Overview

URL www.niung.com/
IP34.149.87.45
ASNGOOGLE
Location United States
Report completed2022-09-04 17:31:24 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-04 2 js.users.51.la/21300185.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS static.parastorage.com (15) 5943 2017-10-08 09:28:46 UTC 2022-09-04 12:40:27 UTC 151.101.85.91
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-04 05:16:40 UTC 35.160.186.52
mnemonic passive DNS siteassets.parastorage.com (2) 6331 2018-06-12 13:05:15 UTC 2022-09-04 07:19:21 UTC 151.101.85.91
mnemonic passive DNS ocsp.sectigo.com (10) 487 2018-12-17 11:31:55 UTC 2022-09-04 13:40:51 UTC 172.64.155.188
mnemonic passive DNS video.wixstatic.com (1) 24805 2015-10-20 07:13:29 UTC 2022-09-04 04:43:14 UTC 34.102.176.152
mnemonic passive DNS www-niung-com.filesusr.com (1) 0 2022-07-23 03:05:44 UTC 2022-07-23 03:05:44 UTC 34.102.176.152 Domain (filesusr.com) ranked at: 19386
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-04 04:35:24 UTC 34.117.237.239
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-04 05:57:13 UTC 23.36.77.32
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-04 11:51:11 UTC 93.184.220.29
mnemonic passive DNS frog.wix.com (9) 5452 2016-04-07 19:33:42 UTC 2022-09-04 07:19:22 UTC 3.209.7.194
mnemonic passive DNS ia.51.la (1) 59607 2017-10-31 08:01:51 UTC 2022-09-04 04:34:39 UTC 103.143.19.103
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-04 08:48:29 UTC 143.204.55.115
mnemonic passive DNS www.niung.com (2) 0 2022-08-12 11:20:38 UTC 2022-08-12 23:59:06 UTC 34.149.87.45 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-04 05:49:57 UTC 143.204.55.35
mnemonic passive DNS ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-09-04 05:00:30 UTC 104.18.20.226
mnemonic passive DNS static.wixstatic.com (22) 5648 2013-06-07 16:55:33 UTC 2022-09-04 07:19:20 UTC 34.102.176.152
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-04 04:44:39 UTC 34.120.237.76
mnemonic passive DNS js.users.51.la (1) 53024 2012-05-30 15:10:11 UTC 2022-09-04 04:34:38 UTC 103.143.19.103


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.149.87.45

Date UQ / IDS / BL URL IP
2022-11-29 12:47:05 +0000
0 - 0 - 2 www.abeltasmancaravanpark.com.au/ 34.149.87.45
2022-11-28 11:25:39 +0000
0 - 0 - 2 www.jackbotti.com/ 34.149.87.45
2022-11-28 08:43:11 +0000
0 - 0 - 5 www.campautomation.com/festive-ready-to-use-c (...) 34.149.87.45
2022-11-27 14:45:58 +0000
0 - 0 - 5 www.campautomation.com/festive-ready-to-use-c (...) 34.149.87.45
2022-11-27 08:43:22 +0000
0 - 0 - 6 www.campautomation.com/black-friday-offer 34.149.87.45

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-02 07:21:25 +0000
0 - 0 - 2 www.predictionds.com/jump/next.php?stamat=m|M (...) 35.190.90.57
2022-12-02 07:18:42 +0000
0 - 0 - 5 bakteri-cs-1881.blogspot.com/2013/06/pes-2014 (...) 142.250.74.161
2022-12-02 07:12:23 +0000
0 - 0 - 3 mediafirefilms4all.blogspot.in/search/label/F (...) 172.217.21.161
2022-12-02 07:07:16 +0000
0 - 0 - 3 sajhdjkashdjkash.blogspot.bg/ 172.217.21.161
2022-12-02 07:04:24 +0000
0 - 0 - 2 dusunmekvepaylasmak.blogspot.com/search/label (...) 142.250.74.161

Last 1 reports on domain: niung.com

Date UQ / IDS / BL URL IP
2022-09-04 17:31:24 +0000
0 - 0 - 1 www.niung.com/ 34.149.87.45

No other reports with similar screenshot



JavaScript

Executed Scripts (44)


Executed Evals (1)

#1 JavaScript::Eval (size: 90, repeated: 1) - SHA256: 3cd43d86dbeebf58e30163f3ef7c74c46e2fe76a90d971094e18ef0f07de2883

                                        workaround.getRequireFunction = () => typeof require !== 'undefined' ? require : undefined
                                    

Executed Writes (0)



HTTP Transactions (86)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 16:44:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p_nJXRNkIg0cYDsPsfcnbnjzGz4hhUFGuiLdWnYsKxTyuxnKRzDzXQ==
Age: 2819


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET / HTTP/1.1 
Host: www.niung.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.149.87.45
HTTP/1.1 301 Moved Permanently
                                        
Content-Length: 0
Location: https://www.niung.com/
Strict-Transport-Security: max-age=3600
X-Wix-Request-Id: 1662312672.97019444654327969
Age: 0
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Server: Pepyaka/1.19.10
Accept-Ranges: bytes
Date: Sun, 04 Sep 2022 17:31:13 GMT
X-Served-By: cache-hel1410032-HEL
X-Cache: MISS
Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_g
X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,GXNXSWFXisshliUcwO20NYMupe6WQf6MVMrzEUOojILz/+aqwwHn8weJHKaXLFcf,qquldgcFrj2n046g4RNSVKgcQ1THjb6B0pY8+X3A5SZYgeUJqUXtid+86vZww+nL,2d58ifebGbosy5xc+FRalonz46cVfTqnhnOS/c+uK3li88mCbSUojLVeqmV+wqAU3QpI/ucnHvfrUjeESIoVegjUXAho6+n4nM8haYSqSvM=,2UNV7KOq4oGjA5+PKsX47IVh8rwr1kfSZp8MOIif7faa46R9xNIlpQ4eUPYpBuqs,7npGRUZHWOtWoP0Si3wDpzlHhbpH8B1EYjdcmfFzynY=,xTu8fpDe3EKPsMR1jrheECVjnD7P1PpmgiDJuQytPUc=,updaSF0YDozocDRTgMoSR/NXEleuTBXoaeFW5Dt+Otj/UnDKKBIdeW49KI6JJFfjVnd8Z4jLK9R467MyhrzM6w==
Via: 1.1 google

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11175
Expires: Sun, 04 Sep 2022 20:37:28 GMT
Date: Sun, 04 Sep 2022 17:31:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0PujYJ0N21fAnVQdYzDr6NgbeStVYJnmGJpe5b5zXpocHcbBt4BYog==
age: 58556
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Sep 2022 17:31:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BC1C1EA11BC35ABCB6E1A3BF48B9669FF0138847ADBB4FB418F8CA5827E95397"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Sun, 04 Sep 2022 23:31:09 GMT
Date: Sun, 04 Sep 2022 17:31:13 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 04 Sep 2022 16:38:16 GMT
Expires: Sun, 04 Sep 2022 17:05:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qm55NIuyidW6Ms9dJ1VsBvLgRMQ1hBudlecQoZXZ5RA1lz-vRuEnhw==
Age: 3177


