r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7213
Expires: Fri, 23 Sep 2022 04:26:25 GMT
Date: Fri, 23 Sep 2022 02:26:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 02:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cl62eD9yvlmA_2MyOoxe0Lnq0kVSOCJaJjXm05yWRoaJkvyVrDE1bw==
Age: 725
hdlxw.com/978/viewspace-918.html
154.81.143.212301 Moved Permanently 0 B URL HTTP/1.1 hdlxw.com/978/viewspace-918.html
IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /978/viewspace-918.html HTTP/1.1
Host: hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 02:26:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.hdlxw.com/978/viewspace-918.html
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HF__wAZr2K9_Y-6z7TdTEFOs2c41l8twGZ6KqVB2tT3UZsuuD5vYpg==
age: 78658
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 02:26:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.hdlxw.com/978/viewspace-918.html
154.81.143.212200 OK 801 B URL HTTP/1.1 www.hdlxw.com/978/viewspace-918.html
IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f88b0cd118e949e8e81986213b1f8920
0282b55fdb2714ca073d6e717b72d288c8047e24
175569f379f9f56f7957544be3978319033c0c6e004246bf7c742a802e6b0c3b
GET /978/viewspace-918.html HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 02:26:11 GMT
Content-Type: text/html
Content-Length: 801
Connection: keep-alive
www.hdlxw.com/common.js
154.81.143.212200 OK 628 B IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash f428f09f3f061423368a367ef9364309
658cd0bde399b05750a13355c3a05a6b219fe496
a7746b3a373b1e7f1656828ad16a5673fcb4c1c0fd7c3943b29c69ce9a3ab63f
GET /common.js HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/978/viewspace-918.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 02:26:12 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 02:03:22 GMT
Expires: Fri, 23 Sep 2022 02:14:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Cgss0SgjgM3Aup0F3vJI08qBbz0UnHOcdulp0DlitQKs8vjQJ9dZmQ==
Age: 1371
www.hdlxw.com/tj.js
154.81.143.212200 OK 536 B IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 0af9d7412b5a3786ee8d6c7490176f3d
62a2fb7a049d18b1272af6c9fbc9a65af1a493c6
c9fcbffa26011916fd02694087b2af97ad42e0574fae1928a3057dd5a0b03a62
GET /tj.js HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/978/viewspace-918.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 02:26:12 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 23 Sep 2022 02:26:13 GMT
Etag: "4078521116"
Expires: Sat, 23 Sep 2023 02:26:13 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=51B85AEF21035950E07F8BF672167EA5:FG=1; max-age=31536000; expires=Sat, 23-Sep-23 02:26:13 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3541
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:13 GMT
Last-Modified: Fri, 23 Sep 2022 01:27:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 839cc12cca1190e9c86674a579bada59
bb8968153d48b6c2391943a438a808457a3050c5
1d4e4b1fe76d11da89d88936310fbfc4b77917415ba643369116e907c2de865b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D4E4B1FE76D11DA89D88936310FBFC4B77917415BA643369116E907C2DE865B"
Last-Modified: Wed, 21 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18327
Expires: Fri, 23 Sep 2022 07:31:40 GMT
Date: Fri, 23 Sep 2022 02:26:13 GMT
Connection: keep-alive
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 23 Sep 2022 02:26:13 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.share.baidu.com/s.gif?l=http://www.hdlxw.com/978/viewspace-918.html
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.hdlxw.com/978/viewspace-918.html
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.hdlxw.com/978/viewspace-918.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 23 Sep 2022 02:26:13 GMT
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6+CKLh9EK3vnoMNxzxwRrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z2hdPY0t5t8mCsYADMedttMLO+Y=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 8e3566607196bb3cc3b5059c930c2bdf
7e778850ff1c8138954f3c8d989034bd3db737bf
e2a6381a86fd57bc61c884bd82dacaa6329bdb475ffcd41bdeaba5f07695d295
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 00:40:47 GMT
ETag: "7e778850ff1c8138954f3c8d989034bd3db737bf"
Last-Modified: Fri, 23 Sep 2022 00:40:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1309
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efd5930fb10b3d-OSL
collect-v6.51.la/v6/collect?dt=4
139.9.63.194200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 306
Origin: http://www.hdlxw.com
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200
Server: nginx
Date: Fri, 23 Sep 2022 02:26:13 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.hdlxw.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
139.9.63.194200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 307
Origin: http://www.hdlxw.com
Connection: keep-alive
Referer: http://www.hdlxw.com/
HTTP/1.1 200
Server: nginx
Date: Fri, 23 Sep 2022 02:26:13 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.hdlxw.com
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2c9b831b7175df5cf21bb852ded41e9
2baab20d3d487649656236a2f40b18eed46bf7a3
a1325f3e8feed814a999f3ca84026085fa182145e9cc73cc147003dad4968d06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1325F3E8FEED814A999F3CA84026085FA182145E9CC73CC147003DAD4968D06"
Last-Modified: Wed, 21 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20296
Expires: Fri, 23 Sep 2022 08:04:29 GMT
Date: Fri, 23 Sep 2022 02:26:13 GMT
Connection: keep-alive
www.hdlxw.com/favicon.ico
154.81.143.212200 OK 1.2 kB URL HTTP/1.1 www.hdlxw.com/favicon.ico
IP 154.81.143.212:0
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.hdlxw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hdlxw.com/978/viewspace-918.html
Cookie: __vtins__JcEwiF8NfRqfr97S=%7B%22sid%22%3A%20%22a8f2cc4f-5218-5de7-a6fb-f23999657765%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663901772737%2C%20%22ct%22%3A%201663899972737%7D; __51uvsct__JcEwiF8NfRqfr97S=1; __51vcke__JcEwiF8NfRqfr97S=2da451e6-069e-5cc4-85ce-ee4d1665c239; __51vuft__JcEwiF8NfRqfr97S=1663899972750; __vtins__JdQpk0p36jq0lsZj=%7B%22sid%22%3A%20%22a0a33ef2-80a0-5776-900c-cb949b81217a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201663901772764%2C%20%22ct%22%3A%201663899972764%7D; __51uvsct__JdQpk0p36jq0lsZj=1; __51vcke__JdQpk0p36jq0lsZj=9884d107-3691-5385-b67a-9e46f1bfe8d3; __51vuft__JdQpk0p36jq0lsZj=1663899972768
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 02:26:13 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 28 Sep 2022 02:26:13 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d09b0c269d470f796ee9a889af5edbcd
7e5bfdebc31b6534063a0f8795d4f2797ecf518e
897cdff5bb74d400c606ccf2389986d3f2eb8b4104201e11e4c2bff339a74e90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "897CDFF5BB74D400C606CCF2389986D3F2EB8B4104201E11E4C2BFF339A74E90"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4893
Expires: Fri, 23 Sep 2022 03:47:47 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/09/emcljvayf2s.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/emcljvayf2s.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash e9c76425ba13b64a3fda5e802a204df6
6e5b1ef4049e20766b88d30bb35258ffeb5d05d2
86d718095ddb4fdd68fa4802ac41eb0dfffd8ca4e26a3a14f7ce6664fb4613ca
GET /upload/vod/2022/09/emcljvayf2s.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 10400
cf-bgj: h2pri
etag: "632aa5bb-28a0"
last-modified: Wed, 21 Sep 2022 05:48:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxSEnUuNDjhhhA857gbkzAms1aJc%2B2ajy0xJTN2142axvxQmvlUPjbjwJcZ4NLOm%2FW5piwB%2FzQQwiyWNSTULnJmNx3OcmiW4Kl9wfIFjt46xOvsJpHOqUMiBkGHtSXkg8g7%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909dddd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d7fe1a8e556fc40ce07a0d028c42fd9
c871310dc9e29174b53f41d3a44f0eb4ee48db28
bfdb1d55b745aea2210f683f46bc4b7a1c0e795fec245e9d7c9d3ceee1028a8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1928
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:14 GMT
Last-Modified: Fri, 23 Sep 2022 01:54:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/5923d1619242fbeb6d98fcd53439ad11.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/mhcyaomjukb.jpg
104.21.235.64200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/mhcyaomjukb.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash a9caaea06fed04ffe3cb419a2969fb5b
d946eb931c814c31e626305ea31d3624814494da
8fc6070ed63f23f5dcf4524d948ca89def2693468349c338a4440146e53dac3a
GET /upload/vod/2022/09/mhcyaomjukb.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 13333
cf-bgj: h2pri
etag: "632aa5c5-3415"
last-modified: Wed, 21 Sep 2022 05:48:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjxk6QFVGz3VZXFj0p9EbFBptWBcKIGtQX4xqT%2BUh1GQaEr9aixbNUcxY86iFQZaE4v8enRm%2FQx64YhumlHJ9CC9eZb4aiYhcy9ihluhqesOU9PHqhRMg2V%2BYudsyYwbxqzF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909e0dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ukj33nqtuip.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ukj33nqtuip.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash f0f1d7e938c0b98cb0e52985a4a667de
d4284a9aeab58a1fbf83c76a089c17afd70f3cc3
072a9fbec37064c9b54323c480ce8f92a18e860958960aa4d0e7c29400fa00ff
GET /upload/vod/2022/09/ukj33nqtuip.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 10885
cf-bgj: h2pri
etag: "632aa5c4-2a85"
last-modified: Wed, 21 Sep 2022 05:48:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vFXARiDR2kMQ6cN6baegDm72VTtck3S3KgmAWVyp55smeVZQznPbHHCp%2BjKxRU09PTIPOTKsmRoMtrIaYvuq8rn%2B0cb5IZpytO5wLmRLSP6l%2BIAkeVxe0FiT7B0FcA3XG5p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909e1dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/xv1xfkmrdbr.jpg
