firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 16:07:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nePVM7xTmDSolI2c-phEfvC0UNF0PnHKV7a6iPpkhepOWbQ9nsRKUQ==
Age: 1968
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2227
Expires: Sun, 25 Sep 2022 17:17:14 GMT
Date: Sun, 25 Sep 2022 16:40:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wdGeV-MnPmMyTp_FZQXa0cgpl5LhyTLyGKgqTq540IGKcmlU5JHcCQ==
age: 43493
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 16:40:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
niumo65.xyz/
104.233.145.172200 OK 9.3 kB IP 104.233.145.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (430), with CRLF, LF line terminators
Hash 7aceedfb3503f826668141c9f87076a7
c1f093cda051401b7d996a2f819c7633d2b15e22
fd1ee42859d789d158d217c26c019a1d5a81a874e7d89e7bb81d4bff021613cc
GET / HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/template/RX@04dgr@r/static/niumowang/style.css
104.233.145.172200 OK 7.0 kB URL HTTP/1.1 niumo65.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP 104.233.145.172:0
File type ASCII text, with very long lines (2150), with CRLF line terminators
Hash 0a283d9eea419a321cd77b21629eb697
3fef09312419e3506c363b0cafb104884be4484a
c2389f428edaaac576d6b1b2d8e3189f4db5550710885ea4df5c71490729432d
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:10 GMT
Content-Type: text/css
Last-Modified: Sat, 19 Feb 2022 18:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6211375e-5602"
Expires: Mon, 26 Sep 2022 12:49:10 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.145.172200 OK 6.4 kB URL HTTP/1.1 niumo65.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.145.172:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 62dc779cd52fc5274d0d58bc681126ed
ec57b6123c132089389034ac34e968648addd172
565398da5418716a6b677bd1a6f4db8411b82693be1d6ab33a98f08bf054e576
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:10 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:40:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554dda-64a0"
Expires: Mon, 26 Sep 2022 12:49:10 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 16:04:17 GMT
Expires: Sun, 25 Sep 2022 16:16:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c4fUJXVwod67BjoneSvUCZt82e7nd45BZZL7t12RaA_s5uktFtSqtw==
Age: 2151
niumo65.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
104.233.145.172200 OK 2.9 kB URL HTTP/1.1 niumo65.xyz/template/RX@04dgr@r/static/niumowang/jquery.superslide.js
IP 104.233.145.172:0
File type Unicode text, UTF-8 text, with very long lines (9089), with CRLF line terminators
Hash 31e359f5cacb92dad752b32e3c6c0361
44bba5460162230d7b1b7d413c7382676523ce4b
f481364014b8a1dcd2783962146105225f2a99b0267d17ed941f927bd4b2c1b2
GET /template/RX@04dgr@r/static/niumowang/jquery.superslide.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:41:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554e0c-2506"
Expires: Mon, 26 Sep 2022 12:49:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
104.233.145.172200 OK 2.3 kB URL HTTP/1.1 niumo65.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP 104.233.145.172:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a85918551a0dc3061b8c8f990b9e78c2
16ed58ecab4899f3e8292814e27345f704076dff
31340eb698a2c6f58a54069d7a72fc4e6ce8c27f341ce366842a2a7e1814b537
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:43:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554e6e-1917"
Expires: Mon, 26 Sep 2022 12:49:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.145.172200 OK 10 kB URL HTTP/1.1 niumo65.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.145.172:0
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash 53af61abeb4c1a20e01f446c400e142e
8923004bb318d9e15cf02acfd1173f12327fea2e
70eb9cb2ebbe915e21d0d9996d64d71e94b024308c8fd57cee922d309ad66913
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: application/javascript
Last-Modified: Thu, 30 Sep 2021 05:43:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61554e92-994b"
Expires: Mon, 26 Sep 2022 12:49:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/smbaidu/tj.js
104.233.145.172200 OK 1.3 kB URL HTTP/1.1 niumo65.xyz/smbaidu/tj.js
IP 104.233.145.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (656)
Hash efd6a81f12bf1e8efc1d2074221a5e7d
afa18fac0a992e43eaabbd15fc9edc0246bfec02
26619d817121eec0eb3afa228fcefdcf44ebc936379ef3865f5be409025e1c10
GET /smbaidu/tj.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Sep 2022 19:40:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632a1734-bc8"
Expires: Mon, 26 Sep 2022 12:49:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/smbaidu/tpwz.js
104.233.145.172200 OK 526 B URL HTTP/1.1 niumo65.xyz/smbaidu/tpwz.js
IP 104.233.145.172:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d3beb7840494ba2be21c41eee16becab
329ea7ee305b817ddcbaf7b38aa73ea92d245132
78001c0ecb0108850c2bab23b86ad0c18032dc943354835de1b7ba9f025871bc
GET /smbaidu/tpwz.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: application/javascript
Last-Modified: Fri, 02 Sep 2022 03:09:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"631173e7-5a8"
Expires: Mon, 26 Sep 2022 12:49:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/smbaidu/dibu.js
104.233.145.172200 OK 6.5 kB URL HTTP/1.1 niumo65.xyz/smbaidu/dibu.js
IP 104.233.145.172:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
Hash 777b81e328fcec4008aad647ba319fc8
46c3bd95dfc26c93f20aef1095ef0ac166371cf8
3f10073bfbfa548737f9ef3657cb20569ff6326b483de3e2d0b6dcd4929b963e
GET /smbaidu/dibu.js HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 29 May 2022 00:27:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6292bde8-531d"
Expires: Mon, 26 Sep 2022 12:49:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.145.172200 OK 25 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/gif
Content-Length: 25278
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-62be"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 131d74cfef3b0d0b723ce3d99322ad3f
b32174a5aa06188c375d1092ff131390cc54e57b
b274f2c04977a404fe374ed33ffb36b100b3e45717ccda2b2219ae6bfa03a163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B274F2C04977A404FE374ED33FFB36B100B3E45717CCDA2B2219AE6BFA03A163"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1155
Expires: Sun, 25 Sep 2022 16:59:23 GMT
Date: Sun, 25 Sep 2022 16:40:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7865216f440f6c92c7645b3d7792080
189c6407980953aa1ea1296d1bbd4d8a02322e5b
191d1ee8a0d5dd1fed9c6084013629e0a28db2456400d486dc2eed34c9a209d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191D1EE8A0D5DD1FED9C6084013629E0A28DB2456400D486DC2EED34C9A209D9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10556
Expires: Sun, 25 Sep 2022 19:36:04 GMT
Date: Sun, 25 Sep 2022 16:40:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7865216f440f6c92c7645b3d7792080
189c6407980953aa1ea1296d1bbd4d8a02322e5b
191d1ee8a0d5dd1fed9c6084013629e0a28db2456400d486dc2eed34c9a209d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191D1EE8A0D5DD1FED9C6084013629E0A28DB2456400D486DC2EED34C9A209D9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10556
Expires: Sun, 25 Sep 2022 19:36:04 GMT
Date: Sun, 25 Sep 2022 16:40:08 GMT
Connection: keep-alive
kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:08 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:08 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:08 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.145.172200 OK 73 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/gif
Content-Length: 73223
Last-Modified: Sun, 29 May 2022 19:29:12 GMT
Connection: keep-alive
ETag: "6293c988-11e07"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo65.xyz/logo.html
104.233.145.172200 OK 826 B IP 104.233.145.172:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d00b7df69522bf71f59047c570152aba
7dfa7d7b78ef9cbe530d38166368902ccc2ba777
39d6e18c64a02091e80c09464c295364a2d6320cce80fe913336635977ca9419
GET /logo.html HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: text/html
Content-Length: 826
Last-Modified: Wed, 24 Nov 2021 04:39:45 GMT
Connection: keep-alive
ETag: "619dc211-33a"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 91f3d14dbc32d2e304a753cc807af27e
608d7f37751f0c54845e6ad52ee4bed1c31368be
ad154b945ee16949cdc00a01469beeb107625781bd8692914e72d9dbee6b9bf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD154B945EE16949CDC00A01469BEEB107625781BD8692914E72D9DBEE6B9BF5"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16820
Expires: Sun, 25 Sep 2022 21:20:28 GMT
Date: Sun, 25 Sep 2022 16:40:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7557fcf870a140c23403c482de9d3c45
577ddbaecc730f7bcad14ff57e31353acd21bd91
15a97864c0d1f441cf1ff47c4aab2f7103b978d930e937073f89b3eeb73e0dd2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15A97864C0D1F441CF1FF47C4AAB2F7103B978D930E937073F89B3EEB73E0DD2"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Sun, 25 Sep 2022 18:37:22 GMT
Date: Sun, 25 Sep 2022 16:40:08 GMT
Connection: keep-alive
niumo65.xyz/static/fonts/voltaire.woff
104.233.145.172404 Not Found 7.2 kB URL HTTP/1.1 niumo65.xyz/static/fonts/voltaire.woff
IP 104.233.145.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 61770fce11a09cf460d45cb507670b0b
a91724b0e57f8426b0e3572cbcb226359ae6501c
1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a
GET /static/fonts/voltaire.woff HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://niumo65.xyz/template/RX@04dgr@r/static/niumowang/style.css
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32a0cd2dbfc27781fddd8d8a229a3204
7220d4b0e2360b9b2c1547a93ba1e00f1e3c4079
9c33557325d343cfbb34f1338b74cd1fa6db9471b1756d90590d60d7021e571f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C33557325D343CFBB34F1338B74CD1FA6DB9471B1756D90590D60D7021E571F"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9362
Expires: Sun, 25 Sep 2022 19:16:10 GMT
Date: Sun, 25 Sep 2022 16:40:08 GMT
Connection: keep-alive
niumo65.xyz/dingbu.html
104.233.145.172200 OK 184 B IP 104.233.145.172:0
File type HTML document, ASCII text, with no line terminators
Hash 9b085adba713cedda1a4d7a0dc8cfc66
561f762351b59db88b827e6d49761fb232cc56c5
652b35a7d15c305e8a1d7c54c487cc93e1a22c6caa967244ff74705ea4d1f43f
GET /dingbu.html HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: text/html
Content-Length: 184
Last-Modified: Tue, 06 Sep 2022 22:24:27 GMT
Connection: keep-alive
ETag: "6317c89b-b8"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e38df505824424dbefbda5bfdcaf2ecd
72bc2acce6674ff54ebd7d456007b89d1796bea5
4dd6639df2a5bdbe0e6595d30f856ca9966d7cecedf81aa250827586a1e7c6bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DD6639DF2A5BDBE0E6595D30F856CA9966D7CECEDF81AA250827586A1E7C6BC"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Sun, 25 Sep 2022 19:26:51 GMT
Date: Sun, 25 Sep 2022 16:40:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e38df505824424dbefbda5bfdcaf2ecd
72bc2acce6674ff54ebd7d456007b89d1796bea5
4dd6639df2a5bdbe0e6595d30f856ca9966d7cecedf81aa250827586a1e7c6bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DD6639DF2A5BDBE0E6595D30F856CA9966D7CECEDF81AA250827586A1E7C6BC"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Sun, 25 Sep 2022 19:26:51 GMT
Date: Sun, 25 Sep 2022 16:40:09 GMT
Connection: keep-alive
niumo65.xyz/static/images/hot.gif
104.233.145.172200 OK 254 B URL HTTP/1.1 niumo65.xyz/static/images/hot.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/gif