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BC1C1EA11BC35ABCB6E1A3BF48B9669FF0138847ADBB4FB418F8CA5827E95397"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Sun, 04 Sep 2022 23:31:09 GMT
Date: Sun, 04 Sep 2022 17:31:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4475
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 17:31:13 GMT
Last-Modified: Sun, 04 Sep 2022 16:16:38 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /services/tag-manager-client/1.427.0/siteTags.bundle.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Tue, 25 May 2021 09:37:42 GMT
etag: W/"74b64900831a2e814a8ff0cdedcf80cb"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661824722.2696518981706122520
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:13 GMT
age: 621192
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 16948
x-timer: S1662312674.937462,VS0,VE0
vary: Accept-Encoding
content-length: 3858
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11168)
Size:   3858
Md5:    5d436a29345aa2e8c4a824fa19f4ecc7
Sha1:   2b479a24b7f7bc5d556f93a0599bbe7104acf467
Sha256: 242529af773ec259f51763a104f5d5ef45715558d932b1b91ff39680269a783f
                                        
                                            GET /unpkg/react@16.14.0/umd/react.production.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Thu, 15 Oct 2020 02:11:22 GMT
etag: W/"63d498e143f421cc44dfb64f22fef270"
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciexeHcfy36aNagyZbZBL0eWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc0g5Kz7nWLaChx0hkFXPsQ8ghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1660710573.6746456715006120999
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:13 GMT
age: 1613635
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 17417
x-timer: S1662312674.941332,VS0,VE0
vary: Accept-Encoding
content-length: 4703
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4703
Md5:    98af04861581703b8f33819f777e19f5
Sha1:   68333056e788b1276646537149661537143ddc8a
Sha256: 9b4dce05c51788fcb566e1b8bbfc8f9df48249035b9d2cb8633011b7bd26c5dc
                                        
                                            GET /services/wix-thunderbolt/dist/main.356ccdf6.bundle.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Wed, 31 Aug 2022 15:37:37 GMT
etag: W/"ac033f26b719a53a1a62728692186e1b"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc0swuQg4e4Ft3RZminzdoKEQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1662010730.113127332067691926661
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:13 GMT
age: 343612
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 8888
x-timer: S1662312674.938184,VS0,VE0
vary: Accept-Encoding
content-length: 46674
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47703)
Size:   46674
Md5:    13df195951dd3211a80d0a9ed05bdfd1
Sha1:   f2617907a02a589417a3a388006bc50c535918cb
Sha256: b80f2f6048d9f6cfc21893abc5072506557a76fea5d466f4ba3cb007e644ae7a
                                        
                                            GET /services/wix-thunderbolt/dist/bootstrap-features.c2a708f5.bundle.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Thu, 01 Sep 2022 05:06:35 GMT
etag: W/"f917756683e1f3b2760865de3d0d4200"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: MISS
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopiS/5dZqOxSsDvwHAW5wi4
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1662010730.116681072574422470
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:13 GMT
age: 302000
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 8879
x-timer: S1662312674.949683,VS0,VE0
vary: Accept-Encoding
content-length: 51403
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54966)
Size:   51403
Md5:    ba96b26bab86de7124f7eecfc78f6b03
Sha1:   15a859b7a5570488ffb93af39c291dcb3a06f130
Sha256: 9ef8b1946471994782057334831ccb8253b94ea155683d3390cc873d67a1f72e
                                        
                                            GET /unpkg/lodash@4.17.21/lodash.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Sun, 21 Feb 2021 02:37:42 GMT
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc5a79avpR2DZCk9xnuoLql1jPZTuGyYqVhtmEIgJUb4w
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661228868.541712333382513129
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:13 GMT
age: 1160030
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 21878
x-timer: S1662312674.957904,VS0,VE0
vary: Accept-Encoding
content-length: 25102
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4143)
Size:   25102
Md5:    9661f391f69ddbf1e8bbf879c1c69660
Sha1:   60e78567cd82d5dec158be4ae4d365f45412fb36
Sha256: 59fe3fa5daacb2b18c734a563d4e8e9df1f51eb24672249ca4962f3132149191
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D/vWm+EaTmmvFP5fco3z2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.160.186.52
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L9+UnWVErYQysy++xyug7QMA/yU=

                                        
                                            GET /pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.responsiveAbsoluteChildrenPosition%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.SearchBoxSuggestionsFacelift%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.loadFirstNFonts%3A3%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1581.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.niung.com&fileId=9542c4e2.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=zh&languageResolutionMethod=QueryParam&metaSiteId=5abaac00-432c-4c60-8706-772eb521c0a0&module=thunderbolt-features&originalLanguage=en&pageId=459bfd_5029662963b9424361c75c616a096259_54.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9519.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9519.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=e9ed104c-6ec0-4c4e-beca-3eebab398652&siteRevision=55&staticHTMLComponentUrl=https%3A%2F%2Fwww-niung-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop HTTP/1.1 
Host: siteassets.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"c359-VhxCo/CVXieYVGQOYgiAXlurrNI"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377Ji1Fj75RrqDfb1RLKWox8,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqk9b7GAVXr+rrCOUE3yrtTa,ZUT6NeJ/NsDmQ9DMGnwT1ArcPUd8j4SYaEsreMRDwlUa0sM5c8dDUFHeNaFq0qDu,Awf+EL8DXagxrUUrGnf8jH3qallIj3LOfZUk4U26+v94Z7TFJCHa9r3r7S8sNAXq,osV03DUdKaEVOGwoQFgPYps7xXjmHCROnooty+REWz8=,sQ19iEk473qMiaixh4sATted12RtZ+yvt//+C3C8ySw=,GcTBasqPtHySHrT4DhX/GkAS32X6WzIdZA+fi5C6fBeqJ4yhwPYzHsI7JLnt/D6R,sQ19iEk473qMiaixh4sATted12RtZ+yvt//+C3C8ySw=,X0+kt7XXQOUL1jfJ/HiBIidD9Kwa4qfYrHTV0LOUvShYpK1bnuE+SNgw5TGxx81RgEgA1gEpnPMfVZvS6CJHNf3Rtgo7TA3xwrYx0pfYrCQEU2M1FOZCC3kHAyYhUbTQ,sQ19iEk473qMiaixh4sATnVjnlSweMzezAOfZMfYbTY=,sQ19iEk473qMiaixh4sATt3pEa/RGvOJ3zqQF2K9d7s=,tznMqpp3e1oucszW+OT1FFCbdvzxrUPc8owC678jzeShnfRkMMvCA9iOIiykD0vOw6+7sbqjUJ24OM4yl73QAQ==
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1662312674.0267225781589662470
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 0
x-served-by: cache-bma1677-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662312674.980239,VS0,VE258
vary: Accept-Encoding
content-length: 6889
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (49953), with no line terminators
Size:   6889
Md5:    f591a74d7a9931aee3368f71c8632dde
Sha1:   6125598a6216054aa14cd89cdd13cfc301f9a439
Sha256: fe6efba97228593766942c3778973b7141365affa091aca994736bc6d6e6c8cf
                                        
                                            GET /services/third-party/fonts/user-site-fonts/fonts/c5749443-93da-4592-b794-42f28d62ef72.woff HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Tue, 17 Apr 2018 11:10:53 GMT
etag: W/"cd58ed01633a9ebed4c99595a6f7812c-1"
x-amz-version-id: EocFJpMOP5DjzbcOPcEobOTdU3ma9iB1
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1661855288.1901249328274514581
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 597047
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 2007
x-timer: S1662312674.268804,VS0,VE0
vary: Accept-Encoding
content-length: 38161
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 39044, version 1.0\012- data
Size:   38161
Md5:    b147c09d942d9f688348ba5f20375967
Sha1:   191ce7c51750885b27bc6b8041a434b94f658336
Sha256: 173267ca2309a3e81cde532a3f65ba8ca32780aeb9b3f5cbf89b1aef169df02d
                                        