104.21.235.64200 OK 8.6 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/xv1xfkmrdbr.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9565c9ef87ce02ff2b7dfbb685f2a370
183fb65afa3a139a9324b47ca3df79eb460c96ee
fbec7cf1d68c1e6586770f2858c752b8441b0361918d666dda0767e19324356c
GET /upload/vod/2022/09/xv1xfkmrdbr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8618
cf-bgj: h2pri
etag: "632aa5c8-21aa"
last-modified: Wed, 21 Sep 2022 05:48:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUG2T4cwhlZcZ9EedoaK%2FSZjtPTYerC3o7V3pVqILvVr1x7OliJz%2B7sxGoas4%2Fx6qqJS9NQhAY4NdQH5yIMF8I3kVNZhdwvm4syX%2FuM4O02U%2BWmaAwVgo2dZzruq8x4ZSwoi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909e3dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/5c54kg3ofvq.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/5c54kg3ofvq.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b3d3963bd082b7b3d90cd8ba57519fa1
d6dca8038065a327b8926e3c62a874f3d369ff31
1166ede964a6c2c60c7781f1d1525f962c0994c9e83abfa0869ea820abd0b30d
GET /upload/vod/2022/09/5c54kg3ofvq.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 11718
cf-bgj: h2pri
etag: "632aa5c6-2dc6"
last-modified: Wed, 21 Sep 2022 05:48:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bE149mQ8hGphTQNYSnLncO5eNMih4y9tERELOzNvadF8GuOZbP5hqT1Ean8zoMWg%2FR03CInjlUoxAFxS32nV%2FYYDJTFVUatJzaSzKP94GSbACEr71U%2FyAG%2FdNWp7sqPDvRd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909dfdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/erbq1lchvol.jpg
104.21.235.64200 OK 12 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/erbq1lchvol.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 32f04bf18a55f95337a167ec5b26c0ac
805b0cfe42dcb08273bc59cd99e6cc79f74a163a
407ba37d68b1176f035d8caa1c632fee35c57b1a25bd205d3382b60f01568b5f
GET /upload/vod/2022/09/erbq1lchvol.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 12370
cf-bgj: h2pri
etag: "632aa5ba-3052"
last-modified: Wed, 21 Sep 2022 05:48:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKGvAyOkZPA%2BxzwOqCT86Dx2eZuNaXjc%2BvzF1HFoqgawtrZsmiEQp1yr8SSBnZQFmbJsFUfiDDClkZGAHRRRZ5YMnwnZYbiZopBmk5u9LxUFQ9gkxlHCz9JGRqfKCpPhXGt4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909dedd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/q0u3bls5pnk.jpg
104.21.235.64200 OK 6.9 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/q0u3bls5pnk.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0b2d6781b1d26d01bcdd5533748fde64
d21fbdc794ddbd7103d0d9bb1748937d0383ae0a
3c949360202d94b5e1c87479fa73c359f12788bc114bb1f55300ec6d5d18b37d
GET /upload/vod/2022/09/q0u3bls5pnk.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 6911
cf-bgj: h2pri
etag: "632aa5c9-1aff"
last-modified: Wed, 21 Sep 2022 05:48:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO%2BstO%2BTLCxDff4htFInD33auE150DFdW0nKBuqHbJ7%2Fouc%2BY96z3EUX6NZ1k%2BwxnZTriSJ4fJTq8VNa8wDh5lSnpLYJIPCff5cNlbzPI%2FT3lRkomW8CcewOQIkE76HL2GlS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909e2dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/tkihuottnse.jpg
104.21.235.64200 OK 9.4 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/tkihuottnse.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7a75d36eb8142fe256734a8ff547c736
7c9b3d4608a0aa473452eae41061439b643af791
ac246150f31440e791e3b941f31068b2c22bb6c126a0b6bb277ba79784c275b7
GET /upload/vod/2022/09/tkihuottnse.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 9407
cf-bgj: h2pri
etag: "632aa5b5-24bf"
last-modified: Wed, 21 Sep 2022 05:48:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfML2MzvOTRSXUgWtiPim0RMvMWtbSI76BVmUDfP8GMunYUjaD9O2nK3XEgTXeY%2BdOYC36M99bXHNiR5W%2BbqVxGuWTKrsHZpYUFiqIzodfGdIZfUJ8zsfP2owE1Ernhp7s9i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59909dcdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/d0forjvjjtf.jpg
104.21.235.64200 OK 7.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/d0forjvjjtf.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 75423e5a057068e08efa1d02cb733263
3b9f31510043f6c4b22a2a72428f1f751670edf7
106f9e314bfe1456e09b41f9c39ab545fe0dcc88db078a485f1e63b10df9393b
GET /upload/vod/2022/09/d0forjvjjtf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7093
cf-bgj: h2pri
etag: "632aa5b6-1bb5"
last-modified: Wed, 21 Sep 2022 05:48:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1432
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7K4yrIYlT6cfFXx%2FwP3eiPwMzVxP%2FcMf%2BVI8nkBm0cp0o6ICcv9dgizWIJxy7TuOIBIX94ECkgxBAR1xoi4eas826oDdSWBVIDKpQ8%2BGACQxbu3SwAB%2Bg4wxD3BFnMNR%2BFz%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f2dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/knnfv4m5lsk1415knnfv4m5lsk00223.jpg
172.64.141.29200 OK 7.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/knnfv4m5lsk1415knnfv4m5lsk00223.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 110cc7c866aeb44d2790d0da219d88e6
9175cf1fb14db6b605460d41d987caf2cbb56668
f4dd1ef756175da47a4b4f8c7a9925df6f2b68fb8d271576ba7d1e40f9c7af18
GET /upload/vod/2022/09-22/14/knnfv4m5lsk1415knnfv4m5lsk00223.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7089
cf-bgj: h2pri
etag: "467694a54aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqY97i%2Ffkthzs%2BC3upZJ8neHD%2Fckq2EP8Z0npyaCN4aDlhx1Rz2%2BMkOoGMkqFltrxKAIDTWe1dCVIL%2FrKNZFCKwmC9bVzIromr7T4gk5QNCpoBpZBz8HpgsXW6PWBKdG74ke"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f4c731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/jkl1mlxhxtj.jpg
104.21.235.64200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/jkl1mlxhxtj.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 48f8e151bcf01e55562f0f62b504865a
59d481e9804210998da2f76423ad5c5525671adc
8945c7effb3f2d5e358fa8ee4eb69736a9078069455b04b2135ebc0207585c0f
GET /upload/vod/2022/09/jkl1mlxhxtj.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 12759
cf-bgj: h2pri
etag: "63294a0b-31d7"
last-modified: Tue, 20 Sep 2022 05:05:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LPowJwkpfWJvr4W5FHZlJxdTRNtHOKyIif0Vc1dLjGmv%2F7TtF0rdqaNWe5kfPdezCpKcXRm2U0CawS%2Bbxc8Lz55V6p%2FdotQBRd248ZejMHj6S1V14y8m%2B%2FBlA6AANUANJsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f3dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/i4w11vmw04c.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/i4w11vmw04c.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5e25befe155f029a4433a3e5073b5930
088ba414bb2238ee427e0a2295832137ab74715d
ee597bca78c2067d16d4e609945a3fa675943436bdbecd7f4716ecc3a35b5481
GET /upload/vod/2022/09/i4w11vmw04c.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 10879
cf-bgj: h2pri
etag: "632aa5ca-2a7f"
last-modified: Wed, 21 Sep 2022 05:48:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld9eV96etNe3orFklIKzVZx021KleLq2M8Bfviqb9Z1vCDYnXB5TbTbx4AmSSNdpPbNqe4PfjLa35pfgEiZqHJDf8qZPxBgzT78LTpjfBq6g8i3Ie2%2FPF39OpTXU1iHKjeDY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f4dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/xvh2ogcvg2s.jpg
104.21.235.64200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/xvh2ogcvg2s.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fb793165eedf112056c624a82c4d424b
be198d45609e57a0c607d336c09807b14c1730b7
904dd108f013e980e7f761ba6b5d7d5fbd6031e7529faeee1f32988f106429a5
GET /upload/vod/2022/09/xvh2ogcvg2s.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 13072
cf-bgj: h2pri
etag: "632aa5b9-3310"
last-modified: Wed, 21 Sep 2022 05:48:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2P07cmko%2Fhbi4zqBYkAEjpI%2F80Lpyr2rYIPQpdpOf%2F6WMgLKl3O06x7IaBCkjZcIleZ29I6AghF5GEgopx0oN%2BApI9CazgAfaMebW%2B1pTNvfkbTfk2u4B1DTgCYmzubhLUy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f5dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/ewqftkavqup.jpg
104.21.235.64200 OK 9.0 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/ewqftkavqup.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 68203c4f6e2804f06bb62b077aba64ed
f7532abe3df2f34530e0dea07025e81fecef6730
cf78174f86a2639df5d6c9e268516feb5095267a02dcd3c881740f87c9be03c0
GET /upload/vod/2022/09/ewqftkavqup.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 9031
cf-bgj: h2pri
etag: "632aa5c7-2347"
last-modified: Wed, 21 Sep 2022 05:48:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5aw%2F0fL78mYde2yU05t239CnqtgkOiHndkukEG805%2BWolRMkyRduPBhVGyttJYqeGb5v0F4UVsal60GRqRbZf8eQ6a%2F8MuKjaIHLfpB%2FRsqc3nxkSjHRx8Imuy6shNpw9zo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f1dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/fkcfuqozik31415fkcfuqozik301225.jpg
172.64.141.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/fkcfuqozik31415fkcfuqozik301225.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2ccfdfdb4eeb5f266c1977c22bb01803
152d524ae8af1d15b8e9734d9747ee373859d508
4cdd206fadec602184069bcae36d1d615936c46f64606b10467e66f8d45c6412
GET /upload/vod/2022/09-22/14/fkcfuqozik31415fkcfuqozik301225.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7300
cf-bgj: h2pri
etag: "ec01ea64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UEtTiq2hexOgcIjOAUG2Kr9EOs2lI%2BP2mETLo6svo2GdkwGK5yEjCRFj8%2BhdSPcN6t4SRum9rO21phChFo7jRDcpYvOqc4uVoMrlKQKiWW2qcYYmZV11OJ9lBmLkAHKo5Fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f4d731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/zftf5dimxfh.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/zftf5dimxfh.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash cd9afceadfe3c8116bd7ddc8016b9929
d0d53f97e180165565251cda4add76a9413c21ad
847f7ebdc453df0c310db7850ae4b31153df887940145793a21c18e784bb952d
GET /upload/vod/2022/09/zftf5dimxfh.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 10265
cf-bgj: h2pri
etag: "632aa5b7-2819"