Content-Length: 254
Last-Modified: Wed, 29 Sep 2021 05:51:10 GMT
Connection: keep-alive
ETag: "6153fece-fe"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: text/html
content-length: 162
location: https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
niumo65.xyz/static/images/empty.jpg
104.233.145.172200 OK 13 kB URL HTTP/1.1 niumo65.xyz/static/images/empty.jpg
IP 104.233.145.172:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/jpeg
Content-Length: 12963
Last-Modified: Thu, 04 Nov 2021 12:44:18 GMT
Connection: keep-alive
ETag: "6183d5a2-32a3"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo65.xyz/static/images/empty_288_144.jpg
104.233.145.172200 OK 13 kB URL HTTP/1.1 niumo65.xyz/static/images/empty_288_144.jpg
IP 104.233.145.172:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty_288_144.jpg HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/jpeg
Content-Length: 12963
Last-Modified: Thu, 04 Nov 2021 12:48:12 GMT
Connection: keep-alive
ETag: "6183d68c-32a3"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: text/html
content-length: 162
location: https://kvhccc.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
niumo65.xyz/nmwys.png
104.233.145.172200 OK 3.1 kB IP 104.233.145.172:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/logo.html
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/png
Content-Length: 3079
Last-Modified: Tue, 02 Nov 2021 14:02:30 GMT
Connection: keep-alive
ETag: "618144f6-c07"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b785f93e9c48df6419a8cae9beefc4
2c0054c168efd3b5a5360a29973494905a35240f
ba78c89bd6a0e8aff574700b01e477255e260de7b30bc17759d66a7bc936aa1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA78C89BD6A0E8AFF574700B01E477255E260DE7B30BC17759D66A7BC936AA1F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12472
Expires: Sun, 25 Sep 2022 20:08:01 GMT
Date: Sun, 25 Sep 2022 16:40:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b785f93e9c48df6419a8cae9beefc4
2c0054c168efd3b5a5360a29973494905a35240f
ba78c89bd6a0e8aff574700b01e477255e260de7b30bc17759d66a7bc936aa1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA78C89BD6A0E8AFF574700B01E477255E260DE7B30BC17759D66A7BC936AA1F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12472
Expires: Sun, 25 Sep 2022 20:08:01 GMT
Date: Sun, 25 Sep 2022 16:40:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8026bfa147a21b0d604155875c4b782
5951924acf934c48f7aecabe67ef77581e58212d
4003aacdd07a3d7bbc1989b9d9a15267716df965ee8928be364cbb7cba925ce8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4003AACDD07A3D7BBC1989B9D9A15267716DF965EE8928BE364CBB7CBA925CE8"
Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16010
Expires: Sun, 25 Sep 2022 21:06:59 GMT
Date: Sun, 25 Sep 2022 16:40:09 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/s3gpef5s53v.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/s3gpef5s53v.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b68fde0ed01e6638f06b7843654e64ea
815c0675b890ed61196b6ac55da2a4c12d314b57
5fde46d7af9235975ae1647f763c6673880e12c089ed8f4204825694b4d2923b
GET /upload/vod/2022/09/s3gpef5s53v.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 11631
cf-bgj: h2pri
etag: "632ea33a-2d6f"
last-modified: Sat, 24 Sep 2022 06:27:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6848
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A1Mbve29zAqJXqh2n4hsl%2B9zXFNd40Sq13vfnMwqmzYLyO8YD166xJB6HL3YVWhogF%2Fl7NjI9VFW7pNjnTjqQxPuElcvec3DpVo%2BtFvl4JhoBT0yTqfFeddwTzQxAkjLO1h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc7d756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4wehd3llu1g.jpg
104.21.235.63200 OK 9.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4wehd3llu1g.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5459fdc53d7afb92f5730314940f88b7
34b4f5e4082edbf8e4d76c43e367a549ce36760c
2645eea97a5292a2c1cd90b1fe91422f6705e1e57b4f981c97a06b23a22957ea
GET /upload/vod/2022/09/4wehd3llu1g.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9157
cf-bgj: h2pri
etag: "632ea344-23c5"
last-modified: Sat, 24 Sep 2022 06:27:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V866fs%2BtpnLGkyexeZoJDHm4Q8xh49GAPi7kZM4rw2wI6UGuoliv2g%2B4iQeS7WpVSPOcjAjiIM3Vz%2BOBSD%2BieoIvTwfhVzarz7lCQIIAVtAF0K%2FMGOqrjSb2XA6BijmApYsG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc81756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/uno2iv1dwgr.jpg
104.21.235.63200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/uno2iv1dwgr.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 304x405, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 9b4567f80d013b5953929fd9cfdf08e6
c64f049776c9b586e8031dd07d021a0fd1a2dd92
c7b0c476984af6e849a445730657d6176ef53c98073655bdcb20c11fd5a88639
GET /upload/vod/2022/09/uno2iv1dwgr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 10065
cf-bgj: h2pri
etag: "632ea343-2751"
last-modified: Sat, 24 Sep 2022 06:27:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6848
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MXtztVZ%2BQUfScoffuQToCx9qJsd0YmhnmePEArQyDC%2BTzi4PJ1GVSHhSPDt4LxK%2BPtNFwCYD13%2Bjr%2FCrP%2FBeUJg6FJ1R%2FXd0Gi06PSzthw9tuwC5WjYInYGazTshTQu7VC3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc80756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niumo65.xyz/static/fonts/voltaire.woff
104.233.145.172404 Not Found 7.2 kB URL HTTP/1.1 niumo65.xyz/static/fonts/voltaire.woff
IP 104.233.145.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 61770fce11a09cf460d45cb507670b0b
a91724b0e57f8426b0e3572cbcb226359ae6501c
1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a
GET /static/fonts/voltaire.woff HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://niumo65.xyz/template/RX@04dgr@r/static/niumowang/style.css
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
fmtu.netfhtu.com/upload/vod/2022/09/aimmzu3jgno.jpg
104.21.235.63200 OK 8.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/aimmzu3jgno.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 99bb82d655228b9bf7f3c09f1b4c6593
0782f70c67d408c25dc6fd25f8fd2263a6542f41
d7081ed0312125978f9edd8a783c7031d42f3f91141911c4af30f8a5b3e9b49a
GET /upload/vod/2022/09/aimmzu3jgno.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 8594
cf-bgj: h2pri
etag: "632ea337-2192"
last-modified: Sat, 24 Sep 2022 06:27:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5204
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ez%2BUtUNxnWBuxr9YKCIQ6gieTZX3M6D2abfFyJUTUCAIKyPPHVrr1vpdBuTy2rZesI9CJ5UrHiH19Vind3k%2FV%2BGrZcZ1uIOdrlM1DFi6uH0QTDnIvlweJ%2BYk9oOr8kjBkoNb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc78756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/azcwhhllewk.jpg
104.21.235.63200 OK 9.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/azcwhhllewk.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3539360f9f44b1f39ac8a95beb692a80
49fe0c8b36f4d38dcc6efc41b85c6ba7939b01b8
a76d7974f1055eed849b7bd21a5a853e9f7121557637413e598eb2630625ed2b
GET /upload/vod/2022/09/azcwhhllewk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9866
cf-bgj: h2pri
etag: "632ea3b0-268a"
last-modified: Sat, 24 Sep 2022 06:29:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Bxz4vmvslYJi9ukSuWMT9IE4gXlF87F1tt5Odc4pGaRrbhDIAqp2%2FDE5m%2FgAyb0CDZSk6B8NRFqDFWD%2FW%2BK2NDXqFRtSr45bYXaDmSud87n2n6ew7JV6QUkBPeEign5Bkyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc8d756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/psccz4xgp1w.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/psccz4xgp1w.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 11x18, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 3cc177a3ccf19f39c93b398f04aa6a47
a75e3a73832ab45530d4f55eaa5a63d2f91bc915
2cd1f8fcd689d9c257268a532719e94c7b74a4c1aea8e9b7bec190b263faded1
GET /upload/vod/2022/09/psccz4xgp1w.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 11631
cf-bgj: h2pri
etag: "632ea3af-2d6f"
last-modified: Sat, 24 Sep 2022 06:29:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl2N9e8HHmipqs3A3Tax5SdedPQYkobL5mNsuNi8E2BnSUl1jx2Zqdqxw82sCmQxx8jfurvnPkvpgTXyTG2b6DpXLkEzW7HdMvljLJvYYr%2FDGG8yhSjvZUJQ6AiBJNdDjk06"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc8b756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/cuwoq1s3nlz.jpg
104.21.235.63200 OK 9.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/cuwoq1s3nlz.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5f94c5d240e565517f0d186dbb3261bb
16abe1190798a8dbd696792538a62af0630296a8
9933541a5594baecaadec8bfb2af6450736c1d3ead20e3cc0703df9e35052bf0
GET /upload/vod/2022/09/cuwoq1s3nlz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9071
cf-bgj: h2pri
etag: "632ea344-236f"
last-modified: Sat, 24 Sep 2022 06:27:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BEuP593ADsKOqA7rSk4EcVGgq30jyUBfTZZcLt9fE5e1HzPYeqa%2Bf%2BuAFixCq75h0P4q6BnIJOugb7UB9sEn5keWYJZjDQqwGYlYS%2BdNyzKBJPoe%2BJBOGK5x5qMHheSsN0w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc84756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4dntgqe3knz.jpg
104.21.235.63200 OK 8.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4dntgqe3knz.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 110dc094fa958421b1e51821846cd1e0
54ad4ac35fe70cbd7e1802ab85bbd4b12ff98e29
e80b9d7ecbdf5b6bcd347cacfd2f3cee99db899d6e898623e2af80da7d80f888
GET /upload/vod/2022/09/4dntgqe3knz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 8575
cf-bgj: h2pri
etag: "632ea3bc-217f"
last-modified: Sat, 24 Sep 2022 06:29:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa4HWdqLxIuDCsXE09XPrCXKFgLjcaH%2FysxFihzNnG2K9A4Lr9XmaTxXFxfD%2Fuc%2FO7wc4oR3VmJinnYcnbcNcfzkLJ9LKWB8LO6IB6INa8Ccdr%2BIOlyY%2BUxkIqBK8y0oWED2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecb9756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tlynuakpdaf.jpg
104.21.235.63200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tlynuakpdaf.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 653ec5c8bd7c46afc54dd684a59e466f
75109b7a155699c580c2efc5cad9764bf761c0a8
3027bd842b8be463929f04be02f6d0dd9d7f147a5e24a6c28f23320b0bbf6f62
GET /upload/vod/2022/09/tlynuakpdaf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 7599
cf-bgj: h2pri
etag: "632ea2c9-1daf"
last-modified: Sat, 24 Sep 2022 06:25:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5728
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K%2F70VXYSV7hsOJzRITcGCFGW9Xq0ZnBH%2FnyLLk%2BeoPG6IIqXuZEQ8y4SqecfjxVfbI8FLyt16J4zCdpJjjbXJ3mvsxlpkfz4dZUNIegTi7Q4FL8UyrmzFT4gFtF3LnPHY0m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecbc756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4p1xyadrhyd.jpg
104.21.235.63200 OK 8.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4p1xyadrhyd.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ebf37cdc35234b5e321380abfdf421df
a82ef9b8fc59dca27a8141ff11d1ff8ae4e0fc71
a7a0dcc50b247841a6cbb8b851299a77fc69f5f7e64fd28708312c0e725cc704
GET /upload/vod/2022/09/4p1xyadrhyd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 8703
cf-bgj: h2pri
etag: "632ea2c9-21ff"
last-modified: Sat, 24 Sep 2022 06:25:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5728
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BXZF3TAUfkWjQk5xTJHfyPHcBNz6tdIfLGPsGWjiJs012eQ52h5JRgC00I%2Fmkz71YdsxyQklk2ly33iGHvo%2FKknO5tqkGLLKtAemWatyBwLASQgrewEvt83EcBZqQRZiV2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecbd756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/xpzhqil1ge0.jpg
