86de055ba35824788cd794d4e3b6846bade39f4e9a
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=n5092b9lhofvr273i16q8cacri; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
200 OK 43 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Wed, 19 Oct 2022 08:19:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: text/html
content-length: 162
location: https://acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
3p8801.co/3p960x60.gif
200 OK 310 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 00:12:36 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Wed, 19 Oct 2022 00:12:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 28303b38b9c7dda46b15e6537e5d8572
bbfbdb1e814ade09c0b96d35234afd915c09e5d0
1d5d1775f6920464b7bdc878424951bbe6a02d0ed56ccb663ba063373c828fc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Server: ECS (amb/6BBA)
Content-Length: 727
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash ae06db5dedfa08588be8fc8b44e16fdd
61b648ab25bf73fde671dd33dae97339244d6448
dca0dfed48c533f7c4265a261472057e0b4b7b228e7ac7466667c48563c32f9e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCA0DFED48C533F7C4265A261472057E0B4B7B228E7AC7466667C48563C32F9E"
Last-Modified: Fri, 16 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3728
Expires: Mon, 19 Sep 2022 01:12:32 GMT
Date: Mon, 19 Sep 2022 00:10:24 GMT
Connection: keep-alive
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
200 OK 49 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Wed, 19 Oct 2022 08:19:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
200 OK 1.0 MB URL HTTP/2 acoossi.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Mon, 17 Oct 2022 18:35:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 106486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PayvWstrCUQxpBXXUYSsi58DEu4h6Qp1ZzCh78In9xsCjzRjmAf5n8NoUyLfcWdjbYZy%2BJ%2F5lTnUGTUhX0%2BFCD1esAlxc6DvItWV4D4vtCapOSFmuqSB5eHGfUhCrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1920ca287738-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Thu, 11 Aug 2022 04:54:41 GMT
Connection: keep-alive
ETag: "62f48b91-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
u0062.com/86b4c5b5e42b447492665532b841e916.gif
200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash ff6855265231ed46e5adf47f04b3558a
7a1847ffa3cdbee03c7b79b7847428be5db29c42
5db6abd9bfbcc4f08d83fcec629be61e1c669ad9b70e184c26104b359313a885
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 00:10:24 GMT
Server: ECS (amb/6BA3)
Content-Length: 279
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash fcae23098fff0d07f272c593525aec89
4d97d93cb7b0b974f965247100c5986b151f9830
be8cedbb6357c20cc38ff5fac684d4238af950fd5ef9dde376fa2c67ceee1254
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BE8CEDBB6357C20CC38FF5FAC684D4238AF950FD5EF9DDE376FA2C67CEEE1254"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Mon, 19 Sep 2022 01:46:42 GMT
Date: Mon, 19 Sep 2022 00:10:25 GMT
Connection: keep-alive
acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
200 OK 344 kB URL HTTP/2 acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: acooss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo246.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:25 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Mon, 17 Oct 2022 04:32:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 157051
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVtoe3nOu3NJxTFx2lICV9%2F1TxyQQfiI3%2FcheGd1sqxPDhVB1areSeETpkW5qO%2BojqgtAp7nkC6JQEMVbZ5JfzA198Hqq0Y3kHY3TBiqWpLNuOoYDZsM%2BSWNtTRJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ce1922dcc6dc77-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash fcae23098fff0d07f272c593525aec89
4d97d93cb7b0b974f965247100c5986b151f9830
be8cedbb6357c20cc38ff5fac684d4238af950fd5ef9dde376fa2c67ceee1254
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BE8CEDBB6357C20CC38FF5FAC684D4238AF950FD5EF9DDE376FA2C67CEEE1254"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Mon, 19 Sep 2022 01:46:42 GMT
Date: Mon, 19 Sep 2022 00:10:25 GMT
Connection: keep-alive
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
200 OK 25 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
200 OK 212 kB URL HTTP/1.1 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212090 bytes)