                                            GET /services/third-party/fonts/user-site-fonts/fonts/4021a3b9-f782-438b-aeb4-c008109a8b64.woff HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Tue, 17 Apr 2018 11:10:41 GMT
etag: W/"1f8210a15cb22be6ba959801a2158c1d-1"
x-amz-version-id: 0MIhvblKcNOZBKnKo6HCgoh97JkTUZDD
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgrlbPwrfJgfFY+bZe/zFVAWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc8EDFnkKlVvXae3jojBllJYghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661242949.033714755715916724
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 1217511
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 3361
x-timer: S1662312674.270182,VS0,VE0
vary: Accept-Encoding
content-length: 46227
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 47276, version 1.0\012- data
Size:   46227
Md5:    1046bee43dd79554b1d97456e0357126
Sha1:   f5c9e6add7a8d89a61bc11620376b09b789ff77c
Sha256: 0dd4eb9844c99519e0cd939b93383ff551dc6e03455cd1697456ef9cf487ba52
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3EAD736E15F8A31C186E4F5046EF8F195E7788AE"
Expires: Mon, 05 Sep 2022 04:00:00 GMT
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1390
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745875263976b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    02f8b1cae58f1f421fd093456df14dfc
Sha1:   747b2a4b2e01a029dde1f64792bc001fa681bf31
Sha256: 60f358a004bb84cd2a8f7918c8a1536bd48974234f327d2a1ceeec0f812d8527
                                        
                                            GET /services/third-party/fonts/user-site-fonts/fonts/03805817-4611-4dbc-8c65-0f73031c3973.woff HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Tue, 17 Apr 2018 11:10:44 GMT
etag: "5d25008e5807f3967ff7f3393a68abf5-1"
x-amz-version-id: Qe74hpWdFxESmMRv7pqxFHzVbxy4QAcz
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcwnP9a1Ia0LRvqhhntyPznoQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1661860973.03112581469093121249
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 605286
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662312674.340563,VS0,VE0
vary: Accept-Encoding
content-length: 22084
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 22084, version 1.0\012- data
Size:   22084
Md5:    2d1a6cce2e11a0d7659eb3e09181750b
Sha1:   b01f6b398bf9d414b16705513b6ea17e1b1ff221
Sha256: 9b7c81d3e669c7bff62527a61525ad1b80f776021655fd3a63dc927b0f0d624b
                                        
                                            GET /services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2 HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/octet-stream
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Tue, 17 Apr 2018 11:11:01 GMT
etag: "ef4257ccfa0fce4d914b23a28aa6fdf4-1"
x-amz-version-id: ZJhEgw5338rDGW18OcyggGHIv4bi5qCO
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc/5LLToOojZxL2HBjY1XAnAghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661314701.163749006954913129
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 1164966
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 7291
x-timer: S1662312674.343147,VS0,VE0
content-length: 17216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17216, version 1.0\012- data
Size:   17216
Md5:    fc02a3c78cac0f6ab99c6c19f004d02d
Sha1:   7bcc73042c63c86637084549daad26aed3621d64
Sha256: 0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3
                                        
                                            GET /pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.responsiveAbsoluteChildrenPosition%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.SearchBoxSuggestionsFacelift%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.loadFirstNFonts%3A3%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1581.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.niung.com&fileId=9542c4e2.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=zh&languageResolutionMethod=QueryParam&metaSiteId=5abaac00-432c-4c60-8706-772eb521c0a0&module=thunderbolt-features&originalLanguage=en&pageId=459bfd_1cfaa845d01600b17bd598444be02542_54.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9519.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9519.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=e9ed104c-6ec0-4c4e-beca-3eebab398652&siteRevision=55&staticHTMLComponentUrl=https%3A%2F%2Fwww-niung-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop HTTP/1.1 
Host: siteassets.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"b387-108uZeapxMsynsYT8VH6aMiczoU"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374F6VmO9/TBL1yPY1fyoS/D,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqk9ohduqgp+CiYH1GQw2S9S,ZUT6NeJ/NsDmQ9DMGnwT1OvWwPwld897JoUIpamXvpgQXT2AyjWfyxKagyd4/pDD,Awf+EL8DXagxrUUrGnf8jH3qallIj3LOfZUk4U26+v/MYWttFMAA1VwKkMCyXqM1,osV03DUdKaEVOGwoQFgPYs5K9v4Hn99oMV/HrANLUrg=,GcTBasqPtHySHrT4DhX/GhYrXK52DujY5PLOCpPmseR+5uOwNulUACpoIjxgL/cn,sQ19iEk473qMiaixh4sATlyB4lJD7tLS6X9xdWN5biw=,X0+kt7XXQOUL1jfJ/HiBIidD9Kwa4qfYrHTV0LOUvShYpK1bnuE+SNgw5TGxx81Rjy+a4BupeMiBiSNXnoUwAumcNJED/f/WL4sFXb2d+IBYgeUJqUXtid+86vZww+nL,sQ19iEk473qMiaixh4sATnHl21oJrh2K/Xd7kl2rHuM=,sQ19iEk473qMiaixh4sATrhcgH6J/rsoIuZFrIjEwcc=,tznMqpp3e1oucszW+OT1FFCbdvzxrUPc8owC678jzeTHEjAUFIF0jd9w3O31XiCdjcm8LOxqDEoGcweQbLeVdQ==
server: Pepyaka/1.19.0
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1662312674.027132208871254028479
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 0
x-served-by: cache-bma1677-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662312674.981196,VS0,VE404
vary: Accept-Encoding
content-length: 7946
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (45939), with no line terminators
Size:   7946
Md5:    bff7208bede7c957f1659514b168e7d8
Sha1:   3425fbf18d3bad8062e123610220ab7c947146de
Sha256: 697fbf958538fbbc1a2cbc1b24938ed2dd65d671b02f6040d6edf2e56ed50b80
                                        
                                            GET /services/wix-thunderbolt/dist/page-features.1f0b96ca.chunk.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
last-modified: Wed, 24 Aug 2022 15:39:52 GMT
etag: W/"d3198090f8281306dac556a5a32546cd"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1661408405.9261190501978414580
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 957048
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 12907
x-timer: S1662312675.617502,VS0,VE0
vary: Accept-Encoding
content-length: 5910
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16938)
Size:   5910
Md5:    2a618d66a81efb5c7254fa9badf8e949
Sha1:   8e13093adeb7fa7ae6235df4c27f27135e17ba19
Sha256: 2818585bc80e7844749cd75e7d472ac64125c89875164ddfd0abc4e4504d2d67
                                        
                                            GET /services/wix-thunderbolt/dist/reporter-api.2b092af5.chunk.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
last-modified: Mon, 22 Aug 2022 14:36:52 GMT
etag: W/"f9f52f91e3c05c30fccf4316ffff149c"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc/5LLToOojZxL2HBjY1XAnAghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661295115.513741184553873130
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 1132809
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 12651
x-timer: S1662312675.627274,VS0,VE0
vary: Accept-Encoding
content-length: 7064
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26088)
Size:   7064
Md5:    6c23bae0be864885493d766686de6fc8
Sha1:   3caa56a27ef8bc6f1f338f24f6aa2a46c48b0406
Sha256: 049f284698a0fa8cf39b7dfd6a89aa2d598144e9821cf3a414b8f6c8672e48f8
                                        