104.21.235.63200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/xpzhqil1ge0.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash eabdd27977d3e8ccac34845f124d0a72
f8f81fcd88baf9c60e9e1103df988a3eae5a7004
49267611636457ca9d1ef629be0c6c75a7c8625c06a8ee5ea659d09ff6c7c062
GET /upload/vod/2022/09/xpzhqil1ge0.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 10041
cf-bgj: h2pri
etag: "632ea2cb-2739"
last-modified: Sat, 24 Sep 2022 06:25:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2774
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YQyqwfoeUoucHJADktZWc4Cvbj8P1sQVPpRDyjxC%2FuuCzMsN4esPpx%2FMHL2TVSkvK1w0Qeim%2Bof%2BqHu8ZrepS9rtIo2StT8HL%2FN7ZjpCb%2F%2FCx4P0QumlwyKK2sIkgNG6%2F8G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecc6756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/lbjml0dlcea.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lbjml0dlcea.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash dcf250daf5db9e80fbd365c5402dbb3e
1b58f53abc798f2367089f46c7057336ad2ec032
a84c953a9b1b250b592fb73883f2fad8b3170e0accaf818793413d3c3ae0e93d
GET /upload/vod/2022/09/lbjml0dlcea.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 10892
cf-bgj: h2pri
etag: "632ea364-2a8c"
last-modified: Sat, 24 Sep 2022 06:27:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FmhHmnR27HmjhvN%2FgdggJYpYkEtxlh9%2Bumfo0DGBxa0spGRPUC6F23ejaKg4SyLo%2Beq6ipK5XqcprpY5W3wXoms6XDp%2BoTNgfNOnXKZJ2KPCUuYlBEFxeLIb71EV24qRrW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc86756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tldlcdliwxp.jpg
104.21.235.63200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tldlcdliwxp.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 038f24d17498bbfa2dde77f1f0187705
b21eb2008de2f4e28ca48c870fe9a14330dc7b33
78d107cab245887e7d1498afcad589a902018b422151ecadcc67cbeb612de518
GET /upload/vod/2022/09/tldlcdliwxp.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 8952
cf-bgj: h2pri
etag: "632ea3b1-22f8"
last-modified: Sat, 24 Sep 2022 06:29:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2Bl4%2FJD33URxSv%2B1ApvN2T1zE6L1KG%2BnxkvtzK5WXZJjeLVmjp8h5iHDbB3TvnzPmQgTSlUWkSZJxz%2F1NNLGKMrD9BjiMTseEct2pRQCDQD8o3X7rtQIOaoJE61e6GKSLmQd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecb3756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/haidbgq00a1.jpg
104.21.235.63200 OK 9.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/haidbgq00a1.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3adc4a8d11d6d17af1c24c46746eb8b6
04405a2c9bd6e2fe1bf881688ea4d995e854cc09
f9bd21a0407b4f4e8dc95bd736f28edb805306a9ed94317f72904d6605d0550e
GET /upload/vod/2022/09/haidbgq00a1.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9639
cf-bgj: h2pri
etag: "632ea3b2-25a7"
last-modified: Sat, 24 Sep 2022 06:29:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJd1cMtpmulTufw%2F4HuE4R9YEVgUEwOIYDthOTCmz18AfODrIeRWzF%2FRP4KRKPSg8QmTIFLgXuDMp%2BSUZwkWXhhJHqafKipGuZ%2FyQhgxSTFmrqBF2nv4IJ5xvqVbZK%2BF%2Ftth"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecb5756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/bkl45damtyu.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/bkl45damtyu.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash da3586811ffaeae12943733131f9344f
7a1e067930fae030dbe0c6fa3bda790399417bed
c77d46e21ba758cdfb9ee5e1dc31af73e73c7d59850e60062d89d982b5b76d9a
GET /upload/vod/2022/09/bkl45damtyu.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 11199
cf-bgj: h2pri
etag: "632ea3b3-2bbf"
last-modified: Sat, 24 Sep 2022 06:29:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ%2B1CZSqa%2F%2BPmjAFfCbLJY%2BWGvD7jn0p%2FpxtzJCLHXxOPjqG90m87q0btBxWulRDGcCcwMSHlP5E6M7KU3uqONr8F1khwcPsykv%2BS2c2TJtYwTLg2Yk0mcycq3rOjKE32yx8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecb7756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/nfi3pw1pz4q.jpg
104.21.235.63200 OK 9.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/nfi3pw1pz4q.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7cc3fb5eec0059c495a0516e7bd77c2a
3d13b621b865e1b2684dbd3f537aed79de126df1
2426d658fcbb45278865e5ae2ced3079cae79189a38e00b4c7e609e4be2c32be
GET /upload/vod/2022/09/nfi3pw1pz4q.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9509
cf-bgj: h2pri
etag: "632d591e-2525"
last-modified: Fri, 23 Sep 2022 06:58:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yUncfgdCHJaufiQ8isQ%2FU4iBEZdTrsAtnCJpvasBSeHbypqOMSEqe3%2FioQJMLmVF7T1C42mLzH%2FxRLHVD1tN4RnH8Gp0O6PCOi5oEu5Zbf8pzKp1tjcTlRDL3qt2Oqnhi5Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecbb756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ovxrcoarspd.jpg
104.21.235.63200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ovxrcoarspd.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c20f49b8aaed8e5659d775f588deca5c
4dd51ec60411afcbe481b5c9d725818ac2c0b4ea
f19c3381353de100c3caa1055550b6e79b7a83411fde7db660d288b9d94c9e56
GET /upload/vod/2022/09/ovxrcoarspd.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 12258
cf-bgj: h2pri
etag: "632ea2ca-2fe2"
last-modified: Sat, 24 Sep 2022 06:25:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2774
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDoa6kDAqwTBsnnH8OiyrjgFxVjH%2FyFAojmmBHb1wLs%2FCEgvNT8sVFYlwQw93D5AeNXBZCaxe6%2FDNRISV0sSNDWwmuCAkyF0AAmBrnNojMDBYnz%2B6LSvot8Lhyp6E1I%2BYjuv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332ecbe756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/uvv55abafyi.jpg
104.21.235.63200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/uvv55abafyi.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7054219743be9acdb1ded458e5aa9dfb
7541d35164ce324f47dd587084e042b4a775e334
f790f4c6d7837e56445b29779646bd2e49511628cdeed67a02741f0b0753c407
GET /upload/vod/2022/09/uvv55abafyi.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9738
cf-bgj: h2pri
etag: "632ea2cc-260a"
last-modified: Sat, 24 Sep 2022 06:25:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPmwGSbEu7u9Q4%2FM4ceLdt2XEqCE6pP2%2FbuL%2FfHjlSPICQ%2BfoiAH0H76f5NwEQYqRl8mMGVhEFUyUS047oNr%2B%2FwtzA7Eonn7G8up6ePJ6MLFjpYghw0WpGsEjAHsg%2FEUQXIa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332fcd2756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/w0oan5tstx5.jpg
104.21.235.63200 OK 4.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/w0oan5tstx5.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash af4afc7d1c884d3046a10318e0f678c7
5c1655c788f8ccb1d0bb47dba618f1fd93a80dd0
fef03f702d91059c3c9c474da63d624aa5ae478979018f550a8da28b9cc8cca7
GET /upload/vod/2022/09/w0oan5tstx5.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 4465
cf-bgj: h2pri
etag: "632ea365-1171"
last-modified: Sat, 24 Sep 2022 06:27:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fao%2B9%2FvO1uCGFXedbo9iCuYMhPcHOyK35YMnsAnW4Yxv19ptFsTZAdWfBdNFKwKs69koqfgzg3a3QXfrXK3IXWZ%2FfsHPEdhrCUYDVCcpLoVGsxZYvMD0iEU0B4n1r%2FGpIRLw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332cc89756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/0ru3g43ufdv.jpg
104.21.235.63200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/0ru3g43ufdv.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c6d0bc2c7159ff34271e3f233320a67f
c73a57737612b89358f8ca86a8a963876fedba00
05224232f56a35b8df41658f497835117c7f5ffb771f098b6d74e2f305f579db
GET /upload/vod/2022/09/0ru3g43ufdv.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 8239
cf-bgj: h2pri
etag: "632ea2d0-202f"
last-modified: Sat, 24 Sep 2022 06:25:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1drIV8y4GP%2BXw2OvguKfsz8j5mcdDAuMWXd0TSywd9ntFP3z7cuZQfrIJ5rQoj1G9nlwvy29wZxnxurQkYlCqTXDiUhF%2FgA4egRxZqahGPXFepsTQTc%2F%2BwH%2BCQAd8w0%2FoU6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053332fcec756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/idqti0bsmzm.jpg
104.21.235.63200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/idqti0bsmzm.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5f6e37ef687974e7b5bab8979cacf119
45dab54877b5d01427b9193d19298c6dfb343125
a58c6ad50864de1229670e032386c8f779ddf9134c1305a3e2adaeaf4fa33b9b
GET /upload/vod/2022/09/idqti0bsmzm.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 10131
cf-bgj: h2pri
etag: "632ea2e0-2793"
last-modified: Sat, 24 Sep 2022 06:25:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mR98%2FegK%2BsMgd%2FxR91W3SX35XEkAdfQVmBIIJqyFf9KNI3yhHydOyEH9XlkmjhtgU9BjrhNbNTAVa6hJ%2B3OWk3hWen4j0IiCpC7a1ZN2VxLI8ndL4bdwp3uAnaCiTpNtVSn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533331d53756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/lbfqntwablu.jpg
104.21.235.63200 OK 7.5 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/lbfqntwablu.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash bd2aa2687362acbc464ca96332539203
7de85b04c2c00a8eff5acd890d6563df212105a2
cb7bc7e71263bda9f52f0ace4e472daa438ec9ccc046f0bafc876fa3d857afcb
GET /upload/vod/2022/09/lbfqntwablu.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 7508
cf-bgj: h2pri
etag: "632ea338-1d54"
last-modified: Sat, 24 Sep 2022 06:27:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6848
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KF4Pe%2F%2F8OeFjRpKe8psmdriZdTrOKgV%2B6XcyV%2BvFzYO1X2M0ru6IcjqcShK2GnF73o9UC3JQ1bZPRYmteA%2BVG2IJxpebf6%2B1qCy0qx25Ml7jSUf3yBblI1l%2BpdBhXcj8YQSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533332d65756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/jrgg5suakhl.jpg
104.21.235.63200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/jrgg5suakhl.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 14b6e6c6fa7a4787151604aace92fc8e
4da7fe48ca2db81e7c04ffd6cc013f4e9c9fed22
3a0a0ed74979aa93a0544f1ab28ae181b9afe1a37f0309339751b459732fa5fb
GET /upload/vod/2022/09/jrgg5suakhl.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 10552
cf-bgj: h2pri
etag: "632ea2e1-2938"
last-modified: Sat, 24 Sep 2022 06:25:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6290
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=civ970%2FhVJhPuNd96RjSqw68al4jfhg6CTq3ogRDGqo00gNTu7w8SKhUz%2FaGW98PLFRfW9By4p0muClgLXOk3udme8XUbpqgXiHcMLqfacs3b0q0SkIFvL7hnCQMICJDQK8e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533332d58756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/wsarway3mt2.jpg
104.21.235.63200 OK 6.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/wsarway3mt2.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash be019510e4db9e8a478420465950f447
64a6ccde8c9c3f5429c36e605cca9a98466abc25
52b3fe335ffacadc371a366d03175d7539b86a25af527720dd4bf07020b71c1f
GET /upload/vod/2022/09/wsarway3mt2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 6279
cf-bgj: h2pri
etag: "632ea2e2-1887"
last-modified: Sat, 24 Sep 2022 06:25:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8OYCLrD073nk%2FUZ0I154xVCKlxzJ3BTrx321PBDsOL9360w%2BeSkKl7VmT4dVIrQ3oo7kJSRj1p4UjwXKxikkTzexJ58qeMZKhRBWOItkoeQKdojK1GU7qgRdVXO1PsGQvna"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533332d63756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4smxe3vq1fx.jpg
104.21.235.63200 OK 7.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4smxe3vq1fx.jpg
IP 104.21.235.63:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1e6a40972d0297e55d61431934a37c29
5c6b6d90afac0285a5968d082af21cda5e24b3a2
df7c7f129af21c9d171e2ee82d2313b88fdd76c0de189d293a02be404051c980
GET /upload/vod/2022/09/4smxe3vq1fx.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 7102
cf-bgj: h2pri
etag: "632ea2df-1bbe"