last-modified: Wed, 21 Sep 2022 05:48:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H9l8XQtO4Q3r%2BOOuEAWFxUTMfTuTU6n8hNeDKTsyP1muYfid1cK2I28fWdi0sJnZeaH4T8sP8PA8nhJnQRManDoslOKC7ZPKSi7LDlEHt596UeZ6LNGmeV3xCJRgWcdNDeO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f6dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/mjfh5ttsoxx.jpg
104.21.235.64200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/mjfh5ttsoxx.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7b3454bb5cc84420394b0031957e57f2
655953caaa5fa5e3faf2b3f25ddd6b9db25c1ef3
74c5b884e599bc62a58f80bc990ea12420207afc5dde1fae163168d90413a940
GET /upload/vod/2022/09/mjfh5ttsoxx.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8843
cf-bgj: h2pri
etag: "632aa5b8-228b"
last-modified: Wed, 21 Sep 2022 05:48:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHxFuxSMAFzpUUuHySnS4ggerAhdJdycR5U7hEEGud8EkXiTkwZ%2FmiBqGFv20%2FN6YweAB42O%2BDou474ExwHRCBr02I7DT7JpT9KR%2FFicA%2BspW5EgNV1wkpRsYI1nB9in1rYd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f7dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/4xoagxe4vdf.jpg
104.21.235.64200 OK 10 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/4xoagxe4vdf.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash da2eff45c1a1b5ffd15da0396bcba202
c78be0f8e1e88693cc8e0b9f35b59f7a51f71438
1a18a6ea5fbc74ec1e40d4e6d2873806e0bc8b3067bdaf574244adaf7b3fa6c4
GET /upload/vod/2022/09/4xoagxe4vdf.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 10337
cf-bgj: h2pri
etag: "632aa5bc-2861"
last-modified: Wed, 21 Sep 2022 05:48:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTETtM2g%2Fe%2Fu7mtvUikxLL3GDBCyJGZJM6zD5fv4qICoWnycQ7gklXJKUpaKRWNrjUXOSEfq4e1E8kyp2Lt%2FTXDzoVSO7hzlI2w6YkXgS6CFnqUKD0nF3whrF%2BkBh26ClpRc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929f8dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/xgmupqsqifw.jpg
104.21.235.64200 OK 9.1 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/xgmupqsqifw.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 46170fe6a81f7e096f2730b5a854d370
63250a706509b0e277727287a141d489b664a395
5df4a9fba28c70e73e72a073eaf8631f9314094158be6317810db2d0acdc55e3
GET /upload/vod/2022/09/xgmupqsqifw.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 9125
cf-bgj: h2pri
etag: "632aa5b5-23a5"
last-modified: Wed, 21 Sep 2022 05:48:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvlZFLU4Cy6XjzMmiSgSDBuZcKvoKKq2oNswKPLO1F99xmpEK%2Bgd0SmeQJfqhEU2%2BkJR%2BRjvZ%2BnXAGDux4N2vU%2FtMMKnyTuZ0ermIySioxrWTUlTsUkRfZDclPKfFrusO8sm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929fadd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/kvh3023xvm2.jpg
104.21.235.64200 OK 8.2 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/kvh3023xvm2.jpg
IP 104.21.235.64:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 16fe3c56734ee78f9ff5f3234c1e1530
3140a790e2f35a928b9ffde2d37c0d961a3c6da6
873a6484b56fcd26e496ee8bd0822af1fa4db22f07998fb66c2a90f217a428a3
GET /upload/vod/2022/09/kvh3023xvm2.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8224
cf-bgj: h2pri
etag: "632aa5b4-2020"
last-modified: Wed, 21 Sep 2022 05:48:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAI1X0bur1OBbmDHgvmbtmg814KUigL8J8lmPL1EZ9yMmfubEKmO%2BeQFZ1ceEQwRxObmH%2FCK4SrHrHbbTHoPO0uug%2FFkrT9x0KlJufAhgDvwKOBvfndPEojNr1iQergZTla%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929fbdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmtu.netfhtu.com/upload/vod/2022/09/c2ea2z3jnal.jpg
104.21.235.64200 OK 9.7 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/09/c2ea2z3jnal.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 36x55, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 7949ab7e1789496dd7c6cb213877354c
d131cd5e5b82cd2a53559eefc00a3b4ef49efd8f
2d5226f98726b9f044a3c5af3875e36b7d9fa76c5e040ecc6d3cc718a5d9aee0
GET /upload/vod/2022/09/c2ea2z3jnal.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 9673
cf-bgj: h2pri
etag: "632aa5cb-25c9"
last-modified: Wed, 21 Sep 2022 05:48:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLqCkz0PgsR6dta0ZyMGXZo58XA4l1g4LqRoTd2ZHEb%2BJe5z%2F7FNBt2hofBlQwq56OWvIfkNKOVTk1cu8VJRrJGNPccR9IU0rcJUPw8KHe21dhw1Td7ozZh4xux%2F2PN%2FOEHJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59929fcdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/zcjovlr4let1415zcjovlr4let02227.jpg
172.64.141.29200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/zcjovlr4let1415zcjovlr4let02227.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b6c064e3d17c9a1db65ab904fd06eb8a
620c641a0f3ec9718a347bbc70177f4320f5e3f0
f09cd5c727054ad3025036fe706d841b5634cb959ec68bf2ef52c52fb90940b4
GET /upload/vod/2022/09-22/14/zcjovlr4let1415zcjovlr4let02227.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8581
cf-bgj: h2pri
etag: "5444a4a64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Llacy%2BzXfGaZRsB32GVhyM5zj7KHnApyoHuNWxwNH6rCcqzP9XMCHkgZ10OAjunvyRrToaEQ06rdpEsSH2DNzzLPWRAMAyE4F2Bfrb556vyp%2ByyKng3g0ME94y8rvY6XdSuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f4b731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/aupw4vd2swb1415aupw4vd2swb05233.jpg
172.64.141.29200 OK 6.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/aupw4vd2swb1415aupw4vd2swb05233.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5a318c4215a49180c58633333815d4e1
01dc2967128e44f24426f9c2bfcf170395b879ab
6e0417a140f344ddfae6e809f53265c0d7a297904f8f56c684bac0349e98488a
GET /upload/vod/2022/09-22/14/aupw4vd2swb1415aupw4vd2swb05233.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 6556
cf-bgj: h2pri
etag: "7b2043a84aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Har3HMs7FUspop0H%2B6HsBnVER%2BlPrnsdn4HatjLkXFBMgIejbAm%2B6iSDtoO5kMpPixvCReJGAr561hxkftRip%2Fpanlaj1U0gAfnFF0cvFBK8j5R0eeeGF61SRWbhyp6U4l%2FJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f50731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/10gramb5y5b141510gramb5y5b03229.jpg
172.64.141.29200 OK 8.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/10gramb5y5b141510gramb5y5b03229.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 463b7e8912ba4fac6888cd801e4e32f8
efe774a754c249902a3a43206647f1385ecdc09e
e11ebf5d37072b94c5beed7d4fdad630919dfa9ec5fd997ddf336055671c29e2
GET /upload/vod/2022/09-22/14/10gramb5y5b141510gramb5y5b03229.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7982
cf-bgj: h2pri
etag: "dec829a74aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eaY1HPza0PXlHPpUmNR1CaizLWTyB4dtH97Kc5W0i7Twsv4aiCLIy96g3DCH8M%2BLcQvbEprJf8iC5vLbjw%2FIKl1GgsBbpyeKJx5b%2B4Kmz8h1oyZsRGqIeSLp0DI8hm9ZTEi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f49731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?426df1ad05b70d034ef8d9f406fea82a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash a5be2decf8a054114ac2687b3df551ca
25307d7272a5fba52776e176924a5b4e57705fc0
032231a478c269e7dcd043347e9f4d149eb215dc768d4b526b9035ebc9cca843
GET /hm.js?426df1ad05b70d034ef8d9f406fea82a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 02:26:14 GMT
Etag: 214261a335ae02f1e5a291d975206483
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D036F9BA00F2F5FD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmlb.netlbtu.com/upload/vod/2022/09-22/14/4rx4gsqhhxc14154rx4gsqhhxc04231.jpg
172.64.141.29200 OK 7.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/4rx4gsqhhxc14154rx4gsqhhxc04231.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6115b89eff7b7dac403edde11a08e5b7
25a3a00d363c7b2f9e7a07ff48055161239bb537
61d3457022acf3f905d616435612a5fa8a67463be6b292663bd80cbd91a97a39
GET /upload/vod/2022/09-22/14/4rx4gsqhhxc14154rx4gsqhhxc04231.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7662
cf-bgj: h2pri
etag: "039bba74aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBx7l8CnNeq6OIK%2Bu7G%2BBwFwu71a%2F8ks1MN%2B8d%2ByyAI0UJhqzKbJekWtCrg35RH3lAhFYt2rpAJTIVopo%2F7x261EvwlE9UoRJQM%2BsiqmSrViFcwNLaBX7%2FhwvQZVInkP%2FCHb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f48731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/xrsupam40ll1415xrsupam40ll08241.jpg
172.64.141.29200 OK 8.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/xrsupam40ll1415xrsupam40ll08241.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bff5930e7623511b033ba4dd974c835d
1039d74418d286779061dda1647ea31187b23d39
45bbb24026a14a9734336566d6d30568f92919c24277621279f1cec9afcc9b39
GET /upload/vod/2022/09-22/14/xrsupam40ll1415xrsupam40ll08241.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8372
cf-bgj: h2pri
etag: "7aa76eaa4aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yw09p1bM3pIFI1DiTzx0185zM22fh3XtdtGtul6JkhIBAJE1WKPWvha38sUq1siOzxJUrgEMzAMJQuAL1UlKLT2w2Hha8EOQff8ObGBe5TDWW4UfZ6kWnGt9QJLn37bCb5x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f66731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg
172.64.141.29200 OK 5.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4d4b9b47a64c275b65e141b85ff9224f
20fa476a0bb083c8ed8e078631a5ef1d135acf7f
74aab57d7150bc44ce84164e8ebe776a234df00803e4179e5b300d63c00e182b
GET /upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 5698
cf-bgj: h2pri
etag: "691db6a24aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okUoQbzl%2FmTV4faQD7%2FjCqXu3VcBpKLvMp8tudf4Hx5P1nMSFcfefin5uVjoN4YGVmLtTxab9jBh1hvZpF5yoYWWn50pNwUxTcADSYn5e9MNb7cO0knNRltSdf4%2FRf3DxGlB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f69731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/3jteuvh1e2a14153jteuvh1e2a10245.jpg
172.64.141.29200 OK 7.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/3jteuvh1e2a14153jteuvh1e2a10245.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bd4d6a3489d65d7bc72585df0e27ecc5
83092ade284764aa4bad4b9845200ed71e419cc5
29140031c41ae5bca3c4b189b8da01edeca6836b5e9fe2d7f1f3510f167a002c
GET /upload/vod/2022/09-22/14/3jteuvh1e2a14153jteuvh1e2a10245.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7235