Hash 7748134fdc0cc1835a47a2e1f3f3f18e
45c533fb73f4d6cc4f882fdaa1bf8c7cf72c6cb6
ae6f83fd285258413481d2a4a15128dd099e1369bc01b35ec35f33784ef59627
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:36:59 GMT
ETag: W/"632443bb-3f4d0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
66377311795.com/99083bf2ded945728bbad730efc12df9.gif
200 OK 150 kB URL HTTP/1.1 66377311795.com/99083bf2ded945728bbad730efc12df9.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 120 x 120\012- data
Size 150 kB (149727 bytes)
Hash 0e9bfaa21ee2581b532cdd480cae8d21
c6d6ac847d1a4c884ac68d0b0a1a558e204b89c0
871c4f67357d0f68b8bbcbb50e15be64f3378be9ab0c9aa60775906c22ff8053
Analyzer Verdict Alert quad9 Sinkholed
GET /99083bf2ded945728bbad730efc12df9.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fa27da-248df"
Date: Sat, 10 Sep 2022 14:11:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 15 Aug 2022 11:02:50 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Length: 149727
api.nmw43.com/news/data.php
200 OK 1.0 MB URL HTTP/2 api.nmw43.com/news/data.php
IP
Size 1.0 MB (1020138 bytes)
Hash 4dd55d6092c1df6ab098fbd03c75318e
706ddd62764bd056307abe0aa2a6da36beae2ea6
d5cdfe2776fbbdcf0ce4af21508da1372940bc6a5ce4e6978bd82a23a4c3a734
GET /news/data.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.qidisj.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
403 Forbidden 0 B URL HTTP/2 collect-v6.51.la/v6/collect?dt=4
IP
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 370
Origin: https://www.niumo246.xyz
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx/1.18.0
date: Mon, 19 Sep 2022 00:10:25 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.niumo246.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
200 OK 583 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 583 kB (583062 bytes)
Hash 96ad401d59d1718860499f3d7fa5c036
41f43737b3862db5717b56847f2556b7b1481913
a9cade17dfb0575e6e21d7180bd17c03a67a530d283255454bbd96fb96dc21ab
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: image/gif
Content-Length: 583062
Connection: keep-alive
x-oss-request-id: 6327B3709BB920353527B9F5
Accept-Ranges: bytes
ETag: "96AD401D59D1718860499F3D7FA5C036"
Last-Modified: Sat, 17 Sep 2022 15:00:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6566423440635606530
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: lq1AHVnRcYhgSZ89f6XANg==
x-oss-server-time: 3
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Tue, 06 Sep 2022 23:16:33 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-49
content-length: 236734
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 2908665
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=2
via: CHN-HAzhengzhou-AREACUCC1-CACHE6[2],CHN-HAzhengzhou-AREACUCC1-CACHE64[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE119[42],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,40]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Tue, 06 Sep 2022 23:16:33 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-49
content-length: 445140
X-Firefox-Spdy: h2
885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
200 OK 94 kB URL HTTP/1.1 885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 200\012- data
Hash be67baa9c715136dff120d9645435ea0
c3326ce07fdd64f6e1538d539cfcb60a6bad5fa1
f010c0663ac0e8e9179459c11c8496a73411ed4f99b361868221c4de73e0563a
GET /8f2a8ec30bfc478abefd69fe3ff8bbeb.gif HTTP/1.1
Host: 885841.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 19 Sep 2022 00:10:25 GMT
Content-Type: image/gif
Content-Length: 94436
Connection: keep-alive
x-oss-request-id: 6327B371FC567C3234AA3FE6
Accept-Ranges: bytes
ETag: "BE67BAA9C715136DFF120D9645435EA0"
Last-Modified: Fri, 26 Aug 2022 12:05:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2209351752192578304
x-oss-storage-class: Standard
Content-MD5: vme6qccVE23/Eg2WRUNeoA==
x-oss-server-time: 1
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 02f4b10a3889a3edd0baaf0f321c2927
19fefc196b185cd77617c0774318db4a28f796ca
8d2aa2e7e190b80d4ee2d8a6d7de092410f8c34eb5c7a1b47fa7ca4e103e16ae
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 00:10:26 GMT
Ali-Swift-Global-Savetime: 1663546226
Via: cache15.l2de2[190,189,200-0,M], cache15.l2de2[191,0], cache2.se1[213,213,200-0,M], cache2.se1[214,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 19 Sep 2022 00:10:26 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616635462260804558e