last-modified: Sat, 24 Sep 2022 06:25:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YP8GggtJ3%2BRBsOWDk7Enkdh0VTy4bALs2OoHXMogIIaPEsaQSOYQfzpVFqh1HkgI1Nrl96oidHVFyxkNQn%2FkcJC%2B94Ko%2BG4ZaAoV%2B0me7sHVefKDr0pcIhPofLWkswLZL4Jv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533331d4e756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/iaivjdjetui.jpg
104.21.235.63200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/iaivjdjetui.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c6a21632a9a9eb4299412c46ec6b0230
db91e8935dd57d0f0242c28f4c3dbf59816a1a61
89c782b68cd0b7582b88f91abd791e63312254260e846090feceeabff0ab3c54
GET /upload/vod/2022/09/iaivjdjetui.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 7607
cf-bgj: h2pri
etag: "632ea345-1db7"
last-modified: Sat, 24 Sep 2022 06:27:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQ17TuYpseM5AVMRlkcTcVHDBmuYTlkQIYKl60nD6lE4J9bDVEFXcoS9CoozjusueOmLSeikppy4gmtoHMfk7pobE6N6vrqlAFgdoKtTopwlHbn9oV7LOJYUSkXGtDJcPzUg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533333d78756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ev1uozkgtyb.jpg
104.21.235.63200 OK 9.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ev1uozkgtyb.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 180050e5ff43f0ffb950a396a4e88732
835610426bbd4579ca8fb57565c37690612bb02a
2687865dbece7b304b703ef3f258e23f5b03cb988d166eb5005c4d886936614c
GET /upload/vod/2022/09/ev1uozkgtyb.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9375
cf-bgj: h2pri
etag: "632ea35b-249f"
last-modified: Sat, 24 Sep 2022 06:27:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2j5xjCUopXkdsYcXhuVG4Ez6amMyzNyTTe5vak7pzHcxRiPDR4Zu39mnj5e4Gr3imTcC%2BznQwFPDrxOM00fa1Ntn1%2FyesXMKSYGxDnNLWipnQxHaNJXs55wNXY6O03Km0hk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533334d8c756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/3bii2oo1utz.jpg
104.21.235.63200 OK 9.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/3bii2oo1utz.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 33f0cc64f85dc88875165996e8e17d7c
26663d69fdf4c7e34463960d785e54a9def5e010
c1fe23559290673227f8fda17a6cb0f2b060abc1dfff15baee2b4a8215c9edcf
GET /upload/vod/2022/09/3bii2oo1utz.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 9311
cf-bgj: h2pri
etag: "632ea336-245f"
last-modified: Sat, 24 Sep 2022 06:27:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5067
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PnULdcvsy%2BZ1dq4KPupvZ1OZvEc%2Fy23%2F9rfiQKANgKkviDk%2BwCMqXuitIVKwxW%2Fd8KnMTxoZLwhhtyP44Z%2Bx2Msfy0qeTl32pgb3GcMZis8Quzj5W4IKHNvAOV0%2B1Ij74XO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533334d8d756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/q3ywvvs4110.jpg
104.21.235.63200 OK 7.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/q3ywvvs4110.jpg
IP 104.21.235.63:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7151f1059c3e191ac92df1cbe6e01a07
1d9c5e48299612daeb6084ba3dcd96a9762c2a42
110fa10cabd010b735f9b91f1a20e06c85d431f9d145e9944771b361005934e1
GET /upload/vod/2022/09/q3ywvvs4110.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/jpeg
content-length: 7570
cf-bgj: h2pri
etag: "632ea339-1d92"
last-modified: Sat, 24 Sep 2022 06:27:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6848
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjq8q6RfjBVkFkf7aBdVBltqyk0LjWMkuZlYp%2BhV%2BHqh%2FPDFe42QPvyoPtNjXZG0p%2BC%2FILFC7BYT5EKUsljjaHPlSUInzk4w29bUmPBVVg%2BjYB4Id3vKdq6ZpYXO5x33ee81"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533333d74756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
172.67.149.70200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 172.67.149.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 14 Oct 2022 16:46:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 950049
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBt6xz6148FGFdTuV4FvCk6LufFeY9meI0fOvwOjt8E%2BRHmAR8FatDOgaw4Dr5Vn9WlBGLwWXoGb%2FnJKWxnAUwr%2F26OFobkRadBtl4gX89YCC3jmfY85CE1FzDly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053333be9ab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
niumo65.xyz/images/ggzz/dbhf.gif
104.233.145.172200 OK 137 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/dbhf.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 137 kB (137392 bytes)
Hash a112d6f3413ecd31e05d8176fe9d3f6d
0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
GET /images/ggzz/dbhf.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/gif
Content-Length: 137392
Last-Modified: Sun, 29 May 2022 19:06:59 GMT
Connection: keep-alive
ETag: "6293c453-218b0"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:09 GMT
content-type: text/html
content-length: 162
location: https://acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.145.172200 OK 111 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 110624
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-1b020"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo65.xyz/images/4dfsdadsd5ghrt5.gif
104.233.145.172200 OK 411 kB URL HTTP/1.1 niumo65.xyz/images/4dfsdadsd5ghrt5.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 310 x 150\012- data
Size 411 kB (411269 bytes)
Hash e677fef93938e45f94dbdac40dcbe2ee
661f58d604341a3aaeacdb061e105cf88c5a4219
0f3ee208963c41dc1f36259f395e793a7e328aa7ab7a4a924df4d88323284047
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/gif
Content-Length: 411269
Last-Modified: Wed, 03 Nov 2021 10:48:26 GMT
Connection: keep-alive
ETag: "618268fa-64685"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.145.172200 OK 43 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 43144
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-a888"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 16:42:36 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Tue, 25 Oct 2022 16:42:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bec25acbc609b12e1952b131959f9d4f
d373d1374b85747036294975ffab79cb0fb792f2
e4ebf92a5c604ed879930bde96809c0fd4b8c6fbaa0df5a8e440e384206e421b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E4EBF92A5C604ED879930BDE96809C0FD4B8C6FBAA0DF5A8E440E384206E421B"
Last-Modified: Fri, 23 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2528
Expires: Sun, 25 Sep 2022 17:22:17 GMT
Date: Sun, 25 Sep 2022 16:40:09 GMT
Connection: keep-alive
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.145.172200 OK 49 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 48771
Last-Modified: Sun, 29 May 2022 19:29:16 GMT
Connection: keep-alive
ETag: "6293c98c-be83"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 16:42:36 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Tue, 25 Oct 2022 16:42:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 25 Sep 2022 16:40:09 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.145.172200 OK 35 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 34559
Last-Modified: Sun, 29 May 2022 19:29:15 GMT
Connection: keep-alive
ETag: "6293c98b-86ff"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.145.172200 OK 410 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 410363
Last-Modified: Sun, 29 May 2022 19:29:14 GMT
Connection: keep-alive
ETag: "6293c98a-642fb"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1052
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Last-Modified: Sun, 25 Sep 2022 16:22:38 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3772
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Last-Modified: Sun, 25 Sep 2022 15:37:20 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3772
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Last-Modified: Sun, 25 Sep 2022 15:37:20 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d692d7a986447e8ecaf3763e68f446c4
ee5ee62c04f5ab801ed594ebf67ca270bc7facde
b7d3d2518f89c9de923283692640f2ff6c8c52f2950bf35d19261388fc145610
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7D3D2518F89C9DE923283692640F2FF6C8C52F2950BF35D19261388FC145610"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8968
Expires: Sun, 25 Sep 2022 19:09:38 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d692d7a986447e8ecaf3763e68f446c4
ee5ee62c04f5ab801ed594ebf67ca270bc7facde
b7d3d2518f89c9de923283692640f2ff6c8c52f2950bf35d19261388fc145610
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7D3D2518F89C9DE923283692640F2FF6C8C52F2950BF35D19261388FC145610"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8902
Expires: Sun, 25 Sep 2022 19:08:32 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6312
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Last-Modified: Sun, 25 Sep 2022 14:54:58 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 278
fmlb.netlbtu.com/upload/vod/2022/09-24/14/cf2wt5i0h4e1400cf2wt5i0h4e52999.jpg
172.64.141.29200 OK 7.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/cf2wt5i0h4e1400cf2wt5i0h4e52999.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 72c52f52e64cbcc5fc91eb5bb06b22e1
de0b285019eb7dae79bb48eba8fb69614d55d283
28bbf5adc51804d2b671b31ddd5d4fb2cf112a6881bf6600e9d38c7da4b42b1f
GET /upload/vod/2022/09-24/14/cf2wt5i0h4e1400cf2wt5i0h4e52999.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 6989
cf-bgj: h2pri
etag: "596bf00dbcfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDVU0oic11hm5ws0PKKLdooXc8jQWG%2F4BHLhYPH26D2ZEbROXthnjooorgW%2BfWbBAEjtozdXjkBO4ak%2BJLGSjwlNktZHmFcQ%2F40OReaSA8uju7PkHO4NLNuNaLlKurGAjxzh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337dd4e06ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/sneupzgvsu11400sneupzgvsu149991.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/sneupzgvsu11400sneupzgvsu149991.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4032b080852989ffe0cbffd5bbc02a7c
9ad62d2f635360b7d58ee9c3d10c78cffd7a421d
e9ff4139e5e45fadeabeee3fc32d604da34a9c057454f51790c53b89f06e12f4
GET /upload/vod/2022/09-24/14/sneupzgvsu11400sneupzgvsu149991.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 10696
cf-bgj: h2pri
etag: "bb54cefedacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDKh46r8aW80Xk196MC5yENtFux1m1%2BaU99APnBuFDSL8OI4qGzx45UfzV2vPNCO5KTAK6CeCesxoXTfIpB6CQ9OHcItv0Yb3KQfdkSkcy%2BYShBNcjziABw4c0i3gA%2FFbZ8A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337dd5106ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/iww251agdi01400iww251agdi051997.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/iww251agdi01400iww251agdi051997.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 01aad12e9958a7c8275aa87ec665730d
90aa33f06a7be26a5551b938ca84235c279b8791
e12cda92778939ae0078161c9eff9c16ea2d3ba52b9a616080b4d783596df837
GET /upload/vod/2022/09-24/14/iww251agdi01400iww251agdi051997.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 9957
cf-bgj: h2pri
etag: "ab84680dbcfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWi%2BoxWJyfQ%2BOsZ7ne8FI93DmTf72ubaYjTIYDc62lx2Ine57WnjJ06qa%2BWapHMLeS3tilZzh%2FGhcTG3iWs2%2FXvVBMwvJ82zq2iC1gz4u6Nn0RSxNDnFVKXQRMergfGW70pM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337cd4106ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e13338bdf3a2875df88a14a97d8f713b
81cb2037cbbef5c93f58531c64ab3d73ce2dc7aa
f4261801c4bf57c1f85d0a039fa7c00f4e071f38ff9f93a0aefb6239134f3216
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4261801C4BF57C1F85D0A039FA7C00F4E071F38FF9F93A0AEFB6239134F3216"
Last-Modified: Fri, 23 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Sun, 25 Sep 2022 18:36:10 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.145.172200 OK 60 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 59550