cf-bgj: h2pri
etag: "2d3b83ab4aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpInQQEFRnsbeM7wb52QU%2B%2Br7BbWyRcvolBiWrpmd8a%2Fr%2FrGuR%2FAOeD531BsOag9zBdZh1A8gmfqpP5GGel1li6ck4SVqC2oSYyd%2F4ciRcNbza545ff2H3ILqaMOd57U67q%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f65731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 934dc4a5b0d9650bc9b60d26297735ad
9c67f986a330dfc43f1038699254e85323289664
933da6a3a9ef3f8e34d56661046286ba93c67aa5aa9f22ad982d15e01ba6a0dc
GET /upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 10674
cf-bgj: h2pri
etag: "e4afcaa34aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn4vMHiU%2FNITlHeWFq%2Bqj1aAy%2B3AodHVK%2BeduGKdXsylAsmDvf4nYXdP9Ap69NhZV8QK4Iwg1J%2BLhnpb3JTTQR8mRaXdqOflwy5%2FpQgMy8uew%2BnjTlUkZFyJDwU%2BhKoZyduE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f6a731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/dcicjmel13i1415dcicjmel13i11247.jpg
172.64.141.29200 OK 8.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/dcicjmel13i1415dcicjmel13i11247.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3ad1432a76460d6e0185104d4c6c1aa5
73bbb6516d7115a4aee1bb004f3d31de10192006
a02a35691a8f98754f6d8603d280709c9e5d761828dd1d3a5a780981d4e5073b
GET /upload/vod/2022/09-22/14/dcicjmel13i1415dcicjmel13i11247.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8407
cf-bgj: h2pri
etag: "29e6fac4aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B%2FHL6%2FHP0X6GO%2BXwA%2BEwJAMTb%2FopNbw4T0EslDL%2FGZUGfl%2BR7xfEXZHbS9filFIjPDsFIbqeIsVfzIbaicK0bWkxv3UYuHqjSTgvX79clBuKsqOrp30oS7NECtdjEqOksrA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f63731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/dhlxi2uglfo1415dhlxi2uglfo09243.jpg
172.64.141.29200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/dhlxi2uglfo1415dhlxi2uglfo09243.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3afa76e955a9ec5161f3a0ec9efcc803
fb8955e9f08b2ac63199e9fa870c37bb3d239732
afdcd190ffd310e49ec09c051570518565cfe639da6858e1c7eadacf63ae92d8
GET /upload/vod/2022/09-22/14/dhlxi2uglfo1415dhlxi2uglfo09243.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7513
cf-bgj: h2pri
etag: "2053fbaa4aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PM3z7mOZexxaVRSsaqByM4lZ4hD%2BK0L4HOSdciyQDGmhCnnxA3lc4uAgJuA9sTYXzxhg0PXs%2Ba8YMISxN%2FHKq6nQVjNU8ZpU1nkOiR2yAaAk0ICiWaLocNRi2XCpYrOixdQa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f67731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg
172.64.141.29200 OK 6.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash decd5f8fc8ff7a538e885236ce4e68a2
02c0f51b0b32d1e7a970948b57453e0944236368
8c417df03e0f7ee8556404ad21adc6c9f13da8ddcac443c307db3ba8f8cadc10
GET /upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 6136
cf-bgj: h2pri
etag: "2bd42ba24aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gpOv9w3%2Fc9puXEN9FKwhePqmR5PXeQP3Er%2FeA2al%2FMA2PJa9ayb%2Br73LocNLsZ3JSiWoI%2FQM78vCPxEUK9bnWdFKn50%2FDLGbVF4wKEZECVboTsY3hJaCxGvkdGDkMGMR04Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f68731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg
172.64.141.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 70b862f1107da214c5af0ba337cba006
96899a32a3c3577d92cffc9c54c7fa8bed2add2b
cbd1a7686622979a527f7ffc7546fe56e36b5b074d07ff6a425fc57905bebfef
GET /upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8477
cf-bgj: h2pri
etag: "49c942a34aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRTC9POhV31eS3Fmm%2FVvQigJsWtq3iUZhcd8P1N9Z7VOP129p3xCD1ivVOkW6v%2FKjPha5nx5cIRo6PVe8MUErhiKs%2FV15%2FiJvUVOM32La9dR%2Be%2BYT30Wp%2F63DQ0jNhSMJkEk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f6b731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg
172.64.141.29200 OK 9.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e8ee969881129d3570f1cef82e4c3dba
8cc2c3860fbb5ee0f4f4f7b6c7d1507a38a05385
a9b04dd63aa2a7b82bc217dbd12ab23d6e25045cfe3db51463c3512644e8111e
GET /upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 9024
cf-bgj: h2pri
etag: "374682a44aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1632
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vcq%2FI0LF9iuUjlQhUm8WCU9XWV0Pv%2BEcwr6aJzMxpbBLns1A3zc%2Fab%2BHzCgstqSVRSpx273rzSVSRc%2F4P5woGiBAJqXixMlUXf9cuf09wAuiKN48Ic5TcbeQJ5QX%2FI9uXHW3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f6c731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg
172.64.141.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0eda61956bd9d476f54c4bfe61974928
14d31a1d2c72cca46458822a84969fcd24a60059
343d9e80f44faa63b2acad2d23d5e5162ac609051bab8c1bdfb57f6e0ccbf206
GET /upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8755
cf-bgj: h2pri
etag: "888fca54aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1632
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg9J98yymEpcar2i5Y831hkHGGj0yMTaIlcBjIti5iJxfmzyPHN5OouovlsBj%2By6Vm9gODBa1S7eGxgXlqQW1l55rDrxOxS%2FWG%2BrAvJBfwjOKZ8IxZKduUr87JEHDvt1RnBp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5996f6e731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7eada7cf5da4cc19ab191b0458f01527
9d8837b3436467ce335d1b64547e034fe8e8ccbf
93a76daf8a8ed5d8b7ff9beda455c348209f0ed77a215182a7795831cd6aa249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93A76DAF8A8ED5D8B7FF9BEDA455C348209F0ED77A215182A7795831CD6AA249"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4785
Expires: Fri, 23 Sep 2022 03:45:59 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-22/14/35qxxfpmx30141535qxxfpmx3007237.jpg
172.64.141.29200 OK 7.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/35qxxfpmx30141535qxxfpmx3007237.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6493b314cfc5d9dbc389866eca0a17d4
628d9d4900012967e02dbc8641956f4460e34946
b85cdb87cefc61a4b6f0b101085436bf2ab8fce9836785666db351d511928625
GET /upload/vod/2022/09-22/14/35qxxfpmx30141535qxxfpmx3007237.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 7429
cf-bgj: h2pri
etag: "abd95ea94aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:07 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG3Rn8rK3rBSteDC3NGsz%2BLWyLkOabp37bWTtvyZ%2B1P9hn10XNcYZBLUOIpN9OPoMcl2MamkbRzBQ%2BFOvDJ%2FRqW6HH5zTJMOseV8kvsPyK6tETlGrndmVo093NdmaKiBN76r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f4f731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/sbhyfyijau31415sbhyfyijau308239.jpg
172.64.141.29200 OK 8.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/sbhyfyijau31415sbhyfyijau308239.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash aec0128003b4aff2ad4594bcb6a747ed
b9a91682d9f2fd911fb5927172087363e66589f6
e61a308bd165e21104e1b11b206a365230ec4dc180b1486ce83c4cc7043e936e
GET /upload/vod/2022/09-22/14/sbhyfyijau31415sbhyfyijau308239.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 8216
cf-bgj: h2pri
etag: "5c5ee4a94aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:08 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F181LWeCnzDoMMKfsHrxeXkBS%2BTuJIkL%2B7uWlo0eYlzkOgdoOsOp1jcodFzaTuMpEj358AiqnIIOnilydmR9AEGsheKnCZtzp18lT9BKejo7wt299F%2BvSVg0%2FapxixVpcyfp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5994f4e731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7eada7cf5da4cc19ab191b0458f01527
9d8837b3436467ce335d1b64547e034fe8e8ccbf
93a76daf8a8ed5d8b7ff9beda455c348209f0ed77a215182a7795831cd6aa249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93A76DAF8A8ED5D8B7FF9BEDA455C348209F0ED77A215182A7795831CD6AA249"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4785
Expires: Fri, 23 Sep 2022 03:45:59 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d7fe1a8e556fc40ce07a0d028c42fd9
c871310dc9e29174b53f41d3a44f0eb4ee48db28
bfdb1d55b745aea2210f683f46bc4b7a1c0e795fec245e9d7c9d3ceee1028a8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1928
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:14 GMT
Last-Modified: Fri, 23 Sep 2022 01:54:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/09-22/14/xkjs1ilnw4n1415xkjs1ilnw4n06235.jpg
172.64.141.29200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/xkjs1ilnw4n1415xkjs1ilnw4n06235.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash abd9e39b02d404bfe40bd916f7dc53b2
58f653438b50e70ccd523e27517b721e191060bf
4c6408038c6eacfdef3923c2bc964d30cbf3097bdeec755f7b8cfed7f1259ec6
GET /upload/vod/2022/09-22/14/xkjs1ilnw4n1415xkjs1ilnw4n06235.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: image/jpeg
content-length: 6888
cf-bgj: h2pri
etag: "b2f2d6a84aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:06 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqD%2F1rFe0AB75wlp1CNOhepy79JFIYkYGz3t0FtQ%2BYf84EgEdnFS0Y1aKarV%2Fa0T2EVF5wn8zUjXo1D4yNkw7DE%2Fmw5HZZRSpMk8zx6nhYuEsMggzOFllFAU5Pn3Iwfn7cBS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5995f62731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 464d643b41514cdecb7fae46743558a1
ca8089d5b1d9a8fd7cec1c6a512f1afcc322c26b
b38d095a81b3a5a18ce38f105e3c38a580f594ff21b10c2c3b2b369a9fb8c47a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B38D095A81B3A5A18CE38F105E3C38A580F594FF21B10C2C3B2B369A9FB8C47A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1273
Expires: Fri, 23 Sep 2022 02:47:27 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
104.110.17.24200 OK 446 kB URL HTTP/2 dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 446 kB (445879 bytes)
Hash dfbf81fb5d0c62a4890d1362f950c5d7
725b5307b3976bd29822d38f3a22d119086498da
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
GET /images/03964120009z0w8i44344.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 445879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15218855
expires: Sat, 18 Mar 2023 05:53:49 GMT
date: Fri, 23 Sep 2022 02:26:14 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d09b0c269d470f796ee9a889af5edbcd