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 6327B370E46B16373278EC84
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 1
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 02f4b10a3889a3edd0baaf0f321c2927
19fefc196b185cd77617c0774318db4a28f796ca
8d2aa2e7e190b80d4ee2d8a6d7de092410f8c34eb5c7a1b47fa7ca4e103e16ae
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 00:10:26 GMT
Ali-Swift-Global-Savetime: 1663546226
Via: cache14.l2de2[200,200,200-0,M], cache14.l2de2[202,0], cache5.se1[225,224,200-0,M], cache5.se1[226,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 19 Sep 2022 00:10:26 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916635462262992659e
i.imgtg.com/2022/05/19/hTEgx.gif
503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash e5d933d88c2fb9980408580ff59774c2
2cf51ca26b821e4b1b6bd2c8a613e4b045fc30f3
78f0d2388cd8a37b1395056d5cf8984d6c2489ba9d4a55645f0ab176c2835544
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 00:10:26 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_aeb96db5fa097dba086ca961ce5bc1411663546226558; expires=Wed, 18-Sep-24 00:10:26 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: bae35b79d5213783-142
content-length: 596
X-Firefox-Spdy: h2
www.niumo246.xyz/images/st1dfgtr5thfhyg.gif
200 OK 870 kB URL HTTP/2 www.niumo246.xyz/images/st1dfgtr5thfhyg.gif
IP
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 870065
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-d46b1"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 28194 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: ca805f2f-fae1-4fa7-9571-bfbc4e89591f
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
200 OK 1.3 MB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 1296026
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:22 GMT
cache-control: max-age=2592000
x-delay: 625 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1296026
chid: 0
fid: 0
x-nws-log-uuid: 1adbacba-9ac9-452e-999d-988ac063257c
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 393 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 4a4140ac-e69a-4575-975f-604927da4a05
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 00:10:24 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 459 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: fd060e18-a1cb-4e7b-a1ab-f296db355e3a
X-Firefox-Spdy: h2
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
200 OK 1.1 MB URL HTTP/1.1 tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1071505 bytes)
Hash d71a0585aedaa3ec4afda6baec03ac6b
ad3a590c022e5d82b43efc4b9f159eb6598c4890
6bfb388b33c1e444ca7382fceadf93b83a753f7ff0c4c960f7b142732ac28cd8
GET /huazidongtu/hybbff.gif HTTP/1.1
Host: tupaiyy.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 19 Sep 2022 00:10:24 GMT
Content-Type: image/gif
Content-Length: 1071505
Connection: keep-alive
x-oss-request-id: 6327B370DA8A793037E96E78
Accept-Ranges: bytes
ETag: "D71A0585AEDAA3EC4AFDA6BAEC03AC6B"
Last-Modified: Mon, 04 Jul 2022 07:26:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7665046247320685581
x-oss-storage-class: Standard
Content-MD5: 1xoFha7ao+xK/aa67AOsaw==
x-oss-server-time: 2
www.niumo246.xyz/images/stvf4grh65uh54y.gif
200 OK 996 kB URL HTTP/2 www.niumo246.xyz/images/stvf4grh65uh54y.gif
IP
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 995865
last-modified: Wed, 03 Nov 2021 10:48:32 GMT
etag: "61826900-f3219"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
200 OK 35 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
200 OK 60 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/static/images/empty.jpg
200 OK 13 kB URL HTTP/2 www.niumo246.xyz/static/images/empty.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/static/images/empty_288_144.jpg
200 OK 13 kB URL HTTP/2 www.niumo246.xyz/static/images/empty_288_144.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty_288_144.jpg HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:48:12 GMT
etag: "6183d68c-32a3"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
403 Forbidden 494 B URL HTTP/2 s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type XML 1.0 document text\012- XML document, ASCII text
Hash 494951f2f0b4cfb0215e18a8e8b74abb