Last-Modified: Sun, 29 May 2022 19:29:15 GMT
Connection: keep-alive
ETag: "6293c98b-e89e"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.145.172200 OK 1.3 MB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:11 GMT
Content-Type: image/gif
Content-Length: 1270430
Last-Modified: Sun, 29 May 2022 19:29:12 GMT
Connection: keep-alive
ETag: "6293c988-13629e"
Expires: Wed, 26 Oct 2022 00:49:11 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
104.110.17.24200 OK 446 kB URL HTTP/2 dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 446 kB (445879 bytes)
Hash dfbf81fb5d0c62a4890d1362f950c5d7
725b5307b3976bd29822d38f3a22d119086498da
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
GET /images/03964120009z0w8i44344.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 445879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14994819
expires: Sat, 18 Mar 2023 05:53:49 GMT
date: Sun, 25 Sep 2022 16:40:10 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/jizji5wvwey1400jizji5wvwey46985.jpg
172.64.141.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/jizji5wvwey1400jizji5wvwey46985.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash da26e41254d92a51d87588fc2d4a1546
3a3429cea5818dc08a167cc639685536f12712ef
a90c3eb318aab0f2a26f75df519756d049b2812f253d6a1450858128e58465db
GET /upload/vod/2022/09-24/14/jizji5wvwey1400jizji5wvwey46985.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 7319
cf-bgj: h2pri
etag: "8ddb31fddacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOunaim0jv%2F57A0CtXOHwd00Ruj%2BRRsHqc7lyoOBNyRInekYwQhr62vif7AzcrPmffsROxBjXc0AwNUIc%2BtaqO0w2CLRV56anQ7Eha0f%2Bgn6Bg7iojIi6NB5rsIMFdR1xIvf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337cd4606ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b228f4c1f3b4968b5affd67d9cfd01
6865155b2989140410c659e2d1f70a618a09f089
11d6d6b0bf568355ca7c19707205d25b47cda195008f9108bb51ff9cdbcf1d5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11D6D6B0BF568355CA7C19707205D25B47CDA195008F9108BB51FF9CDBCF1D5E"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12469
Expires: Sun, 25 Sep 2022 20:07:59 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101912000a01jf8t5395.gif?proc=autoorient
104.110.17.24200 OK 423 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101912000a01jf8t5395.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 80\012- data
Size 423 kB (422693 bytes)
Hash e8f8e2de259788e7c2ec5639aab6931e
8a76516927e65b68cd0b67d8fe95cb32c956c096
68d48415ac54b93ba3420a0f034da04d68a3a48ccdad27abcd5aa60d3a67775f
GET /images/0101912000a01jf8t5395.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 422693
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15542887
expires: Fri, 24 Mar 2023 14:08:17 GMT
date: Sun, 25 Sep 2022 16:40:10 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
172.67.149.70200 OK 383 kB URL HTTP/2 kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 172.67.149.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 383 kB (383218 bytes)
Hash 4c8d1145a8990f5db374bf490eaaedf3
20a774fba3e70db44f9b247c9cbc36717d1bcb54
a692017bfeefe2bb565d2148c962984df0022cf636e6bebce0d9bfff5dae26aa
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 383218
last-modified: Fri, 16 Sep 2022 11:54:31 GMT
etag: "632463f7-5d8f2"
expires: Sun, 16 Oct 2022 13:15:17 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 789893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiY9Cq6gDBjhOTSgkbz%2FOV%2Fcy%2FdPaf1GLEshH2aYfc9gkpjaEm%2FmgDwnWpfAIbixCetWiOc3UMOhKgLo5n0uBerpc%2FTxpE%2FOs5E3sP7o2u3Bx2qe%2FWJOgGk4pyvF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533388e31b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e13338bdf3a2875df88a14a97d8f713b
81cb2037cbbef5c93f58531c64ab3d73ce2dc7aa
f4261801c4bf57c1f85d0a039fa7c00f4e071f38ff9f93a0aefb6239134f3216
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4261801C4BF57C1F85D0A039FA7C00F4E071F38FF9F93A0AEFB6239134F3216"
Last-Modified: Fri, 23 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6824
Expires: Sun, 25 Sep 2022 18:33:54 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Server: ECS (amb/6BAB)
Content-Length: 279
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
172.67.149.70200 OK 845 kB URL HTTP/2 kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 172.67.149.70:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 845 kB (845033 bytes)
Hash 2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Fri, 21 Oct 2022 14:13:09 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 354421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=564Gyi%2BnGA9B9SchHyWermdna%2FL6GcrUH855Gg95Il53YmoH%2FB476776BhpnACzRpcR2vkOF%2BZ7NzYKbQoKw84shkk5ZAvofjr4c4RNDB%2F8itUbLuSL%2FcJMBhkB%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053338be7eb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/56cc11988c765affc4cee39616e412ce.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/56cc11988c765affc4cee39616e412ce.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /56cc11988c765affc4cee39616e412ce.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/jzsyin0rnbb1400jzsyin0rnbb50993.jpg
172.64.141.29200 OK 7.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/jzsyin0rnbb1400jzsyin0rnbb50993.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4b0ca26c5eae90f7a8b6bf3f999c025b
4281ee24a973d7d7bd8c7633a93b07de6b2b1a96
b4bd7d746bf4a91f3fd692a83133f80e5bc13c3415084a31753d87b5a645fb2d
GET /upload/vod/2022/09-24/14/jzsyin0rnbb1400jzsyin0rnbb50993.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 7614
cf-bgj: h2pri
etag: "93d953ffdacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:50 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkElRqUCltU%2BxlGzgWn3mpxNmiWrnv%2BcjcnuBmIHkpcvX4%2Bv5LPEoNHStlzhwPvy6JLUr9qArrA%2BWC5xkVjnxgMaeTlFVRr%2FK%2B53a5My5lWE%2BCL6TG8qWQNNsNkTYei8Ce%2Fj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337dd5506ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.145.172200 OK 315 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 315353
Last-Modified: Sun, 29 May 2022 19:29:13 GMT
Connection: keep-alive
ETag: "6293c989-4cfd9"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-24/14/zqrdghlcgv01400zqrdghlcgv048989.jpg
172.64.141.29200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/zqrdghlcgv01400zqrdghlcgv048989.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 06de413fd5a02ac7d90027db35639e32
b43e8a8f3017ff6d7f91bd83d1bc8d6a91c03fff
bb43c3a49fd07970821a062cd5e138c95c0b7967efa02e481d2d25763ead71c4
GET /upload/vod/2022/09-24/14/zqrdghlcgv01400zqrdghlcgv048989.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 9716
cf-bgj: h2pri
etag: "7e6d46fedacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:48 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CGJ%2B2cxt5RZaf6fErVP8HqAdkeuyZIxGucCzAX%2F9e%2BSXs%2B70v%2Fwz%2FKG%2FXtdOQBwo5BAbcw0kqkNGhPDdYDAn2H21eUVU0p4vyVd%2F%2Fk0a1maeV1VmhkgjkoAwHqtV9JqHr3e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533380db106ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 7fc43ed7cc7db00b682fb986e13aad32
68d21ccbbdb973191c0d4e3272973d56c458203d
049ae31d754990ba58145a27e04a7459f12847bc61f78ee8183d7afd663e456e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 12:51:58 GMT
ETag: "68d21ccbbdb973191c0d4e3272973d56c458203d"
Last-Modified: Sun, 25 Sep 2022 12:51:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2845
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750533398f01b515-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash f21b0d204343d818d6b7150e59377189
8cabd73be7dd7705e05fa840c80610aa9f77b9d7
ebcf89cf580241c6a7c78d65443009bb7364f51a1c3c68adf759ef2ae6a3a2e8
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:07:33 GMT
ETag: "8cabd73be7dd7705e05fa840c80610aa9f77b9d7"
Last-Modified: Sun, 25 Sep 2022 13:07:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 421
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75053339890cb4eb-OSL
kvhnn.com/bdb76ee62e2d3b0527928af1d081b9c5.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/bdb76ee62e2d3b0527928af1d081b9c5.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bdb76ee62e2d3b0527928af1d081b9c5.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f0ff405077684a5ec36d478300e3c70b
d2ef306fd7bc60f128e10bfe37e7ccf3796ee98d
ec76366ed9d4e79d61565c8470abec8d439dbce241fb5a1353c139ae1fbeb580
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=55
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-24/14/yakggxkd2st1400yakggxkd2st47987.jpg
172.64.141.29200 OK 7.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/yakggxkd2st1400yakggxkd2st47987.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 65930452738877280da83661b5040595
9b3b9ed44242d2929278c7013305850b4baadc1a
cd6877bad373d97f8ad02be9bac9c2d9f90d21e432818d0eb95d3402724bbb9a
GET /upload/vod/2022/09-24/14/yakggxkd2st1400yakggxkd2st47987.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 7438
cf-bgj: h2pri
etag: "1cc2b9fddacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6EtgcavB9ZRpGs1I20gTiIii9LINMCUu%2ByGyKK6NARZ6Kr2RBTTH8ZC0O6CIQMkZsEL318OrQtClP2PFwDzXC1B8ksBEVv8cD47kO6Bj2KcSz7Y6mk798Ok1KlM%2BcDVKWjD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337cd4a06ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-24/14/drinxkhqtiq1400drinxkhqtiq50995.jpg
172.64.141.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/drinxkhqtiq1400drinxkhqtiq50995.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1daf2bf695607f41f1de0406aaf512d5
3833c24c97be24b421c88220d2fd79773e103cea
797c7510a816ffadedeacdf0f90bc6a61a0787c2b51768c89497e9644638ee9d
GET /upload/vod/2022/09-24/14/drinxkhqtiq1400drinxkhqtiq50995.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 8788
cf-bgj: h2pri
etag: "399fe0ffdacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4188
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz%2B65KxLmC0%2BMN1O3xCg5hiKEio2wFNgqZ%2BW24ZnJJxx1mbquKWu9bXNz9iPkGKvlNTJa%2BamS4skvhAffs5x3SJOSeuk7tAKZivLZ%2By6bkA%2FbiH%2FIYf6EC4U7Iyt%2F0jmoi5i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053339988706ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 68cc7cb36e485a42f8e73039a1e740b5
0fdce649e50f6889839f4043b812368de86ec3aa
b512c9ce3bd4d9c8feb631338f2295307c903bba7d8e14fa86b8ff9530cc2a70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:45:16 GMT
Expires: Sun, 02 Oct 2022 03:45:15 GMT
Etag: "0fdce649e50f6889839f4043b812368de86ec3aa"
Cache-Control: max-age=557704,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750533398ceeb4f4-OSL
fmlb.netlbtu.com/upload/vod/2022/09-24/14/ermdgvrlpes1400ermdgvrlpes45983.jpg
172.64.141.29200 OK 6.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-24/14/ermdgvrlpes1400ermdgvrlpes45983.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6f53892646473abd7b01548f5572bfb9
6e971a9c1521512afc126efda9cbb88fe026d2a0
3ec09740c47289def038dab807383d0b594934f6b05f2d4757b951cf0396a83c
GET /upload/vod/2022/09-24/14/ermdgvrlpes1400ermdgvrlpes45983.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpeg
content-length: 6298
cf-bgj: h2pri
etag: "7cf4a9fcdacfd81:0"
last-modified: Sat, 24 Sep 2022 06:00:45 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5VTbZYmi3KfFLcilMMbRA7tVWHlIRW9WYww6fV0d2PfD5k%2FTrRdmKEHqxqFuBTJPariPZmlQfVWZt6xggCqqGg6a%2FEmuNFRgC3NkMiOY3Ty%2BJwMhyrdqFkj27WN%2B03jwBbl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053337cd4506ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.2.157200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.2.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 9566242