7e5bfdebc31b6534063a0f8795d4f2797ecf518e
897cdff5bb74d400c606ccf2389986d3f2eb8b4104201e11e4c2bff339a74e90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "897CDFF5BB74D400C606CCF2389986D3F2EB8B4104201E11E4C2BFF339A74E90"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4893
Expires: Fri, 23 Sep 2022 03:47:47 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d09b0c269d470f796ee9a889af5edbcd
7e5bfdebc31b6534063a0f8795d4f2797ecf518e
897cdff5bb74d400c606ccf2389986d3f2eb8b4104201e11e4c2bff339a74e90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "897CDFF5BB74D400C606CCF2389986D3F2EB8B4104201E11E4C2BFF339A74E90"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4893
Expires: Fri, 23 Sep 2022 03:47:47 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo250.xyz/
104.233.145.173200 OK 12 kB IP 104.233.145.173:0
Hash bb41f8d1176282f60488b0e6993ce214
ef6fbc3f01c23443b1f7c9c077155baf5a3d2d6b
d3de433ad969ef0534cb76abc9efc8f7565476f4eb1cdd4437b10e54697c33dc
GET / HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=i1cg2rlfdi3s583a1l32qmes66; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 369dc787858dd4dd787172e51f0b1d9b
e10553bdfd9debd51b18fc6b8c98f5e7815e9d8c
1eebc0d04a98e0017ae08dba73a685d48e7b71c224fc51515877dd0d1a975399
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1EEBC0D04A98E0017AE08DBA73A685D48E7B71C224FC51515877DD0D1A975399"
Last-Modified: Wed, 21 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20296
Expires: Fri, 23 Sep 2022 08:04:30 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/df11822f68788f03e4ae65f0f9390461.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:14 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad1f86bb360893d546aaafd6b8c93e17
eaf2abe18a7ba12ae108dc8b9dcb3c28ac991675
dcf589f2c1ed4febb7238ad83e6d546a1ee5b3a039a2ea8de34229e4fae341a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCF589F2C1ED4FEBB7238AD83E6D546A1EE5B3A039A2EA8DE34229E4FAE341A1"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18359
Expires: Fri, 23 Sep 2022 07:32:13 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 77e1f5cce5f10441f4a48d69d58fdc46
ddaf890d7bf93082fc1ccd6c39d5f038cffa2424
c3038f91207a8a23cad4a17d78152888230999e25df5e4d74d2fc5113a1abe4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3038F91207A8A23CAD4A17D78152888230999E25DF5E4D74D2FC5113A1ABE4E"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18376
Expires: Fri, 23 Sep 2022 07:32:30 GMT
Date: Fri, 23 Sep 2022 02:26:14 GMT
Connection: keep-alive
kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
172.67.149.70200 OK 340 kB URL HTTP/2 kvtfff.top/51598d0fc78d3b788365aa6f78ce3d83.gif
IP 172.67.149.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 340 kB (340249 bytes)
Hash 3a70be5fe7097c1ca1dce51c67abe259
e1bfbbe1b9607b4d3a5500c8c462a1880bf24bc1
093b6a82e5c8e1a4e0a39eb2ad1875d5a3d326342e97817cc07c1a0903cf63a6
GET /51598d0fc78d3b788365aa6f78ce3d83.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 340249
last-modified: Tue, 19 Jul 2022 13:33:26 GMT
etag: "62d6b2a6-53119"
expires: Fri, 14 Oct 2022 16:46:00 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 726015
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT2U%2F9YSD6%2BOYejV6%2Bluh6mqPsGy4E9AY%2BEtFeNfDzCGTuk%2FWttC4ZoVNdxFecJ9oQ3tv6o5HGivkfy34wf4IjIMdaN5WS%2F8X%2FCcYH39ssdN0pxoFWiNXTyyTH%2F1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59bba8ab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
172.67.149.70200 OK 845 kB URL HTTP/2 kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 172.67.149.70:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 845 kB (845033 bytes)
Hash 2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Fri, 21 Oct 2022 14:13:09 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 130386
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPSBfPXiz4F%2FXI7YAI3F%2FJsrK%2B8ndS%2BB7Endf2%2FlhfktYKjQ79yeGgH1zZD89kfJG8ZPPrYSGSR3u6M3qyE3iRELtu3PNVKo8fOFFmUq0QcUQzeVOoUYg5ogcvU%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59bba8bb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8b3838c0c724df62d6101ede3ffbd3f
c51947aaa44bdf5c7e83d8daf1cf0327a9545c98
414a6aa29977086544e96bbd98bb638cddeed387095018ae645d457d7e5ce09b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "414A6AA29977086544E96BBD98BB638CDDEED387095018AE645D457D7E5CE09B"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12037
Expires: Fri, 23 Sep 2022 05:46:52 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2eccec95da3f6e7a348fbfe50354df0
99ecb4d72a83d63a5594b3b82b53a711232fd54c
2ebc2a43af445834afd9270691842791c4879ef351142d8f30d63214f2ba87cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EBC2A43AF445834AFD9270691842791C4879EF351142D8F30D63214F2BA87CB"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14616
Expires: Fri, 23 Sep 2022 06:29:51 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4389
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbf5d791f862d389dd15e0fe4776f015
672f882a8875e8518a8d9a79131a9015859a593a
7bcbb890d37783713db35dd714b92c7a609683f74e7efe6bafe0bdc0f9a0e500
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BCBB890D37783713DB35DD714B92C7A609683F74E7EFE6BAFE0BDC0F9A0E500"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1456
Expires: Fri, 23 Sep 2022 02:50:31 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f6413e38ace08fb5d7bcc0d05898a4
106c7615616ea163417351c4865e04210bba7a26
5cc2b9fba61963354dc8ba2f6d4e41e83a33d36e18737184680e67acebb6b69a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CC2B9FBA61963354DC8BA2F6D4E41E83A33D36E18737184680E67ACEBB6B69A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14375
Expires: Fri, 23 Sep 2022 06:25:50 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
172.67.149.70200 OK 383 kB URL HTTP/2 kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 172.67.149.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 383 kB (383218 bytes)
Hash 4c8d1145a8990f5db374bf490eaaedf3
20a774fba3e70db44f9b247c9cbc36717d1bcb54
a692017bfeefe2bb565d2148c962984df0022cf636e6bebce0d9bfff5dae26aa
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 383218
last-modified: Fri, 16 Sep 2022 11:54:31 GMT
etag: "632463f7-5d8f2"
expires: Sun, 16 Oct 2022 13:15:17 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 565858
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BxaCofozu7FjXPyB4T6JuXWpKZyEcfDlHEgVe%2FbiTOCMT2gAITi0a0zthzXYO6leofoVNVl0JJNBAWCgM5OR7RUgorP46uqnJ2jQxlysGs8W2HzDYKzN6GLBnR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59cfb23b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3685d8e26080451280d062a3b1d7da
b69c253373bfd6f7af03dd7262d0df7f33272421
b06bd3f47c7adee0a1dd45ce842039fd697ad88b8b8d5c99ad9f7658979394fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06BD3F47C7ADEE0A1DD45CE842039FD697AD88B8B8D5C99AD9F7658979394FD"
Last-Modified: Wed, 21 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18317
Expires: Fri, 23 Sep 2022 07:31:32 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?87c1d2c8ee5238afa829fb93a48c6fb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 4d6bd777f5527e81bdad14bcc7f28b53
7edaaf0e84f5bf84924e493a33b2d6f7aafe02a9
c30ba5403b8a651236bfbff5048d30e394910693a71ce8514454717290f4170b
GET /hm.js?87c1d2c8ee5238afa829fb93a48c6fb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 02:26:14 GMT
Etag: bac3afc470b3759a46f3622e35ff66ec
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5D08B9B4E2051987; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
age: 15233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3685d8e26080451280d062a3b1d7da
b69c253373bfd6f7af03dd7262d0df7f33272421
b06bd3f47c7adee0a1dd45ce842039fd697ad88b8b8d5c99ad9f7658979394fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06BD3F47C7ADEE0A1DD45CE842039FD697AD88B8B8D5C99AD9F7658979394FD"
Last-Modified: Wed, 21 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18317
Expires: Fri, 23 Sep 2022 07:31:32 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb8292eaf535efdadf3e202fce70f974
2667c0df5aafd57ea28a95c79d15b5aa5fc77c65
92d600148d38fbdaf3765ddfdf6019cc7009e965f0c9d2242dafc1a762d466af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D600148D38FBDAF3765DDFDF6019CC7009E965F0C9D2242DAFC1A762D466AF"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Fri, 23 Sep 2022 03:03:08 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 948abf9bedd1bd67010284080ba06d01
dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 0cec2f7d-e906-4f5f-baa7-5d8a1a7c6820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2P7bEeQoAMFhGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf9e2-5bdf18be72eed24028034edb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:00:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Pj5hSr5LtIWPRDYjHxp8-K8gVghjf8GlO-FnXDvxscJqdygfZH8hIA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 24614
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb8292eaf535efdadf3e202fce70f974
2667c0df5aafd57ea28a95c79d15b5aa5fc77c65
92d600148d38fbdaf3765ddfdf6019cc7009e965f0c9d2242dafc1a762d466af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D600148D38FBDAF3765DDFDF6019CC7009E965F0C9D2242DAFC1A762D466AF"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Fri, 23 Sep 2022 03:03:08 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: a4c6c1b1-3777-4410-bef1-5dd2518af86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCjSEqfIAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e14-4cdfc5ea1c42120d4a085752;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b3Zf70hsIlHF67m0hhfBtDxu7FeNv0Z7JY7-Iei61XiGbDOqfKoUGQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:57 GMT
age: 15498