                                            GET /services/wix-thunderbolt/dist/santa-langs-zh.4b4e52a7.chunk.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Mon, 29 Aug 2022 15:43:52 GMT
etag: W/"b62a383253df74cdcbd04804c7042c72"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciDgmy1x1bk0T2mMblm59aj,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661864533.9708057654509524257
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 524364
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662312675.646706,VS0,VE1
vary: Accept-Encoding
content-length: 10739
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47032), with no line terminators
Size:   10739
Md5:    0c59c3421bc98ddc35bfcda5bd66cc5f
Sha1:   26c4e791de8594b8ce22820756f193fe925901cb
Sha256: c177728d38e782c580849ccd9370361223a136bc5b8873fa6ddc46991095cc9d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 12:31:07 GMT
Expires: Sun, 11 Sep 2022 12:31:06 GMT
Etag: "ecd0759fec7c350b5ecbd03ceb43986e1d25cf6b"
Cache-Control: max-age=586191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745875255d85b4ee-OSL

                                        
                                            GET /services/wix-thunderbolt/dist/pageTransitions.aa3db23e.chunk.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Sun, 28 Aug 2022 16:11:41 GMT
etag: W/"4337f463201f44218937bbfc34232c3b"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc7eNHvhCRAbD7EPjVZvQO20fbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1661847444.8011247991225714580
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 605386
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 4295
x-timer: S1662312675.709462,VS0,VE0
vary: Accept-Encoding
content-length: 1505
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3822)
Size:   1505
Md5:    cb8e088d575128193f29e927087771b1
Sha1:   f35e930c4ddff0a97ee7ceb560223ad8e05f7e2c
Sha256: ea3f7d2f4bbd4c2075a0d4e8ca84f7ab7a2e8f96ec30a69bac7017ca2fcf558d
                                        
                                            GET /services/editor-elements/1.9519.0/rb_wixui.thunderbolt.manifest.min.json HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niung.com/
Origin: https://www.niung.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Sun, 04 Sep 2022 09:53:05 GMT
etag: W/"4dfe041ee8ae7f6c88b9031e3d089227"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: MISS
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciDgmy1x1bk0T2mMblm59aj,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqj9dBflAyFvPAD2t41Gwlp
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1662287612.9378644469814623313
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 25061
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 252
x-timer: S1662312675.711361,VS0,VE0
vary: Accept-Encoding
content-length: 9538
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (40412), with no line terminators
Size:   9538
Md5:    9d347848f63e16c3f94fbfc7819f6400
Sha1:   52a3a7d0618dd2529ba76972eb2543942178eb60
Sha256: 13d810b320d89f5c6b226b11209b1e29d00f0bc5e63330a80b69c612fb2c3a0e
                                        
                                            GET /services/editor-elements/1.9519.0/rb_dsgnsys.thunderbolt.manifest.min.json HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niung.com/
Origin: https://www.niung.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Sun, 04 Sep 2022 09:53:03 GMT
etag: W/"ec2c04689ae6692fddbbb42ee36c05eb"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1662287612.9377187807423212470
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:14 GMT
age: 27403
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 251
x-timer: S1662312675.712236,VS0,VE0
vary: Accept-Encoding
content-length: 1225
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3543), with no line terminators
Size:   1225
Md5:    c62aa599909838d4cfa1c6611297131f
Sha1:   2ec77b9adbb7226942d453bd0b751db8e5ea3deb
Sha256: 92cd483bc08df25c1ac98771478d7c1f5a3e06e22452d8d889b240f05f432f67
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:33:44 GMT
Expires: Sat, 10 Sep 2022 22:33:43 GMT
Etag: "f94ea056fc03cd352b70a0e0dea8ab327fbeb921"
Cache-Control: max-age=535948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745875276cb0b50f-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:33:44 GMT
Expires: Sat, 10 Sep 2022 22:33:43 GMT
Etag: "f94ea056fc03cd352b70a0e0dea8ab327fbeb921"
Cache-Control: max-age=535948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745875278b94fac4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 12:31:07 GMT
Expires: Sun, 11 Sep 2022 12:31:06 GMT
Etag: "ecd0759fec7c350b5ecbd03ceb43986e1d25cf6b"
Cache-Control: max-age=586191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745875254b2d0b51-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:33:44 GMT
Expires: Sat, 10 Sep 2022 22:33:43 GMT
Etag: "f94ea056fc03cd352b70a0e0dea8ab327fbeb921"
Cache-Control: max-age=535948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745875290f9ab50f-OSL

                                        
                                            POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_miss&dc=84&et=1&event_name=Init&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&ita=1&msid=5abaac00-432c-4c60-8706-772eb521c0a0&pn=1&sessionId=80dba98e-30fa-4a3e-9140-b370d69cabb2&siterev=55-__siteCacheRevision__&st=2&ts=54&tts=973&url=https%3A%2F%2Fwww.niung.com%2F%3F&v=1.10897.0&vsi=dde9c49d-c267-4e9f-b5b4-0b60cc1d9d8b&_brandId=wix HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:14 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_miss&dc=84&et=12&event_name=Partially%20visible&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5abaac00-432c-4c60-8706-772eb521c0a0&pid=tuckg&pn=1&sar=1280x1002&sessionId=80dba98e-30fa-4a3e-9140-b370d69cabb2&siterev=55-__siteCacheRevision__&sr=1280x1024&st=2&ts=513&tts=1432&url=https%3A%2F%2Fwww.niung.com%2F&v=1.10897.0&vsi=dde9c49d-c267-4e9f-b5b4-0b60cc1d9d8b&wor=1280x1024&wr=1280x939&_brandId=wix HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:14 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:14 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:33:44 GMT
Expires: Sat, 10 Sep 2022 22:33:43 GMT
Etag: "f94ea056fc03cd352b70a0e0dea8ab327fbeb921"
Cache-Control: max-age=535948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745875275d27b50c-OSL

                                        
                                            POST /bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=false&msid=5abaac00-432c-4c60-8706-772eb521c0a0&session_id=80dba98e-30fa-4a3e-9140-b370d69cabb2&ish=false&isb=false&vsi=dde9c49d-c267-4e9f-b5b4-0b60cc1d9d8b&caching=miss,miss_miss&pv=visible&pn=1&v=1.10897.0&url=https%3A%2F%2Fwww.niung.com%2F&st=2&ts=49&tsn=968 HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:14 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            GET /media/459bfd_5fe42cc7a06c46449adcdf8742c2914d~mv2.png/v1/fill/w_35,h_35,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/discount.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1714
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQzAN47JeA6uD4f4m56XNMw6
x-seen-by: image-manipulator-556498cf55-lj9lx
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1714
Md5:    a7e511bb368501eae94f48a1f0933c0f
Sha1:   0bfe5aac2509802413cea7e4fe3f61a35c6c7bbf
Sha256: 15ad0a5121fad6d8c79775b41eaddd63a6526714c419e69ab231a0b7b13b5e5c
                                        