expires: Thu, 30 Mar 2023 16:40:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053339df7f0b65-OSL
X-Firefox-Spdy: h2
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
104.21.234.40200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Sun, 23 Oct 2022 19:34:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 162312
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLWnLZHlf%2FJSfS6g1MSjB2PSnT%2FBmRO%2BSUgjlot95Xv6pPxpIm4fKd%2BMi6bypx8oeuRbO8ntznopL2zICxcBNPKFtGGZmDxndZgVC8RTkB22r0Vr%2FPczc8HAaL%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333a0af2e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash ed3b9612b18f711f60d5f32fe0f959b1
bc6007986729c0b1d287f64bf44f55454b1f46fc
e2cca8d2b9339059a3c732857cad08337472532cc752434b3f64d7377a048b3a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:43:07 GMT
ETag: "bc6007986729c0b1d287f64bf44f55454b1f46fc"
Last-Modified: Sun, 25 Sep 2022 13:43:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750533399928b4eb-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash ed3b9612b18f711f60d5f32fe0f959b1
bc6007986729c0b1d287f64bf44f55454b1f46fc
e2cca8d2b9339059a3c732857cad08337472532cc752434b3f64d7377a048b3a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:43:07 GMT
ETag: "bc6007986729c0b1d287f64bf44f55454b1f46fc"
Last-Modified: Sun, 25 Sep 2022 13:43:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750533399f0fb515-OSL
niumo65.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.145.172200 OK 126 kB URL HTTP/1.1 niumo65.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:13 GMT
Content-Type: image/gif
Content-Length: 125587
Last-Modified: Wed, 03 Nov 2021 10:48:26 GMT
Connection: keep-alive
ETag: "618268fa-1ea93"
Expires: Wed, 26 Oct 2022 00:49:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash ed3b9612b18f711f60d5f32fe0f959b1
bc6007986729c0b1d287f64bf44f55454b1f46fc
e2cca8d2b9339059a3c732857cad08337472532cc752434b3f64d7377a048b3a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:43:07 GMT
ETag: "bc6007986729c0b1d287f64bf44f55454b1f46fc"
Last-Modified: Sun, 25 Sep 2022 13:43:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75053339bd06b51e-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a92a476cad8d96314577700de907968
59ea3fd7d66788d83ba445e045b92ef332d5d92b
dcdd39e1b72badfd056ab791a81c60973c4ec25678445fdf789a8c4bf9d3f0a6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCDD39E1B72BADFD056AB791A81C60973C4EC25678445FDF789A8C4BF9D3F0A6"
Last-Modified: Fri, 23 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19406
Expires: Sun, 25 Sep 2022 22:03:36 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
104.21.234.40200 OK 1.1 MB URL HTTP/2 nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 1070 x 80\012- data
Size 1.1 MB (1058705 bytes)
Hash 1c8ef0df174c2b2bc21b99e5833a86f5
be5a4efc232a53d5a3a7a49d9e8be6c318801a90
8ef47b086718806f2632e8dd77ea1727a5159627e7dcd318d104b41b887f7795
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 1058705
last-modified: Tue, 12 Apr 2022 07:23:53 GMT
etag: "62552909-102791"
expires: Tue, 25 Oct 2022 02:52:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 49657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C62a5PrVxy01BGBVrKhlL8G7MTIF9toOSuSYyIW20rjAMuu1jC0xenVovh5kOIjF3OJPUUZv27peDe5eC9qyjLzLYS4ldSDyAGZMcc7skk5ImJP8fPJOJ7XvMiAu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053339fadee66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.145.172200 OK 551 kB URL HTTP/1.1 niumo65.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:12 GMT
Content-Type: image/gif
Content-Length: 551040
Last-Modified: Sun, 29 May 2022 19:29:13 GMT
Connection: keep-alive
ETag: "6293c989-86880"
Expires: Wed, 26 Oct 2022 00:49:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1052
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Last-Modified: Sun, 25 Sep 2022 16:22:38 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash ed3b9612b18f711f60d5f32fe0f959b1
bc6007986729c0b1d287f64bf44f55454b1f46fc
e2cca8d2b9339059a3c732857cad08337472532cc752434b3f64d7377a048b3a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:43:07 GMT
ETag: "bc6007986729c0b1d287f64bf44f55454b1f46fc"
Last-Modified: Sun, 25 Sep 2022 13:43:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505333a0d1cb4f3-OSL
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.40200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Sun, 23 Oct 2022 20:44:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 158146
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPa7hLlaC2A0S7gkuv6h6V8oK8wn7Vpn6sOSbfSdOfk5WOLEWp6W0Be32Evj3JEHOYq%2B%2FowuG8gaIf2jwbpWMK5PVh5FBSN%2Fe0a1jUbKZ3sm0%2BTGscuKtVImWFqv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333a0ae9e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash ed3b9612b18f711f60d5f32fe0f959b1
bc6007986729c0b1d287f64bf44f55454b1f46fc
e2cca8d2b9339059a3c732857cad08337472532cc752434b3f64d7377a048b3a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:43:07 GMT
ETag: "bc6007986729c0b1d287f64bf44f55454b1f46fc"
Last-Modified: Sun, 25 Sep 2022 13:43:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505333a0d7c0b49-OSL
collect-v6.51.la/v6/collect?dt=4
139.9.63.194403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 352
Origin: http://niumo65.xyz
Connection: keep-alive
Referer: http://niumo65.xyz/
HTTP/1.1 403
Server: nginx
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://niumo65.xyz
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13941
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13888
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:40:10 GMT
Connection: keep-alive
kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.33.12200 OK 919 kB URL HTTP/2 kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.33.12:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvhooo.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Mon, 24 Oct 2022 22:39:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 64851
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uI0VulMR4aSnbMnzfzaUwYwYq57DBu1TLJEAc7WrjgVxrZHynF4YeCDZAchO8sBL%2FMGN2MUFmMMviM0Ii6msT6ZFOLNqoGjzjo4kwAOKDO6Qq9BULgr%2BSWReAaFB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333baa19b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 000e6c4f7f7f67dd58c9d69ccf1fd1ab
bd0e152927e5874f6fbe643b3ff3917a20edcddb
7ffd2d237f9db05af62a13c94543d3f5057a7fbae6f1dd577ca2595ee9b6a11c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 02:47:48 GMT
Expires: Sun, 02 Oct 2022 02:47:47 GMT
Etag: "bd0e152927e5874f6fbe643b3ff3917a20edcddb"
Cache-Control: max-age=554256,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505333bb832b4f4-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6m2265h0hSgCTluIqgbC-hSZiiyeqMR0qEwnYgXfjfxNa99trVEgA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 18:05:57 GMT
age: 81253
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 68571
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 30217
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 68584
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 34255
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 67732
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.213.234200 OK 400 kB URL HTTP/2 acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.213.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossn.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Tue, 18 Oct 2022 08:57:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 632564
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF7q3g9s7BJ%2BNX8i2NgHN4cpsi3oMopmDj8bJ7UQ4%2Bx4BSX26rF6Vd0%2F0uBppmBHOYb6QNrRf0YruxK24JW%2FfU2jf%2BTEXEartygZKSQnNGqqtWK0n3TYF3E4x6MaMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333c5b811bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dc88bd520f9ca8d250adcbda5a03e4bb
bcb37558c61c370bd6dee1e4cd8c342ad648b5bf
ddf67c392b9a630d9ca237a83016f61bbf16f98ec6e11b8cd26692535e655ae0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 06:43:01 GMT
Expires: Sat, 01 Oct 2022 06:43:00 GMT
Etag: "bcb37558c61c370bd6dee1e4cd8c342ad648b5bf"
Cache-Control: max-age=481969,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505333c28d7b4f4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3312cbb0eb4d7c0e477f60d1421ba598
3bc4dbe256ef55c58d64e31219a845a2ccb3b482
56aefbd646c4b1e2d4abec7e64d8900a455711266f1f6d453d7fffb0ffdf0319
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Etag: "632f5dcb-118"
Server: ECS (amb/6B9B)
Content-Length: 280
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.173.230200 OK 196 kB URL HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.173.230:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 14:11:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2168943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqIaP7oP6hVlpJ5U8E7yJpA%2FSH0IqzepbcQYusOz1OQuuvDflnp6TdjZLvF8KfIcMOqpbm6o3if9%2B4bSPH87VZNyR40FWrrKXifm%2BCW4NodFPJGdfw66czqM1Te%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333c5b830b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash 2b52d6f3418410e14c8d5f80ed991849
433fe266711e84fb471b57d8ed666d73a7de2e71
681a096b4890de0f6beaf23e2e5a617fc1ba50699a65bbb71362a3d571b0cc4b
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
172.67.173.230200 OK 186 kB URL HTTP/2 kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 172.67.173.230:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Wed, 12 Oct 2022 15:04:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1128920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFyWwisau1iznJltX%2Bucwt65yKWsio%2BoOfsvq8InQXAQaNl68SYBDWRsLlLKSBOql5zF1iK9nZ5jKSOWGCl4Tbn7HJsw9Le5zje7Zrjjdm46XxwGBX5wxhm7xN7C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333c5b800b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niumo65.xyz/images/st1dfgtr5thfhyg.gif
104.233.145.172200 OK 870 kB URL HTTP/1.1 niumo65.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:13 GMT
Content-Type: image/gif
Content-Length: 870065
Last-Modified: Wed, 03 Nov 2021 10:48:28 GMT
Connection: keep-alive
ETag: "618268fc-d46b1"
Expires: Wed, 26 Oct 2022 00:49:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
i.imgtg.com/2022/05/19/hTEgx.gif
219.159.84.135503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP 219.159.84.135:0
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash 804faebb439eaa1e190e3cbebdedae97
cf9c6b75495444128eeb167e645ffdf7cceaa649
ded474189ab66e7ad079ec91f818eac685859c38227eba70a361576757036894
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 16:40:10 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_16feb2566ade2224bb9c1555668b72f11664124010871; expires=Tue, 24-Sep-24 16:40:10 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: bb3b852c4ab5377e-142
content-length: 596
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1328
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Last-Modified: Sun, 25 Sep 2022 16:18:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash 2b52d6f3418410e14c8d5f80ed991849
433fe266711e84fb471b57d8ed666d73a7de2e71
681a096b4890de0f6beaf23e2e5a617fc1ba50699a65bbb71362a3d571b0cc4b
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1551bf96d4312c96063b432f25addc
03d34990f8a1d8cb50df48cdd496772dc45ceee6