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.147.13200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 15:18:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1940887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfS8bMyLOD59iQv6VD7aXi88T1GD1xsk0c1HTuwmecWjSEca06r2RH60%2Ba52SqJT9JTl9iy8m%2F%2BmO2d8om9DULGifuTNr5sRyuHUqVN26Rki%2B%2Fj1Qu%2FiJ%2FI8wlgl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59d9e69b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.niumo250.xyz/static/images/hot.gif
104.233.145.173200 OK 254 B URL HTTP/2 www.niumo250.xyz/static/images/hot.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/hot.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:10 GMT
etag: "6153fece-fe"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2bbb3856eeac20d0ee556c96144bf6c
76ac1f33cd006227162e12e7142e754562bec0c0
1e3f6551d401346b6d809d8feb9b36a9e0006f99f518d1130aa9bd630bfb6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12538
x-amzn-requestid: 2ae96766-6999-44ec-8084-a19d26b3e118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOHYFIAMFXYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-060b96fa5fc99e79711bde3f;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Thglq7Lwby4LEkD9ShUBLutHUBhdvl9ErgTSqorJw5ZOzD6Gr8hqNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 02:03:05 GMT
age: 1390
etag: "76ac1f33cd006227162e12e7142e754562bec0c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/home.js
104.233.145.173200 OK 11 kB URL HTTP/2 www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/home.js
IP 104.233.145.173:0
Hash 729740a98e4199b45371c8ff20f768e0
1164770ad0e93ac0309bc732f357fabec5d5a18f
997b07952f11b67f07cfeaed0d4d576515f0db87cec6eb588b42994a709a679a
GET /template/RX@04dgr@r/static/niumowang/home.js HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo250.xyz/logo.html
104.233.145.173200 OK 826 B URL HTTP/2 www.niumo250.xyz/logo.html
IP 104.233.145.173:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d00b7df69522bf71f59047c570152aba
7dfa7d7b78ef9cbe530d38166368902ccc2ba777
39d6e18c64a02091e80c09464c295364a2d6320cce80fe913336635977ca9419
GET /logo.html HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: text/html
content-length: 826
last-modified: Wed, 24 Nov 2021 04:39:45 GMT
etag: "619dc211-33a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22173527a1bc9b264170aaa07491248
944c0453511761e101cb9e50ba8af7545e32e357
c04b0975162a54e0afc5ae4a863f8e8393415d455e8f7ff3fc67a47868e09ec0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4947
x-amzn-requestid: 2d8325c6-7564-4fab-86ad-75bc44451ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzHtOFNXoAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab987-30ba7b1d6088630236d03486;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:13:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3NJdOO87M_on7FBlPCczqwUtjsq75kEXAxq9CcsiHDvuaUDCYhd9LQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:08:23 GMT
age: 15472
etag: "944c0453511761e101cb9e50ba8af7545e32e357"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00fc5e5b943a6a03878e596bf80e9445
ba36f95bb2a0da3b3f758f8686c0168f9d0828e3
9763c731e567a1e26912591c24201ddc65086c2f4e4db785fae2a753a0dd5557
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9763C731E567A1E26912591C24201DDC65086C2F4E4DB785FAE2A753A0DD5557"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18394
Expires: Fri, 23 Sep 2022 07:32:49 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1cbd6f02ebb46daadefdd93f77d6dcd8
92b11ae9f542c59ada9aa906d83ab3c29062594d
b16dbd298e746f29b9291a4d5ec1b5f9eb3d51bc8bfa73232dbe427e29ad702e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:45:16 GMT
Expires: Wed, 28 Sep 2022 15:45:15 GMT
Etag: "92b11ae9f542c59ada9aa906d83ab3c29062594d"
Cache-Control: max-age=479339,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74efd59d785f0b49-OSL
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=390978260&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=31859&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F978%2Fviewspace-918.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=390978260&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=31859&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F978%2Fviewspace-918.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=390978260&si=426df1ad05b70d034ef8d9f406fea82a&v=1.2.97&lv=1&sn=31859&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F978%2Fviewspace-918.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 02:26:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CE1CDBB6C1815FE6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff021fa15adb0d3a24158bc00cf0980a
265d3e98bcbf5f14f214102279a7911d6fd64048
211d709fb1851a62f856a78e3b115ef816f78ab9a28f870d48fa3d1912eac16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6505
x-amzn-requestid: bc9cc556-8897-4484-ac07-f18e4f5250ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvrfiFl4oAMF_Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295930-7a627b7d7683919e41ca599b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNlx91pOuttpN-IrQs_g-PRI8C_NmZDKdnOpfayCJ719fa6FwnOIGg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 02:01:19 GMT
age: 1496
etag: "265d3e98bcbf5f14f214102279a7911d6fd64048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
172.67.147.13200 OK 186 kB URL HTTP/2 kvtbbb.top/d816a0142aeb37814a5d77cfd510e67b.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 186 kB (185463 bytes)
Hash 07d436db9009e187330d91ffc5c77745
a7944de8f44192fe6bee6e6584d03966d0ffe8b8
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
GET /d816a0142aeb37814a5d77cfd510e67b.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
etag: "62a70d17-2d477"
expires: Thu, 29 Sep 2022 15:13:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2027571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CBKBFL4RPPAoO%2BqMhkfv3JOnimii8VIkIfHxzZXKIgIDfWuKXao2JNxgrsPj%2BqA0kMSMG1Iu1t0sPwUqL%2B%2Fg9UXbwrMDnuQhvVhErwntKN8pIAhTKPvQ0EXaeE5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59dde74b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
104.21.234.41200 OK 195 kB URL HTTP/2 nvhaaa.top/5923d1619242fbeb6d98fcd53439ad11.gif
IP 104.21.234.41:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /5923d1619242fbeb6d98fcd53439ad11.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 194870
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
etag: "62c2da06-2f936"
expires: Sat, 22 Oct 2022 05:22:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 75834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpy4rsp9O4OQogYCAn85kM%2Fpi2zbeLTLOQg4HahuTDSE8kunxF7s85clwYwWMzw%2Bk%2BssGe30a%2B3AYhTmyNTP8R7Bmv0Flr9cHZ4WzlzS29KA6BkXrIotYTsKNuVv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59daf98dc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 1c8729ac3a4613c1a86b1b9a1ac046c8
f7d66529635465cd133a0dd0f91eeb46abd3e2fd
70becb6150b8b6325534e13d58da882bf3933370b0010429aeef106b4499509f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 27 Sep 2022 01:03:41 GMT
ETag: "f7d66529635465cd133a0dd0f91eeb46abd3e2fd"
Last-Modified: Fri, 23 Sep 2022 01:03:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3224
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efd59e0ea8b51b-OSL
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 369dc787858dd4dd787172e51f0b1d9b
e10553bdfd9debd51b18fc6b8c98f5e7815e9d8c
1eebc0d04a98e0017ae08dba73a685d48e7b71c224fc51515877dd0d1a975399
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1EEBC0D04A98E0017AE08DBA73A685D48E7B71C224FC51515877DD0D1A975399"
Last-Modified: Wed, 21 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20295
Expires: Fri, 23 Sep 2022 08:04:30 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: text/html
content-length: 162
location: https://acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 5b336aac36f02b513e83629ffeb230be
3c02c6af7b93212b75897ffad5122fe40a7f4e95
1fe64678a5b16862cc2076bde319e961524a63ad6d8d209c193e0bb142bcd3e0
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 27 Sep 2022 00:44:22 GMT
ETag: "3c02c6af7b93212b75897ffad5122fe40a7f4e95"
Last-Modified: Fri, 23 Sep 2022 00:44:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2669
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efd59e3eb7b51b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f5ce824e05f86e34108304b02ca266dc
e92216e5ff38600dc275289b6f56693a25e8bd8c
d5023a8097b9bb21f475a80584c891df9bc8195ffa9f07f4da2d4da981937197
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:09:32 GMT
Expires: Wed, 28 Sep 2022 15:09:31 GMT
Etag: "e92216e5ff38600dc275289b6f56693a25e8bd8c"
Cache-Control: max-age=477195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74efd59df8780b49-OSL
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash c5afd353fb7a2f4a58d97320a8a5503b
8627533b17b5a0f80d638a44282d634f5396dfa3
a88afcfa5986a5a5784e6fa3d37218eda35c0593b6e92ebc4b8bf91aa56ee8a8
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 27 Sep 2022 00:42:45 GMT
ETag: "8627533b17b5a0f80d638a44282d634f5396dfa3"
Last-Modified: Fri, 23 Sep 2022 00:42:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3225
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efd59e7eeab51b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash e37a2c53f8ffa21d49665c140e063277
daf01f47af0ff23df77d5fc79c3c38ac253ad429
710e488ce9941ef09b0b01f30efadac145f1b8d9683e2c74fd80ab4d71255469
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:15 GMT
Last-Modified: Fri, 23 Sep 2022 01:55:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash c5afd353fb7a2f4a58d97320a8a5503b
8627533b17b5a0f80d638a44282d634f5396dfa3
a88afcfa5986a5a5784e6fa3d37218eda35c0593b6e92ebc4b8bf91aa56ee8a8
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 27 Sep 2022 00:42:45 GMT