                                            GET /media/459bfd_5fe42cc7a06c46449adcdf8742c2914d~mv2.png/v1/fill/w_45,h_45,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/discount.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 2230
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQvtkdMILE42dDMQGaqFxxKi
x-seen-by: image-manipulator-556498cf55-46qdb
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2230
Md5:    0669063c91a3016cf417107fe96fb3be
Sha1:   22b19fe0c20c07e6091f76acefff31f0a943e1a0
Sha256: 8a94d0667f6c893434b799dfe1d4bc890e2ca91f62c73b2e63eef7cbfb49ce65
                                        
                                            GET /media/459bfd_5fe42cc7a06c46449adcdf8742c2914d~mv2.png/v1/fill/w_30,h_30,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/discount.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1276
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQwGmRxX85Gdi9nwYICFm80Q
x-seen-by: image-manipulator-556498cf55-vdgbj
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1276
Md5:    1aaf36d4d894c455cc8ddf716bc2aa2d
Sha1:   f1d227eb936006f6e1bb782d036c1c706a86c340
Sha256: 6bcd2c42fa271ca86a904a803166e3cf1e296f60644a50b54a8f7dc02ffc6169
                                        
                                            GET /media/459bfd_95fa2e508bbb41ca839b5d02d57f91de~mv2.png/v1/fill/w_58,h_57,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/2.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 3330
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQzzUhMScdCawPKzIwkEKaqD
x-seen-by: image-manipulator-556498cf55-rs6hm
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3330
Md5:    c6cb98c7c1c9000f8ab9ab95182d7326
Sha1:   76a5116fc057d17f639c90069e11be724c2aa4f6
Sha256: 149c65b2eb3438c572388950fd084c0171781f8d4bd79739e953128b4331c0d2
                                        
                                            GET /media/459bfd_1d864a45bbcc47a3a96001769cf4514e~mv2.jpg/v1/fill/w_37,h_36,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/photo_2022-07-05_08-49-38.jpg HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 804
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQtRUOHhAcq0aZ53fKNyF4SB
x-seen-by: image-manipulator-556498cf55-bxw96
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   804
Md5:    45e7f67fc1c05bbc3f8beddeed0e861e
Sha1:   6ed59d6c0e6909c3692d1adf53fe6b70df3f51f5
Sha256: aeff64a8ffb78eaba8a9b7f58353a8043a5434998c7508ff396092be7fcf801c
                                        
                                            GET / HTTP/1.1 
Host: www.niung.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         34.149.87.45
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://fonts.gstatic.com>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
x-wix-request-id: 1662312673.409185368238316359
content-language: en-US
strict-transport-security: max-age=3600
age: 0
cache-control: private,max-age=0,must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: Pepyaka/1.19.10
accept-ranges: bytes
date: Sun, 04 Sep 2022 17:31:13 GMT
x-served-by: cache-hel1410020-HEL
x-cache: MISS
vary: Accept-Encoding
server-timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_g
set-cookie: ssr-caching=cache#desc=miss#varnish=miss_miss#dc#desc=fastly_g; Max-Age=20; Expires=Sun, 04 Sep 2022 17:31:33 GMT
x-seen-by: yvSunuo/8ld62ehjr5B7kA==,GXNXSWFXisshliUcwO20NYMupe6WQf6MVMrzEUOojIKf4E6HKh3PH6doJ2VF4FXU,qquldgcFrj2n046g4RNSVFU+wIjSmTlxqMUV00MvxJE=,2d58ifebGbosy5xc+FRaltqywjNyncMQzZ3uyqfUELPaOwlEmpLHcYgbJHhu8oqG3QpI/ucnHvfrUjeESIoVegDh8aIKFtQOze0aX93Kwoo=,2UNV7KOq4oGjA5+PKsX47IVh8rwr1kfSZp8MOIif7faa46R9xNIlpQ4eUPYpBuqs,7npGRUZHWOtWoP0Si3wDp+I4azTunjwyiVamPTkZrGg=,updaSF0YDozocDRTgMoSRx2zwIem7psfULosc1cPik+PcNylTT0foMRHPtJudKvD,xTu8fpDe3EKPsMR1jrheECQL3cFqPCYfPaFzg4H7IMI=,LoUK8/saGAmOxZWtpubo2vqVOBXhnDSwvGX8aM95ZWIdenVt5Kstx13iSkMEZRwqNUmHGzcc+VXa/76SPCuehg==,xTu8fpDe3EKPsMR1jrheEFoOC4U6TGakj8HoIKKtzJ0=,xTu8fpDe3EKPsMR1jrheEEtMwhBpP4dtsDqfspFnJFc=,/a5ccLSK1HEmwPNg/x6OujQ52jUlr9pfcweKBqImszbT0Su29trl5vtmoT9pQOvy0TuUtAN2KOeu7WiQVMLEEA==
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22881)
Size:   128438
Md5:    15bed1912e1ae50935bae5bf549b304a
Sha1:   cd326c6a92103494d8957a8b83c918b480034f42
Sha256: 8ba1104f7419e6666326a5c7a7fd05e864e195bd51124937710950ebc23b41ec
                                        
                                            GET /media/459bfd_4fab2b431ad2442d962638e0b6241100~mv2.png/v1/fill/w_58,h_57,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/7-1.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1578
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQwW9gF66CK6EyJqLEpDbfNA
x-seen-by: image-manipulator-556498cf55-4dkjp
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1578
Md5:    176a6d91086e0d4b415a1f21a413868a
Sha1:   3309c46dae09aa006886e93b85c88cca86a0bab2
Sha256: fef68e68cf3a6dff34dfe327d764b4dc7f51b815d08b1b7e60386bdc705bfcd7
                                        
                                            GET /media/459bfd_1e8c6c3615fc47b684599e6fd2fa4ee1~mv2.png/v1/fill/w_519,h_105,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/0.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 15538
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQuLTSsOIIgfDWPYGmd54Er1
x-seen-by: image-manipulator-556498cf55-7xv4r
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   15538
Md5:    5f4edf8c99b49f620e40b4491af70be3
Sha1:   29227501e15371ee5f67ce87eaea263f9b129c1e
Sha256: a665cab2e464e07508c0f97bae639e2e07cf1642dcb91324d428f208b601a316
                                        
                                            GET /media/459bfd_d585b01b49434b2ba05c8b97e1df3e99~mv2.png/v1/fill/w_39,h_39,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/dollar.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1672
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQytqzLyaX1T2Y4WB4D5hbdj
x-seen-by: image-manipulator-556498cf55-4xtpv
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1672
Md5:    ef7d6223c7c650a447f0cc2ce859799d
Sha1:   de162ebf4609a38cbf79d26b6553fc17b7d9cad0
Sha256: 7b045599bc39f6f1cca64b3f463a3321483918a4cac888ebb2e51b007a8785e6
                                        
                                            GET /media/459bfd_d585b01b49434b2ba05c8b97e1df3e99~mv2.png/v1/fill/w_35,h_35,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/dollar.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1320
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQtnIXGpqxRmFum01vAcUcSm
x-seen-by: image-manipulator-556498cf55-5nl6m
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1320
Md5:    b1dfa797c10e3043bd39fb489073f330
Sha1:   9e948876da8f5012d896a03a1a801a791d14768a
Sha256: 0833f36f017f6d4be9894c5f92a8f79d144a060ab5f818b745c314495dab53b0
                                        