504868d776e2b39947f2352a4c8f34b6bf581b96d2b5daf01183c995d14f9983
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "504868D776E2B39947F2352A4C8F34B6BF581B96D2B5DAF01183C995D14F9983"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16267
Expires: Sun, 25 Sep 2022 21:11:18 GMT
Date: Sun, 25 Sep 2022 16:40:11 GMT
Connection: keep-alive
kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
104.21.11.149200 OK 469 kB URL HTTP/2 kvtggg.top/56cc11988c765affc4cee39616e412ce.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 469 kB (469238 bytes)
Hash 77dc9f46896736ff82652d425e3d7c0c
a0456a2a8328e68ece702aa5f25429dc5d1d1a65
72df92f0ecdf69f4101ef47f405351d754fe3ad3ded507d368a15e606e6f25d6
GET /56cc11988c765affc4cee39616e412ce.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: image/gif
content-length: 469238
last-modified: Wed, 14 Sep 2022 07:32:35 GMT
etag: "63218393-728f6"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 955046
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbXFOYLleEdLwSV%2FBLtixyhhcV%2BmWTnDIR9T4wNBTrnyYKspBEBV3HTI1zUxPE7o%2BO%2B%2FHNrdN1ZRWfRZ9JPtZOKlGhZ161CRHC%2FBhPOK1SBKcayVu%2FRVAQjMDI7C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333d0b0eb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
104.21.11.149200 OK 214 kB URL HTTP/2 kvtggg.top/bdb76ee62e2d3b0527928af1d081b9c5.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 214 kB (213726 bytes)
Hash 81ccccc41d243817a1410c75dad08ce4
9b3915c9ca4f109febc0316fece6de5920daf5fa
82782b1bc275199a4dbf88991a53a8fb4ec9e15717e5a8f3bd8dd39245cb665c
GET /bdb76ee62e2d3b0527928af1d081b9c5.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: image/gif
content-length: 213726
last-modified: Sat, 24 Sep 2022 08:44:56 GMT
etag: "632ec388-342de"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 87241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoKZWef8iOvteKj8j1t3%2FUx%2FxNIUmGvL26T79mpj6BqXqzSmhn6KgD0EcbOALhYwuE%2BGjYjl0Jh6XU%2BO%2F9O2b4FnDahxqGWE56lCj9azMk2MRCURBGf%2FrmaVFqcT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333d3b4ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f7f0f215503a8fd10630ec625a6703c
7c936c0044e404f15733e1a7815d7485e9a6dabb
a0804827befec3e7eb6940cc987be3950195d2310de20b82cb835f19746964a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0804827BEFEC3E7EB6940CC987BE3950195D2310DE20B82CB835F19746964A9"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3383
Expires: Sun, 25 Sep 2022 17:36:34 GMT
Date: Sun, 25 Sep 2022 16:40:11 GMT
Connection: keep-alive
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
45.89.209.74200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Thu, 11 Aug 2022 12:14:09 GMT
Connection: keep-alive
ETag: "62f4f291-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a92a476cad8d96314577700de907968
59ea3fd7d66788d83ba445e045b92ef332d5d92b
dcdd39e1b72badfd056ab791a81c60973c4ec25678445fdf789a8c4bf9d3f0a6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCDD39E1B72BADFD056AB791A81C60973C4EC25678445FDF789A8C4BF9D3F0A6"
Last-Modified: Fri, 23 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19405
Expires: Sun, 25 Sep 2022 22:03:36 GMT
Date: Sun, 25 Sep 2022 16:40:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb9e12b8d32e17b87d9552a02b7f4059
71b3b92ca5d59af8926118ed02b2f20079261d22
5d97e1f54579a3d51934ba1dd5b9f539b0de4ef6b5597de92052bc5a24cf2836
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D97E1F54579A3D51934BA1DD5B9F539B0DE4EF6B5597DE92052BC5A24CF2836"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16269
Expires: Sun, 25 Sep 2022 21:11:20 GMT
Date: Sun, 25 Sep 2022 16:40:11 GMT
Connection: keep-alive
kvhccc.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.233.190200 OK 1.0 MB URL HTTP/2 kvhccc.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.233.190:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvhccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sun, 23 Oct 2022 18:32:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 166056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlySkaMFXImW136XYC1b0bObS8%2BnmIoh62NUGLqXZCfTdZGhjjHLAWZepQO0LvvK9kYMI1rqOPcEPw7yPJHvSIqf509FeUmLMhwhG8QTYPtChvRDfj8XzK0apl%2BE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333cfb9d76c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
IP 23.225.228.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6319d98e178bb5a0f9388071.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ad9c203d1c86b5f0a3efaf788fadd4af
15b14b06cc59f46b130c141625939e7a4ba40169
82bbee7042b0c5fdc40bbeafdaeba7b704e63f2ce5ca2fadd8477b9ea83a46ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Server: ECS (amb/6BBF)
Content-Length: 279
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5054bf464e89664550f47a7d43ea5ec7
ec66dc5f01bc681a5d2674184ec5c7746b7f43cd
4a5523839fc55a0d4071df535a86525d4a385c6d1172c28fde6dc950c85bc86e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:05:34 GMT
ETag: "ec66dc5f01bc681a5d2674184ec5c7746b7f43cd"
Last-Modified: Sun, 25 Sep 2022 13:05:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1251
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505333e782bfabc-OSL
kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.58.206200 OK 211 kB URL HTTP/2 kvhttt.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.58.206:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Wed, 05 Oct 2022 00:35:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1785865
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7XSoDH9H%2F%2BpTcHk5vCDEh76U7RBa3RX8j9s0hJc3VsYS9GQKUrZmqu0ytw0oAB6NMwUeg6BQCvoh8%2BCmLrdaBM94AVi9%2B8%2Ft6xgjhtCig3pZhdUUP%2Fu18CaVb0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7505333e9d4db521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5054bf464e89664550f47a7d43ea5ec7
ec66dc5f01bc681a5d2674184ec5c7746b7f43cd
4a5523839fc55a0d4071df535a86525d4a385c6d1172c28fde6dc950c85bc86e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:05:34 GMT
ETag: "ec66dc5f01bc681a5d2674184ec5c7746b7f43cd"
Last-Modified: Sun, 25 Sep 2022 13:05:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1251
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505333e9843fabc-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 118546aa5439a68b3b31b1299fd60ad9
327b6e6e5f544b21ae8e7c2dd98e654a9f5db357
dc355c6a3618612cf78cbeb4f11eaa0605345749bc9be57110295704c29fad7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4352
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Last-Modified: Sun, 25 Sep 2022 15:27:39 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 118546aa5439a68b3b31b1299fd60ad9
327b6e6e5f544b21ae8e7c2dd98e654a9f5db357
dc355c6a3618612cf78cbeb4f11eaa0605345749bc9be57110295704c29fad7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 337
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Last-Modified: Sun, 25 Sep 2022 16:34:34 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=555559,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505333eaa5e0afa-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
47.246.44.224200 OK 716 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 716 kB (716414 bytes)
Hash ba75613bba3b42a68c22abef0e8befee
4e6565415bc8cf1c377c152e75af5095c0ad50b3
9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
GET /obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 716414
date: Sat, 24 Sep 2022 04:33:40 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 24 Sep 2022 04:33:40 GMT
nw-session-id: 202209241233390101581631462D336B91ltrjt02dy
nw-session-trace: 2022-09-24T12:33:40.008558871+08:00 48
x-bdcdn-cache-status: TCP_MISS
x-length: 716414
x-powered-by: ImageX
x-response-date: Sat, 24 Sep 2022 12:33:40 GMT
x-tt-logid: 202209241233390101581631462D336B91
via: n150-056-026, cache12.l2de2[0,0,206-0,H], cache15.l2de2[0,0], cache15.l2de2[2,0], cache7.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01ae1fe144e68d0f0feb182d9c88d86f13533760f85cf656db329d8d2c634d9ee3c2278de54c43163db1ce54f9c8931828bcee7b80af2afa93a24b4bbc2e4aa87cc54c7c78646be430e7195eabf0dfd1f60bb2d4c3922a8fcee1209aa7fabdd90d
x-response-lb: image
ali-swift-global-savetime: 1663994020
age: 129991
x-cache: HIT TCP_HIT dirn:11:13777983 mlen:0
x-swift-savetime: Sat, 24 Sep 2022 19:34:48 GMT
x-swift-cachetime: 31481932
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816641240113051144e
X-Firefox-Spdy: h2
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
47.246.44.224200 OK 286 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 286 kB (286168 bytes)
Hash c69f681b06f2feb34e383846219c8209
3a27ca24bfdcde1a59c108ffad610f61251630c9
affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
GET /obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 286168
date: Fri, 09 Sep 2022 18:39:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 18:39:47 GMT
nw-session-id: 20220910023947010150138145440F3B18gs6pp01dy
nw-session-trace: 2022-09-10T02:39:47.424517736+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Sat, 10 Sep 2022 02:39:47 GMT
x-tt-logid: 20220910023947010150138145440F3B18
via: n131-120-203, cache25.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 011c4ee05a44b5589194278dc7965cf5ffac48e8a43070aae942e496324c66b68b83e02e78f6d43d345f71ab38ee7f9e4f3b58710132a9a3f256cddb696340dd4ddb7dd2051e2244eca02f6d385f590327debae40c05c780e76479741f7ca883ea
x-response-lb: image
ali-swift-global-savetime: 1662748791
age: 1375220
x-cache: HIT TCP_HIT dirn:11:446486805
x-swift-savetime: Fri, 09 Sep 2022 18:51:41 GMT
x-swift-cachetime: 31535290
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816641240113131151e
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
23.225.222.18302 Found 498 kB URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP 23.225.222.18:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XcsiDt_oaJc
IP 142.250.74.3:0
Hash 2b52d6f3418410e14c8d5f80ed991849
433fe266711e84fb471b57d8ed666d73a7de2e71
681a096b4890de0f6beaf23e2e5a617fc1ba50699a65bbb71362a3d571b0cc4b
POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3312cbb0eb4d7c0e477f60d1421ba598
3bc4dbe256ef55c58d64e31219a845a2ccb3b482
56aefbd646c4b1e2d4abec7e64d8900a455711266f1f6d453d7fffb0ffdf0319
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Server: ECS (amb/6BAB)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ad9c203d1c86b5f0a3efaf788fadd4af
15b14b06cc59f46b130c141625939e7a4ba40169
82bbee7042b0c5fdc40bbeafdaeba7b704e63f2ce5ca2fadd8477b9ea83a46ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Server: ECS (amb/6BA0)
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c10090d9cbd161294d59b698d34347e9
d646c86f23cc10e64bb7df3fa122ad20d3708130
c8b9a9de28f91826b465ebaa84890bc76514d70cf5a9168509bbb7fe265cb7f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=555559,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505333e7c29b4f4-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a74f5db4f9a48d502ecb08e1e0c0070
915515e17816be8b25242d6b733b79407c79a8ba
9c433ef1f6acc1df09b29331ec4f176a968e600ff3df81939000a47be545e731
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9C433EF1F6ACC1DF09B29331EC4F176A968E600FF3DF81939000A47BE545E731"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16803
Expires: Sun, 25 Sep 2022 21:20:14 GMT
Date: Sun, 25 Sep 2022 16:40:11 GMT
Connection: keep-alive
66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
45.61.212.221200 OK 1.0 MB URL HTTP/1.1 66377311795.com/e0b4ad53309b4c0980b2ceb461415106.gif
IP 45.61.212.221:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