ETag: "8627533b17b5a0f80d638a44282d634f5396dfa3"
Last-Modified: Fri, 23 Sep 2022 00:42:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3225
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efd59e9a77b4e8-OSL
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.2.157200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.2.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 9342207
expires: Tue, 28 Mar 2023 02:26:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59eaf30b4f7-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb8292eaf535efdadf3e202fce70f974
2667c0df5aafd57ea28a95c79d15b5aa5fc77c65
92d600148d38fbdaf3765ddfdf6019cc7009e965f0c9d2242dafc1a762d466af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D600148D38FBDAF3765DDFDF6019CC7009E965F0C9D2242DAFC1A762D466AF"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Fri, 23 Sep 2022 03:03:08 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash a73375f4c179d40af846ea0a520d2ab1
159c0240e9695e3309acf0582dc74adb4353e98d
7c48f13922c28191c428c2205e6ac10f74a96c81f3e4c484e07c89a959ce1134
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 00:50:45 GMT
ETag: "159c0240e9695e3309acf0582dc74adb4353e98d"
Last-Modified: Fri, 23 Sep 2022 00:50:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1360
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efd59f0b810b3d-OSL
nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
104.21.234.41200 OK 1.1 MB URL HTTP/2 nvhaaa.top/7d67cff6dd7d3196a8bd9d446a9d6fef.gif
IP 104.21.234.41:0
File type GIF image data, version 89a, 1070 x 80\012- data
Size 1.1 MB (1058705 bytes)
Hash 1c8ef0df174c2b2bc21b99e5833a86f5
be5a4efc232a53d5a3a7a49d9e8be6c318801a90
8ef47b086718806f2632e8dd77ea1727a5159627e7dcd318d104b41b887f7795
GET /7d67cff6dd7d3196a8bd9d446a9d6fef.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 1058705
last-modified: Tue, 12 Apr 2022 07:23:53 GMT
etag: "62552909-102791"
expires: Sat, 22 Oct 2022 05:52:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 74041
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AR%2B6sNoQGdEQh3S7uPjDQKHZIi1u6pI1CxQiWUqUhqlFNZz6TQvyIbIUUSYM5Qgm1VCPVFSLJ4vUa457FyKFgBogMIe3hhAV7A1u9z1FsZgoyufulCk%2FSzbeERC8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59e985cdc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
104.21.234.41200 OK 822 kB URL HTTP/2 nvhaaa.top/df11822f68788f03e4ae65f0f9390461.gif
IP 104.21.234.41:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 822 kB (822351 bytes)
Hash 5fafeed5312cb34497330261a2a652e0
cc170b2f99ef1b4dc3c3d94a1b2dd02d6a0e96cd
e45b9d175d68f4cdc41fb3e57a79425916797745ae527450ca946b744b9bffa2
GET /df11822f68788f03e4ae65f0f9390461.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 822351
last-modified: Fri, 26 Aug 2022 10:56:53 GMT
etag: "6308a6f5-c8c4f"
expires: Sat, 22 Oct 2022 16:15:22 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 36653
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FJjQbmfo%2BKZbz43Ebu9%2BBaN3USHwS%2FhFTP8ZwBxLr%2BjroCFBSqijmb6KWwitXGwGg7pI9jClBEUd3PWhPQ6BsC9D9QEh4Dx1q4AWI6xgocsmq75kjZYknveRs%2FJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59ea86ddc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 165efceb61fc4f69b4366aa085288dc8
7902de824726741ae9a6b36e3bd9f8b24d89a386
d0ba4211aa885f32f0401e8652abf2e6cc76eb6a75d61faa87d55ec0f342dc79
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D0BA4211AA885F32F0401E8652ABF2E6CC76EB6A75D61FAA87D55EC0F342DC79"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4070
Expires: Fri, 23 Sep 2022 03:34:05 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f5ce824e05f86e34108304b02ca266dc
e92216e5ff38600dc275289b6f56693a25e8bd8c
d5023a8097b9bb21f475a80584c891df9bc8195ffa9f07f4da2d4da981937197
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:09:32 GMT
Expires: Wed, 28 Sep 2022 15:09:31 GMT
Etag: "e92216e5ff38600dc275289b6f56693a25e8bd8c"
Cache-Control: max-age=477195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74efd59e3e2e0b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e273bf4a924ad85ca857c70aa04d0e1a
64ad4a18e96f6f7bea30b06ba0281943f0dd108d
f24bbefc0d6f0cde3ec13c3831ec952aa475be33138131efcb3732022bbb2ae9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:15 GMT
Server: ECS (amb/6BB6)
Content-Length: 280
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
172.67.170.228200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 172.67.170.228:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Fri, 30 Sep 2022 15:19:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1940786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quoHeZMfqgk%2F20uko8bOawJXUmmU3EgpB3yFpYbQXb9Uz0GxUBUhEI6Hq15lrsYg%2FtiGGl9UMGKVFjntN5tImZqW8Vm8%2B%2BpJ12KY47RPechlG8HqOs64E9Vpwybt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59fed67b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgtg.com/2022/05/19/hTEgx.gif
219.159.84.135503 Service Unavailable 596 B URL HTTP/2 i.imgtg.com/2022/05/19/hTEgx.gif
IP 219.159.84.135:0
ASN #137693 CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590), with no line terminators
Hash 144602000c2abdf785b91f3c1d3fde0c
2418e4390615e8a789dffef1c6833854a8ffedb6
62dd61bf2cc9e2136ec22e990638189f81c739b343fb5388fa69de0bacda72b0
GET /2022/05/19/hTEgx.gif HTTP/1.1
Host: i.imgtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 02:26:15 GMT
server: yunjiasu
set-cookie: __yjs_duid=1_1c145bc8708c1a6cc4f7a89e62ea36d21663899975563; expires=Sun, 22-Sep-24 02:26:15 GMT; Path=/; Domain=imgtg.com; HttpOnly; Secure
yjs-id: bb1955cb33313781-142
content-length: 596
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=823975952&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=31860&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F978%2Fviewspace-918.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=823975952&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=31860&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F978%2Fviewspace-918.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=823975952&si=87c1d2c8ee5238afa829fb93a48c6fb7&v=1.2.97&lv=1&sn=31860&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.hdlxw.com%2F978%2Fviewspace-918.html&tt=%E5%8D%97%E6%98%8C%E5%BD%A2%E5%BA%95%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 02:26:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5E72809A1C1C0794; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.78.249200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.78.249:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Fri, 23 Sep 2022 23:42:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2515445
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JffpPJDfWgH8Wd7MFxFl8aJzZTgioZMDBl%2Bx1IvmjJArIKouIgjaBrWqXjZEC%2F8xJE%2BF%2BxUqmiDfHbRXGA1EjsCD6YH3e7uPWNVtrYeUaVUoRv3xQENutCDGHcI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5a04aa60afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 0ebf3846185f51294f6224e23bc333b6
61cd5bf8ac4870f98eb37acfd19b3d0317d62d6b
91ba148707c843b4d6ca27a5f8ee4b041de4002404536bd2ea8dc49eb6e0d718
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=185
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
X-N: S
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 48e6e116cad3c2815f6a199d5798301c
5afe4ed9db9f8ac1375efbd7c4253582cdd92389
612dce5625c70d9c1f4767b624c7fea0c1cedb4b8772e833c68dae9de22ac869
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:15 GMT
Last-Modified: Fri, 23 Sep 2022 01:24:55 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.235.54200 OK 1.0 MB URL HTTP/2 acoossz.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.235.54:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: acoossz.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 22 Oct 2022 04:41:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 78281
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrqrTovTzQ91vErGXMTsy%2FCIFxqUrJKBP%2F460C01eNH%2FLTWyEvZOUmbL8vN2VfSrmmzH2BzeEDX5bCGw0mKfZbWmXVUfSpevoZhQ7XHIbEf44auAL8gtjb0fYjrjYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd59fe968dc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 165efceb61fc4f69b4366aa085288dc8
7902de824726741ae9a6b36e3bd9f8b24d89a386
d0ba4211aa885f32f0401e8652abf2e6cc76eb6a75d61faa87d55ec0f342dc79
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D0BA4211AA885F32F0401E8652ABF2E6CC76EB6A75D61FAA87D55EC0F342DC79"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4070
Expires: Fri, 23 Sep 2022 03:34:05 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e273bf4a924ad85ca857c70aa04d0e1a
64ad4a18e96f6f7bea30b06ba0281943f0dd108d
f24bbefc0d6f0cde3ec13c3831ec952aa475be33138131efcb3732022bbb2ae9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:15 GMT
Last-Modified: Fri, 23 Sep 2022 02:26:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48d3354195335700dd9fceb73db70d37
ca6286e11fdfa20d94fca8f50cf26df29e02d45e
eb54563bf6aa4bb93dc2fac0b342775c6fdcadf39bc3eb7e202238855f7ec290
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB54563BF6AA4BB93DC2FAC0B342775C6FDCADF39BC3EB7E202238855F7EC290"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18049
Expires: Fri, 23 Sep 2022 07:27:04 GMT
Date: Fri, 23 Sep 2022 02:26:15 GMT
Connection: keep-alive
www.niumo250.xyz/smbaidu/tpwz.js
104.233.145.173200 OK 287 kB URL HTTP/2 www.niumo250.xyz/smbaidu/tpwz.js
IP 104.233.145.173:0
Size 287 kB (286694 bytes)
Hash 40439955b7a7fc28b9292653235c1fc3
4345159c01051fc227058beeeb200e7b54e08ffb
b076003285383f80b90f35abfa412715824fd116e9e5d49eb050dbc9343fc0ad
GET /smbaidu/tpwz.js HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 03:09:27 GMT
vary: Accept-Encoding
etag: W/"631173e7-5a8"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