                                            GET /media/459bfd_c7d8c5cdba094ef48bcf61e0518df874f000.jpg/v1/fill/w_265,h_313,al_c,q_80,usm_0.33_1.00_0.00,enc_auto/459bfd_c7d8c5cdba094ef48bcf61e0518df874f000.jpg HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 12592
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQwGeIYPv6D4u5xTMNbG0NmR
x-seen-by: image-manipulator-556498cf55-vf5jh
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   12592
Md5:    311270d6b29a16cea2bddf1af2163f6d
Sha1:   e9652183ff25e1dec4c4835f86384c53510bc149
Sha256: f200d17388f911505ae4914d9ce38efb5a71d870dff96d390f0272642410fb42
                                        
                                            GET /media/459bfd_2cf6a90ecd864abe85a24761e3b64b2d~mv2.png/v1/fill/w_57,h_57,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/1.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 3116
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQv8wwGL20CO038Qsn437PpR
x-seen-by: image-manipulator-556498cf55-778ts
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3116
Md5:    afb1a385a50630fa47121749436a6b06
Sha1:   bd38ba1cc6a8690224e2cd776c32701207e15ea5
Sha256: 301aca28b98260ff2e9f1404f58e9b8c4beeb941ec4a4ad2b62ba1e48c7e5b09
                                        
                                            GET /media/459bfd_be0183d731e64a0ba9b55ab1be19cdf5~mv2.png/v1/fill/w_184,h_183,al_c,q_85,blur_3,enc_auto/logo-last%20(1).png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 12804
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQyFhnHPNGw42PDps3Sshbha
x-seen-by: image-manipulator-556498cf55-fbt9c
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   12804
Md5:    5baa8b55b55843e4380502ecb765849d
Sha1:   fd9c77a98e172bdfe952bee32e6ba113a5057cf7
Sha256: f20bcd4a5e9e36cab6f2b4bf1d7ede51d962e4b29f4328187676beafbada3857
                                        
                                            GET /media/459bfd_2c59a7d6becb42bc8f955f28da9da132~mv2.png/v1/fill/w_63,h_62,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/9.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 2984
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQzbk6HuXA60ZfqLnACV7l4U
x-seen-by: image-manipulator-556498cf55-g2cjq
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2984
Md5:    a1a3d26499e37311ae775b7fe6a8a7b5
Sha1:   bffa3b6eb1cc701d4f33a37389a0ecba81f12115
Sha256: f2f7b0c30ac96544d7a1d9140415d25013823c6c47b2bd0ffe74f34048c737e6
                                        
                                            GET /media/459bfd_5ea71be1429e4c1db93ab13296368cc1~mv2.png/v1/fill/w_88,h_123,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/11.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 8948
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQwJbUSqsDK1lgMD81Guje10
x-seen-by: image-manipulator-556498cf55-8nvdd
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   8948
Md5:    9d4b7038b0b460e2cb9f1f0d8a54c2e0
Sha1:   c59a7a706d43ddbe4afe059f9c34201a88a9e067
Sha256: fd17ab19f1900dce80380a983c4558cf393bfd32199b763a1dd4dc206a6c6bfe
                                        
                                            GET /media/459bfd_fbc319b33ed345d7b7f0444bb041343b~mv2.png/v1/fill/w_73,h_73,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_516a2e8c3ab04d55b10a2a8b7119a536_mv2.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 4964
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQymBJUpyuAwNxFAqkfgLSnG
x-seen-by: image-manipulator-556498cf55-jx24z
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4964
Md5:    871f7c5a5739904f547bbb1f815b354b
Sha1:   4bbdce6e2e23759bf4d340ea668e4a48c48dbeba
Sha256: cb1bcc46bf493a5b189537c577742cf32ed054df00e712ce052792c2c6fb0e53
                                        
                                            GET /media/459bfd_b4d13995e3814dda9624b613c5c910c8~mv2.png/v1/fill/w_58,h_58,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/3.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 3208
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQv4c2618vHnE92jpYpjVI5L
x-seen-by: image-manipulator-556498cf55-kmwd4
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3208
Md5:    694926e5bce9b4b287aa43dbed160d4e
Sha1:   1c6110b0deab8bc3a253fbf54656acab2bfdc847
Sha256: e15e11113ddd13400fd478a2918509dec79ca9687d72b5f90d4e1760077c20da
                                        
                                            GET /media/459bfd_d9316828f10740b497d3e52b3483f59f~mv2.jpg/v1/fill/w_117,h_83,al_c,q_80,usm_0.66_1.00_0.01,blur_2,enc_auto/photo_2022-07-05_08-49-48.jpg HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1332
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQuzuzcDGD0zb0jHoPE86BH3
x-seen-by: image-manipulator-556498cf55-q5p9d
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1332
Md5:    c828c9886feab30a29460d06f558242c
Sha1:   28abdfbca1e4a49424f4c3c37674e5a4c86ca6f5
Sha256: b8c8547f4b72d6a9b0884a3da6296e931e518b27f5663b8bf054086d5dbdafad
                                        
                                            GET /media/459bfd_59683c71cde840e1856db0c20ea18d06~mv2.png/v1/fill/w_63,h_62,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/8.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 3200
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
wix-tracer: 2EJTQwxMnfLuQxuJhbgHi2lTehT
x-seen-by: image-manipulator-testbed-84d468f864-8cx4l
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3200
Md5:    fb17fb8e586bb3fc285c59d4e1f9cbb1
Sha1:   e070179a57e88acb496a1289a4805c1de2b15f33
Sha256: 19813a1c02709482bea17d460fb649dedfc34bed5e82131bc46bb9df061e4476
                                        
                                            GET /media/459bfd_d585b01b49434b2ba05c8b97e1df3e99~mv2.png/v1/fill/w_24,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/dollar.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 1048
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQvwS5Hv7baYVyz8FgAilnt5
x-seen-by: image-manipulator-556498cf55-bdptx
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1048
Md5:    87603715b200cd6b25814d58367fbc1f
Sha1:   484fac8a3d72d108de81f11aa75f0dd55499adf2
Sha256: be43ded741aecad15c1b88a16934c1103fa67ebac829896fe50edb3acbc809a5
                                        
                                            GET /media/459bfd_0662c30b3ec14fc09d257e63fd3d3092~mv2.png/v1/fill/w_390,h_346,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/2-min%20(1).png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 87868
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQyy0pLF27wiyqySoofLrx2F
x-seen-by: image-manipulator-556498cf55-56vmh
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   87868
Md5:    431442965b74a463b07fb024246a4ffb
Sha1:   b06db910d875268a5b4b2a2a07d10de17a52f654
Sha256: 6355fdac6ea1f0ea4327da1ae8e4b91621867aad06ee1d20267857420555d5d6
                                        
                                            GET /media/459bfd_590231c3cf45463fbabfa27c492f5c42~mv2.jpg/v1/fill/w_644,h_448,al_c,lg_1,q_80,enc_auto/adm03.jpg HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/webp
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 10188
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
vary: Accept
wix-tracer: 2EJTQtojiGIHFfTazMxS4MX506Z
x-seen-by: image-manipulator-556498cf55-f9pvb
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   10188
Md5:    a4c7c6bbcde2a820bb185f1fe0105793
Sha1:   694a5f1670ffd1302bd25f3e5d57615ef39d5ec2
Sha256: 59a058d923092ec453dfbf70f8a3f34fd0b14dc66c6e54a8e419850e496a27f6
                                        