Analyzer Verdict Alert quad9 Sinkholed
GET /e0b4ad53309b4c0980b2ceb461415106.gif HTTP/1.1
Host: 66377311795.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2749-f90bb"
Date: Sat, 24 Sep 2022 01:40:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:33:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-21
Content-Length: 1020091
kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
104.21.94.20200 OK 344 kB URL HTTP/2 kvhaaa.top/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 104.21.94.20:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://niumo65.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Mon, 24 Oct 2022 20:30:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 72552
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qem56I5v%2FXhJGvepTO2FCrNgno729xnpYS7GFPIR0p36oswimtlSFxI9YbMxKK7eYNNLUXbhBrD1Q%2F32No3GWL5tmpfrsc5g8jzKcdhNBZNphQeJUvpKYu7dEZ0d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750533402f5e1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a74f5db4f9a48d502ecb08e1e0c0070
915515e17816be8b25242d6b733b79407c79a8ba
9c433ef1f6acc1df09b29331ec4f176a968e600ff3df81939000a47be545e731
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9C433EF1F6ACC1DF09B29331EC4F176A968E600FF3DF81939000A47BE545E731"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16803
Expires: Sun, 25 Sep 2022 21:20:14 GMT
Date: Sun, 25 Sep 2022 16:40:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 82d0d6324d2ec235eca748c2775d9c78
6b5971ddd9f600c73938163b57aebe34c9abd909
b0ce2cbe4144c839145255c4859c3e5c49c429ea5a87b082e141cc7ea86051ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:40:11 GMT
Last-Modified: Sun, 25 Sep 2022 15:20:26 GMT
Server: ECS (amb/6B91)
X-Cache: HIT
Content-Length: 727
95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
103.170.15.88200 OK 219 kB URL HTTP/1.1 95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
IP 103.170.15.88:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 128 x 128\012- data
Size 219 kB (218557 bytes)
Hash 4dea2422e271cea76f0e1129e96a4ab7
5c24ffa9522829ba0c163284f74a60815336c084
d3edbddff31ba83b46fef890e2e6bfd8308e909581de17000b95921d12230036
Analyzer Verdict Alert quad9 Sinkholed
GET /fd1d4490b68648e2ba933a8a6394fb13.gif HTTP/1.1
Host: 95865127529.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6329479d-355bd"
Date: Tue, 20 Sep 2022 13:12:57 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 20 Sep 2022 04:54:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 218557
niumo65.xyz/images/stvf4grh65uh54y.gif
104.233.145.172200 OK 996 kB URL HTTP/1.1 niumo65.xyz/images/stvf4grh65uh54y.gif
IP 104.233.145.172:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:13 GMT
Content-Type: image/gif
Content-Length: 995865
Last-Modified: Wed, 03 Nov 2021 10:48:32 GMT
Connection: keep-alive
ETag: "61826900-f3219"
Expires: Wed, 26 Oct 2022 00:49:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
47.75.19.14200 OK 94 kB URL HTTP/1.1 885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 200\012- data
Hash be67baa9c715136dff120d9645435ea0
c3326ce07fdd64f6e1538d539cfcb60a6bad5fa1
f010c0663ac0e8e9179459c11c8496a73411ed4f99b361868221c4de73e0563a
GET /8f2a8ec30bfc478abefd69fe3ff8bbeb.gif HTTP/1.1
Host: 885841.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: image/gif
Content-Length: 94436
Connection: keep-alive
x-oss-request-id: 6330846BD14BBC37364E314E
Accept-Ranges: bytes
ETag: "BE67BAA9C715136DFF120D9645435EA0"
Last-Modified: Fri, 26 Aug 2022 12:05:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2209351752192578304
x-oss-storage-class: Standard
Content-MD5: vme6qccVE23/Eg2WRUNeoA==
x-oss-server-time: 0
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.167200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.167:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 6330846ADA8A79363226F4F4
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 1
u0062.com/86b4c5b5e42b447492665532b841e916.gif
20.239.175.73200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP 20.239.175.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.177.104200 OK 304 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.177.104:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 304 kB (304285 bytes)
Hash 230cbf723011f9f91ccc4214312245d0
55184e10225ead4ef852ec40dbb140e52552b38f
1b67ae25d6213db18947e1f8e42bc4f7dc02ae41bf7941c73395c79741870236
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 25 Sep 2022 16:40:10 GMT
Content-Type: image/gif
Content-Length: 304285
Connection: keep-alive
x-oss-request-id: 6330846A6172673930259777
Accept-Ranges: bytes
ETag: "230CBF723011F9F91CCC4214312245D0"
Last-Modified: Mon, 19 Sep 2022 11:04:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10033225339777913705
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Iwy/cjAR+fkczEIUMSJF0A==
x-oss-server-time: 3
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
20.239.174.73200 OK 212 kB URL HTTP/1.1 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 20.239.174.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212090 bytes)
Hash 7748134fdc0cc1835a47a2e1f3f3f18e
45c533fb73f4d6cc4f882fdaa1bf8c7cf72c6cb6
ae6f83fd285258413481d2a4a15128dd099e1369bc01b35ec35f33784ef59627
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:40:11 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:36:59 GMT
ETag: W/"632443bb-3f4d0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
45.61.212.132200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP 45.61.212.132:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Sat, 17 Sep 2022 23:36:10 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-02
content-length: 236734
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash eaaea43c0b29f532d3f48e52c45815fe
f211e01fa2cc710280a79533c96bf2bd4e2b74ed
520468f54a290f99f014e86b67c4f36a17ac7f6a6b82f90ab0580feee06e35e0
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 16:40:11 GMT
Etag: ac94cc62462fe6590af300b4ae5126cf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C178EA8224E01AF2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
45.61.212.132200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP 45.61.212.132:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Sat, 17 Sep 2022 23:36:10 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-02
content-length: 445140
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
182.118.39.165200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 182.118.39.165:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 16:40:11 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 3486452
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=2
via: CHN-HAzhengzhou-AREACUCC1-CACHE31[2],CHN-HAzhengzhou-AREACUCC1-CACHE64[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE119[42],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,40]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 00e6ce5100b85a87f430a9e000f3f834
02bf014b033567b4f0db30e4b13179f0ce8f2ded
2b26716650cc953349a86504d9886a8ed344c6118ff425de896d6bf205aa824b
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 16:40:12 GMT
Ali-Swift-Global-Savetime: 1664124012
Via: cache20.l2de2[4,3,200-0,M], cache20.l2de2[4,0], cache2.se1[25,24,200-0,M], cache2.se1[26,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 25 Sep 2022 16:40:12 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616641240126911215e
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1995749822&si=43710706cbe9431ef5bccf7937e9a282&v=1.2.97&lv=1&sn=59291&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fniumo65.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1995749822&si=43710706cbe9431ef5bccf7937e9a282&v=1.2.97&lv=1&sn=59291&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fniumo65.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1995749822&si=43710706cbe9431ef5bccf7937e9a282&v=1.2.97&lv=1&sn=59291&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fniumo65.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 16:40:12 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DF81F568DC022C87; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.154.254.32200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 29055 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: b027b378-250f-45d7-b05c-df322283a2d8
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.154.254.32200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 89434 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 3098d839-b89c-417f-bc2e-a7c4b2f05a29
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.154.254.32200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 25 Sep 2022 16:40:10 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 92969 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: dccce265-849f-4238-87e5-59305be2d9ce
X-Firefox-Spdy: h2
niumo65.xyz/favicon.ico
104.233.145.172200 OK 17 kB IP 104.233.145.172:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 17413577b74a1099726001192ffe3957
4fb9b13cb546198b93a2cac9f81e229ea5dea4ad
58d9fa7065af581da9dbdf6df718ee69564cc703136bab91752f9f22f883e0a6
GET /favicon.ico HTTP/1.1
Host: niumo65.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://niumo65.xyz/
Cookie: PHPSESSID=jl13gtmvq4l5h0s03clle4ncfq; __vtins__JSZHOzdyKyPQoQSO=%7B%22sid%22%3A%20%22df0e8bb3-0386-526f-8f2a-4a80822b9dac%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201664125808534%2C%20%22ct%22%3A%201664124008534%7D; __51uvsct__JSZHOzdyKyPQoQSO=1; __51vcke__JSZHOzdyKyPQoQSO=301fda5a-c49f-53aa-8066-18dc77c89078; __51vuft__JSZHOzdyKyPQoQSO=1664124008539; Hm_lvt_43710706cbe9431ef5bccf7937e9a282=1664124011; Hm_lpvt_43710706cbe9431ef5bccf7937e9a282=1664124011
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 00:49:16 GMT
Content-Type: image/x-icon
Content-Length: 16958
Last-Modified: Tue, 02 Nov 2021 15:19:42 GMT
Connection: keep-alive
ETag: "6181570e-423e"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
203.205.137.234403 Forbidden 494 B URL HTTP/2 s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
IP 203.205.137.234:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type XML 1.0 document text\012- XML document, ASCII text
Hash 1c9ae8b0ab1f79dab46bb02329b5bcc4
d4532e7de25a202cff307df118e36aa8cd65d967
e5ef89e52a96c0ec57f563a507eecd943f2be092eb97c783085a6c5c3cc13dd4
GET /tousu/img/20211016/1690343_1634319306.jpg HTTP/1.1
Host: s.pc.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 16:40:14 GMT
server: tencent-cos
x-cos-request-id: NjMzMDg0NmVfOTc2ZTc5MWVfMTYwNmZfMmFmODM1Zg==
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTQyYWVlY2QwZTk2MDVmZDQ3MmI2Y2I4ZmI5ZmM4ODFjM2NjYTQwYmE0ZDFhOThhMDFlYTNiMTVjOWRkYjZjNTg=
content-length: 494
x-nws-log-uuid: 13111713614817934293
x-cache-lookup: Cache Miss
X-Firefox-Spdy: h2
9191919199.com//960x60-2.gif
137.175.12.178200 OK 0 B URL HTTP/2 9191919199.com//960x60-2.gif
IP 137.175.12.178:0
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 16:41:40 GMT
content-type: image/gif
expires: Tue, 25 Oct 2022 16:41:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
23.225.222.18302 Found 0 B URL HTTP/2 img.x982.xyz/images/631b3ea8b62b4063cbda493e.gif
IP 23.225.222.18:0
GET /images/631b3ea8b62b4063cbda493e.gif HTTP/1.1
Host: img.x982.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://niumo65.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e18a6af077454910bc95238741bb30e9
cache-control: max-age=3600
X-Firefox-Spdy: h2