bc4c87edcbc617d66b3eda6f6f21f95a28c6436a
728f1014ddfd11ce08858135581a569c776527be945409e955246328cd08de41
GET /tousu/img/20211016/1690343_1634319306.jpg HTTP/1.1
Host: s.pc.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Mon, 19 Sep 2022 00:10:27 GMT
server: tencent-cos
x-cos-request-id: NjMyN2IzNzNfN2VkMjNiMGJfMmNlMjVfMjIwN2I5NQ==
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTQyYWVlY2QwZTk2MDVmZDQ3MmI2Y2I4ZmI5ZmM4ODFjM2NjYTQwYmE0ZDFhOThhMDFlYTNiMTVjOWRkYjZjNTg=
content-length: 494
x-nws-log-uuid: 3995402852798214888
x-cache-lookup: Cache Miss, Hit From Inner Cluster
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
200 OK 111 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Wed, 19 Oct 2022 08:19:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/nmwys.png
200 OK 3.1 kB URL HTTP/2 www.niumo246.xyz/nmwys.png
IP
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
200 OK 73 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/dbhf.gif
200 OK 137 kB URL HTTP/2 www.niumo246.xyz/images/ggzz/dbhf.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 137 kB (137392 bytes)
Hash a112d6f3413ecd31e05d8176fe9d3f6d
0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
GET /images/ggzz/dbhf.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: image/gif
content-length: 137392
last-modified: Sun, 29 May 2022 19:06:59 GMT
etag: "6293c453-218b0"
expires: Wed, 19 Oct 2022 08:19:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/images/4fdgg564gfhty5tuhj7juy.gif
200 OK 126 kB URL HTTP/2 www.niumo246.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 125587
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-1ea93"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/style.css
200 OK 0 B URL HTTP/2 www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 18:30:54 GMT
vary: Accept-Encoding
etag: W/"6211375e-5602"
expires: Mon, 19 Sep 2022 20:19:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
200 OK 0 B URL HTTP/2 www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:10 GMT
vary: Accept-Encoding
etag: W/"61554e6e-1917"
expires: Mon, 19 Sep 2022 20:19:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
302 Found 0 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
200 OK 0 B URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
200 OK 0 B URL HTTP/2 www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Mon, 19 Sep 2022 20:19:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/home.js
200 OK 0 B URL HTTP/2 www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Mon, 19 Sep 2022 20:19:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo246.xyz/images/4dfsdadsd5ghrt5.gif
200 OK 0 B URL HTTP/2 www.niumo246.xyz/images/4dfsdadsd5ghrt5.gif
IP
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 411269
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-64685"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
302 Found 0 B URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
9191919199.com//960x60-2.gif
200 OK 0 B URL HTTP/2 9191919199.com//960x60-2.gif
IP
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 00:11:48 GMT
content-type: image/gif
expires: Wed, 19 Oct 2022 00:11:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.nmw43.com/news/api.php
200 OK 0 B URL HTTP/2 api.nmw43.com/news/api.php
IP
GET /news/api.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/news/data.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
200 OK 0 B URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
200 OK 0 B URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
200 OK 0 B URL HTTP/2 www.niumo246.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:31 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Mon, 19 Sep 2022 20:19:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
200 OK 0 B URL HTTP/2 www.niumo246.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo246.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo246.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 08:19:32 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Wed, 19 Oct 2022 08:19:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
38.54.194.222
23.36.76.226
103.235.46.191
104.21.234.40
121.37.232.28
78.46.107.74
103.170.15.59
47.246.44.229
119.28.164.142
43.154.254.32
93.184.220.29