                                            GET /video/459bfd_c7d8c5cdba094ef48bcf61e0518df874/480p/mp4/file.mp4 HTTP/1.1 
Host: video.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:14 GMT
content-length: 222525
x-guploader-uploadid: ADPycduotzhL2uOwY_9TKQfVYvKpEE3JtifKpVAcFCDP-gZ81smxfdB__Th1hP8_3cS31dUpdMD-nGvcxIA_1Q6f1JTjFLMLIqLG
expires: Sun, 04 Sep 2022 18:31:14 GMT
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 05 Jul 2022 12:35:33 GMT
etag: "70bbb632bd8e871c94acad5f2083e05f"
x-goog-generation: 1657024533030857
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 222525
x-goog-hash: crc32c=IEyjkw==, md5=cLu2Mr2OhxyUrK1fIIPgXw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-range: bytes 0-222524/222525
access-control-allow-origin: *
access-control-expose-headers: Content-Range, range
x-seen-by: gcp.us-central-1.media-router-654f7d67c5-w2nr4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   222525
Md5:    70bbb632bd8e871c94acad5f2083e05f
Sha1:   b6e64edca4014fe4fc03d59cd45c26851e228516
Sha256: 769da96ff62ec6957c4622cf00d38a6401e3e108d948e0bfc209b34ddc1ceb14
                                        
                                            POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_miss&dc=84&et=33&event_name=page%20interactive&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5abaac00-432c-4c60-8706-772eb521c0a0&pid=tuckg&pn=1&sar=1280x1002&sessionId=80dba98e-30fa-4a3e-9140-b370d69cabb2&siterev=55-__siteCacheRevision__&sr=1280x1024&st=2&ts=1192&tts=2111&url=https%3A%2F%2Fwww.niung.com%2F&v=1.10897.0&vid=2252b7d0-adf0-4405-9331-31fae26d623a&bsi=1cfe3714-dcd7-480d-ab43-363cda31ef7f|1&vsi=dde9c49d-c267-4e9f-b5b4-0b60cc1d9d8b&wor=1280x1024&wr=1280x939&_brandId=wix HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:15 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST /pa?_msid=5abaac00-432c-4c60-8706-772eb521c0a0&vsi=dde9c49d-c267-4e9f-b5b4-0b60cc1d9d8b&_av=thunderbolt-1.10897.0&isb=false&_brandId=wix&_siteBranchId=undefined&_ms=2115&_lv=2.0.985%7CC&_mt_instance=moVnMkiReP38Mvjkg3JWBQkUa3xE0HKa7Nb-sh7kIFI.eyJpbnN0YW5jZUlkIjoiNWFiYWFjMDAtNDMyYy00YzYwLTg3MDYtNzcyZWI1MjFjMGEwIiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWFiYWFjMDAtNDMyYy00YzYwLTg3MDYtNzcyZWI1MjFjMGEwIiwic2lnbkRhdGUiOiIyMDIyLTA5LTA0VDE3OjMxOjEzLjg5NloiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjIyNTJiN2QwLWFkZjAtNDQwNS05MzMxLTMxZmFlMjZkNjIzYSIsInNpdGVPd25lcklkIjoiNDU5YmZkZTQtMWJhNS00NTQwLWEwZDUtOTFlZmNhZGU0YzA3In0&_visitorId=2252b7d0-adf0-4405-9331-31fae26d623a&_siteMemberId=undefined&bsi=1cfe3714-dcd7-480d-ab43-363cda31ef7f%7C1&src=76&evid=1109&pid=tuckg&pn=1&viewer=TB&pt=static&pa=editor&pti=tuckg&uuid=459bfde4-1ba5-4540-a0d5-91efcade4c07&url=https%3A%2F%2Fwww.niung.com%2F&ref=&bot=false&bl=en-US&pl=en-US%2Cen&_isca=1&_iscf=1&_ispd=0&_ise=0&_=16623126713830 HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:15 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:15 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:33:44 GMT
Expires: Sat, 10 Sep 2022 22:33:43 GMT
Etag: "f94ea056fc03cd352b70a0e0dea8ab327fbeb921"
Cache-Control: max-age=535947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458752a2dd6fac4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:15 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:33:44 GMT
Expires: Sat, 10 Sep 2022 22:33:43 GMT
Etag: "f94ea056fc03cd352b70a0e0dea8ab327fbeb921"
Cache-Control: max-age=535947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458752a79cbb50f-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:15 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 07:55:29 GMT
Expires: Thu, 08 Sep 2022 07:55:28 GMT
Etag: "0090cb325980bf7a166e349642240de18941076f"
Cache-Control: max-age=310452,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458752a9b0eb50c-OSL

                                        
                                            GET /media/459bfd_57ebe9593c544f589a93d6665bdd21e5%7Emv2.png/v1/fill/w_32%2Ch_32%2Clg_1%2Cusm_0.66_1.00_0.01/459bfd_57ebe9593c544f589a93d6665bdd21e5%7Emv2.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: image/png
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:15 GMT
content-length: 2653
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
etag: ""
wix-tracer: 2EJTR1KMCoVhhW6uflnn29sAh6D
x-seen-by: image-manipulator-556498cf55-nbnn6
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   2653
Md5:    60bc7c9e4583c03b4d7538fa2b65f79c
Sha1:   f41ea5f46893bb210f31cc3689380d7b77baeb55
Sha256: 1fc688a6cc42fd072ecda22b923bcb5d93671ab5c748d225291937e4ae7c2022
                                        
                                            GET /html/459bfd_31b35a5b8940829b8ec8d233ffe39ce5.html HTTP/1.1 
Host: www-niung-com.filesusr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niung.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.102.176.152
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.21.4.1
date: Sun, 04 Sep 2022 17:31:15 GMT
content-length: 81
x-guploader-uploadid: ADPycdspMJdG0vdWEgHPv87Z5CTS-fAlgvvvzOCG2GxbdAWqX2HiLj-RizNTD5a1dTUja-ijcsaU9IdiheMwmo7AXYSLs0p-3SZ0
expires: Sun, 04 Sep 2022 18:31:15 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Mon, 18 Jul 2022 17:33:55 GMT
etag: "31b35a5b8940829b8ec8d233ffe39ce5"
x-goog-generation: 1658165635564329
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 81
x-goog-hash: crc32c=aOanNg==, md5=MbNaW4lAgpuOyNIz/+Oc5Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-654f7d67c5-wq2kp
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   81
Md5:    31b35a5b8940829b8ec8d233ffe39ce5
Sha1:   fd613d720159ad11085ebb3960c3ffe6594cb945
Sha256: 48c2a1a2daa76336dfa21e5926391c3c2490e3e70ef1674d1bd253495ed37fe3
                                        
                                            POST /bolt-performance HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 20091
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:15 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 17:31:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 17:31:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 17:31:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:58:42 GMT
age: 70353
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14855
Md5:    ca50f9c56ff869b0b63ca71b1a9f8170
Sha1:   13b16ca74113dfd52ccf23e6bb39307fc713f984
Sha256: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 17:31:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:26 GMT
age: 70789
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9690
Md5:    1bdfdf7e36f78f2f0e4d7ede9fdb76a8
Sha1:   babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
Sha256: 949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8688
x-amzn-requestid: e408351e-ba6c-4e55-815d-449af808282f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5yMEFBLoAMFtqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313ca4d-13831d8572a3b3cf54a0e747;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:42:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GFM9jerDkTPdhlUTm99E7Lpksw2ZGnV81bNVaZLvWSAiRNDNtkZi4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:48:07 GMT
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
age: 70988
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8688
Md5:    6bb4b1d74f1443bc3328301ab3ae6464
Sha1:   2768253dacaaad6cb498c6b2eb7694208b0ce0a6
Sha256: 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sywGj-wLtW091vZYhx1AbRAgljYQWe6LuffDjwTDhEebqVzxpQuzEQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:58 GMT
age: 49337
etag: "6ce530af682094dc5413db9de02565691fab4da7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11380
Md5:    fc4ceb10dd9fcaab21ae58dcf10c401f
Sha1:   6ce530af682094dc5413db9de02565691fab4da7
Sha256: 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uz2NbcE4AmOvFQkhJALSpXCGizilya0TuFcczfEwtV09cGXtgVNlpQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:04:35 GMT
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
age: 70000
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5652
Md5:    10318189f33f071dda64249ab9c8c5bb
Sha1:   e5b5b649a243e5c004d9923d19d4421d1ea96d23
Sha256: 3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a800f15-3953-4184-a77c-3696aba95488.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6122
x-amzn-requestid: c8e3c2f9-8314-40ea-82ce-ac203aea0cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjlE-8IAMFzlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b0-0ef61461611d547c76354cbe;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: i3LihiLuF38T7NM6YU0qhC0RqNswNOkdcRX_7ZGbNGK-69pguND8dA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:04:35 GMT
age: 70000
etag: "1d17869c30cdeb7643fe3bcc976c21136799b4e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6122
Md5:    5012bd324b91ad44151392700e27a369
Sha1:   1d17869c30cdeb7643fe3bcc976c21136799b4e6
Sha256: 11e23381d21ca461bb31fc1b832f53613de1316b09dde72b4deda55067011e8a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:15 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 07:55:29 GMT
Expires: Thu, 08 Sep 2022 07:55:28 GMT
Etag: "0090cb325980bf7a166e349642240de18941076f"
Cache-Control: max-age=310452,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458752d2842fac4-OSL

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:16 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 08 Sep 2022 16:02:09 GMT
ETag: "e221d266fe4cb7212b413694ead1d9bf4f48a418"
Last-Modified: Sun, 04 Sep 2022 16:02:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 188
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745875315ba9b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    8e8199190cb7c5307f8a14dec73cced9
Sha1:   e221d266fe4cb7212b413694ead1d9bf4f48a418
Sha256: af8d8c3f82cacfd416a65c230f33f145c09bf1c3b7768eae4d471abf54b10ac4
                                        
                                            POST /bolt-performance HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1800
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:16 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            GET /21300185.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www-niung-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Sun, 04 Sep 2022 17:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=92ba05382c6d534dc69; path=/ HWWAFSESTIME=1662312672450; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    65d31539c90d418451bacc72a2486602
Sha1:   99980e3b3df891e356b84d197d56e47f446e41c0
Sha256: 2c2c999313b2836c05d21680d9d101df01b8f610ccde0f5343c9d3bf1c605a07

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 17:31:17 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 08 Sep 2022 15:33:35 GMT
ETag: "c70ede81f57c80e9bf52f504ac94d0cb0b78913a"
Last-Modified: Sun, 04 Sep 2022 15:33:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1520
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745875389fd6b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    a991565deb561512e76d098908a8aad6
Sha1:   c70ede81f57c80e9bf52f504ac94d0cb0b78913a
Sha256: 405d3dc2d5edd27a28ebf04b45c65df4ae8806a86fc207b8136312ae3a98e7c4
                                        
                                            GET /go1?id=21300185&rt=1662312672896&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662312672896&tt=&kw=&cu=https%253A%252F%252Fwww-niung-com.filesusr.com%252Fhtml%252F459bfd_31b35a5b8940829b8ec8d233ffe39ce5.html&pu=https%253A%252F%252Fwww.niung.com%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www-niung-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Sun, 04 Sep 2022 17:31:17 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=3483f66d2a4b8901e6c; path=/ HWWAFSESTIME=1662312674912; path=/

                                        
                                            POST /bpm?_msid=5abaac00-432c-4c60-8706-772eb521c0a0&vsi=dde9c49d-c267-4e9f-b5b4-0b60cc1d9d8b&_av=thunderbolt-1.10897.0&isb=false&ts=3959&tsn=4878&dc=84&caching=miss%2Cmiss_miss&session_id=80dba98e-30fa-4a3e-9140-b370d69cabb2&st=2&url=https%3A%2F%2Fwww.niung.com%2F&ish=false&pn=1&isFirstNavigation=true&pv=true&pageId=tuckg&isServerSide=false&is_lightbox=false&is_cached=false&is_sav_rollout=0&is_dac_rollout=0&v=1.10897.0&_brandId=wix&_siteBranchId=undefined&_ms=4878&_lv=2.0.985%7CC&_mt_instance=moVnMkiReP38Mvjkg3JWBQkUa3xE0HKa7Nb-sh7kIFI.eyJpbnN0YW5jZUlkIjoiNWFiYWFjMDAtNDMyYy00YzYwLTg3MDYtNzcyZWI1MjFjMGEwIiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWFiYWFjMDAtNDMyYy00YzYwLTg3MDYtNzcyZWI1MjFjMGEwIiwic2lnbkRhdGUiOiIyMDIyLTA5LTA0VDE3OjMxOjEzLjg5NloiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjIyNTJiN2QwLWFkZjAtNDQwNS05MzMxLTMxZmFlMjZkNjIzYSIsInNpdGVPd25lcklkIjoiNDU5YmZkZTQtMWJhNS00NTQwLWEwZDUtOTFlZmNhZGU0YzA3In0&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=16623126741451&tti=2059&tbt=208&iframes=1&screens=4&countScripts=18&startTimeScripts=1080&durationScripts=825&mttfbScripts=13&attfbScripts=10&tbdScripts=264203&countImages=26&startTimeImages=2016&durationImages=159&mttfbImages=182&attfbImages=159&tbdImages=252987&countFonts=4&startTimeFonts=1410&durationFonts=76&mttfbFonts=8&attfbFonts=10&tbdFonts=128318&entryType=loaded&duration=4875&ttlb=1375&dcl=1516&transferSize=71893&decodedBodySize=311960&pageCaching=maybe%20CDN&isSsr=true&isWelcome=false&visitorId=2252b7d0-adf0-4405-9331-31fae26d623a&bsi=1cfe3714-dcd7-480d-ab43-363cda31ef7f%7C1&ssrDuration=527&ssrTimestamp=1662312674175&microPop=fastly_g&isRollout=false&isPlatformLoaded=false&maybeBot=false&clientType=ugc&analytics=true&_isca=1&_iscf=1&_ispd=0&_ise=1 HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:17 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST /bolt-performance HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1274
Origin: https://www.niung.com
Connection: keep-alive
Referer: https://www.niung.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.209.7.194
HTTP/2 204 No Content
                                        
date: Sun, 04 Sep 2022 17:31:18 GMT
server: nginx
access-control-allow-origin: https://www.niung.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2