47.246.44.227200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 09 Sep 2022 12:52:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 12:36:51 GMT
nw-session-id: 202209092036500102120750882371BE55ws9ph03dy
nw-session-trace: 2022-09-09T20:36:51.042624887+08:00 134
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 20:36:51 GMT
x-tt-logid: 202209092036500102120750882371BE55
via: n150-050-027, cache2.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017e264c470a200c75817d19215f4f0c4d0c8fe4cd833078a3f0c923d0a53a9f07ec897dc1eeece2414131fc93f86377bc0ecb7a9a69ed94bc789d2202a9035b0ca00f56ecb22ede539d03b4ac81b2968e5922b058dc71ca04727c531b7e170b9e
x-response-lb: image
ali-swift-global-savetime: 1662727978
age: 1171997
x-cache: HIT TCP_MEM_HIT dirn:1:432103962
x-swift-savetime: Fri, 09 Sep 2022 13:44:21 GMT
x-swift-cachetime: 31532917
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516638999758351555e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 230e4b959db13554876e4feff605070c
714f71ae6d8cf918e7a13ba95c927c922a878c45
26e7dd19cc499ff3409a2683fb5be2c2c2cb65db642c7bab21acea159b32ccef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:26:15 GMT
Server: ECS (amb/6B99)
Content-Length: 279
p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
47.246.44.227200 OK 716 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 716 kB (716414 bytes)
Hash ba75613bba3b42a68c22abef0e8befee
4e6565415bc8cf1c377c152e75af5095c0ad50b3
9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
GET /obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 716414
date: Thu, 22 Sep 2022 10:13:10 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 22 Sep 2022 05:58:11 GMT
nw-session-id: 202209221358110101420440184D62512328rjz02dy
nw-session-trace: 2022-09-22T13:58:11.331918574+08:00 73
x-bdcdn-cache-status: TCP_HIT
x-length: 716414
x-powered-by: ImageX
x-response-date: Thu, 22 Sep 2022 13:58:11 GMT
x-tt-logid: 202209221358110101420440184D625123
via: n131-120-016, cache12.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache7.se1[0,0,200-0,H], cache1.se1[0,0]
x-request-ip: fdbd:dc03:15:294::79
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=0
x-tt-trace-host: 01b7f3c1d98ab64c6559e735b336eaf4373a1315e849f6633dbe5df0538c9eff1ae8d3c4d4ae3ee90ddf42f1fd002ae8c1f174537ebd9145bceb205f353a90095ebc1930cb5d3ddda81392fa1f8a5ace8233a75622cdba49ba7c1fd73fdc4ed7ce
x-response-lb: image
ali-swift-global-savetime: 1663841590
age: 58385
x-cache: HIT TCP_MEM_HIT dirn:3:33075554 mlen:0
x-swift-savetime: Thu, 22 Sep 2022 20:01:42 GMT
x-swift-cachetime: 31500688
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516638999758401559e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 315a3a2ad229e70a2e59f1694dceedac
a830f9182c23a23ef3bde944fe5299fc110e0f5b
5f4d6e67b6aa6b9544dd6666af0e9603c99052ac44a9878eaf58d8255d030cea
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 14:47:47 GMT
Expires: Wed, 28 Sep 2022 14:47:46 GMT
Etag: "a830f9182c23a23ef3bde944fe5299fc110e0f5b"
Cache-Control: max-age=475890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74efd5a19f3e0b55-OSL
hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?43710706cbe9431ef5bccf7937e9a282
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 71845543c1cc8b43d05c9192d5e2d41d
527c19482c81a19e79c210520740a44cf438bb1d
b8971ca0cfb18e145d4243384523f51f6a02bd6a7efdca6ecab70b9d6c1ccac3
GET /hm.js?43710706cbe9431ef5bccf7937e9a282 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 02:26:15 GMT
Etag: d04059f8a973bdff6e95ed17be8afea0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=02C8FE306A2D72CD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6ba00aee1c6f6995f8231178f4910fb7
c7e9d8eca446e622d0ab5fbfa9b34894bb6b34de
aae590460584fa4776d45019078449f00b3b219b182d4241e93392a1f9b167df
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 18:43:02 GMT
Expires: Tue, 27 Sep 2022 18:43:01 GMT
Etag: "c7e9d8eca446e622d0ab5fbfa9b34894bb6b34de"
Cache-Control: max-age=403605,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74efd5a079370b49-OSL
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.189.203200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.189.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:16 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 12 Oct 2022 23:28:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 874689
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4%2BrH5sibmKi96Y3t6ZaE78w3Obo%2FYIQqLnfQItpLlSkRK20ZZSXptvUdhqAdTU3nuLjLRPG0rbiPJr7rDoVSsdgjEofNms5gg2kIFq7e72a1dJoor4%2FAcWiSuMSrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5a208d9b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u0062.com/86b4c5b5e42b447492665532b841e916.gif
20.239.175.74200 OK 106 kB URL HTTP/1.1 u0062.com/86b4c5b5e42b447492665532b841e916.gif
IP 20.239.175.74:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /86b4c5b5e42b447492665532b841e916.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:23:35 GMT
ETag: W/"63075bb7-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
3p8801.co/hg960x60.gif
137.175.35.2200 OK 139 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (138679 bytes)
Hash f0f206683c8403cc9c134ed746fa4aa2
6d0059005833ac269f9a33b50a87ed96529d0f71
bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
GET /hg960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 02:28:36 GMT
content-type: image/gif
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Sun, 23 Oct 2022 02:28:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzecc.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: text/html
content-length: 162
location: https://acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.niumo250.xyz/nmwys.png
104.233.145.173200 OK 3.1 kB URL HTTP/2 www.niumo250.xyz/nmwys.png
IP 104.233.145.173:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c4f6da5de1ddf7ffca4ee7cc225ba289
cfa06b659af9f61b8417ae3e8ce2efd551802342
3a70767871d1cad0904f906f3d56b6d217ebbbe7875d4d8bb9766288db484352
GET /nmwys.png HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: image/png
content-length: 3079
last-modified: Tue, 02 Nov 2021 14:02:30 GMT
etag: "618144f6-c07"
expires: Sun, 23 Oct 2022 10:35:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/3p960x60.gif
137.175.35.2200 OK 310 kB IP 137.175.35.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310536 bytes)
Hash 25791847d9df13fa1bcd1c1c232449cd
b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
GET /3p960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 02:28:36 GMT
content-type: image/gif
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Sun, 23 Oct 2022 02:28:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
20.239.190.150200 OK 212 kB URL HTTP/1.1 n0399.com/4dc8a9a095164a58ae027ed2099e327b.gif
IP 20.239.190.150:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212090 bytes)
Hash 7748134fdc0cc1835a47a2e1f3f3f18e
45c533fb73f4d6cc4f882fdaa1bf8c7cf72c6cb6
ae6f83fd285258413481d2a4a15128dd099e1369bc01b35ec35f33784ef59627
GET /4dc8a9a095164a58ae027ed2099e327b.gif HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:36:59 GMT
ETag: W/"632443bb-3f4d0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f8edc16a50f5cc246a136fd3f13d89c4
659411b9bc83a6df7114364450a40be6f1cc571e
155484982e14927afc9ac8c495a6b34f7fd622d1c20b25b0be7e0bf9973123fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "155484982E14927AFC9AC8C495A6B34F7FD622D1C20B25B0BE7E0BF9973123FB"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8232
Expires: Fri, 23 Sep 2022 04:43:28 GMT
Date: Fri, 23 Sep 2022 02:26:16 GMT
Connection: keep-alive
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
120.52.95.235200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 120.52.95.235:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 4097249
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HElangfang-AREACUCC1-CACHE8[3],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
104.233.145.173200 OK 43 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 7158d382ad21d9ccfd8eead56c959d66
2fb19e55730069f4c79ff1c5d05361beaedb837d
496a295986423be84a34ba151a2622f9747280870e5e071cdb8e96a930004311
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f369.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 43144
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-a888"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
api.nmw43.com/news/data.php
104.233.148.41200 OK 1.0 MB URL HTTP/2 api.nmw43.com/news/data.php
IP 104.233.148.41:0
Size 1.0 MB (1020138 bytes)
Hash 4dd55d6092c1df6ab098fbd03c75318e
706ddd62764bd056307abe0aa2a6da36beae2ea6
d5cdfe2776fbbdcf0ce4af21508da1372940bc6a5ce4e6978bd82a23a4c3a734
GET /news/data.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hdlxw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
104.21.235.95200 OK 344 kB URL HTTP/2 acooss.com/663d42dc51a936e71b4bb8eb8abc7a30.gif
IP 104.21.235.95:0
File type GIF image data, version 89a, 760 x 120\012- data
Size 344 kB (344389 bytes)
Hash 9b9197e5f4b115bb7f8dfa5436520983
0771ff5effa52abfe6e65d0e97b8d44d45331b69
027b0cfb47bcaeed57109496240ecec8a7655340d0f6ba43ba1f66494ce50116
GET /663d42dc51a936e71b4bb8eb8abc7a30.gif HTTP/1.1
Host: acooss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.niumo250.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 02:26:16 GMT
content-type: image/gif
content-length: 344389
last-modified: Tue, 06 Sep 2022 14:11:07 GMT
etag: "631754fb-54145"
expires: Sun, 23 Oct 2022 02:26:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDzX8ektWIX51mewoJsqaR54zj9PrecInxr0k1GhEa%2Fukp83LSfn6fOerQqEdPfN1nyubJTSoMoyjoP5PiGtfSf66pQPiC6jhnywVX75iQ6aLWCgDevxx1195ovp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efd5a3f98d7698-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=25243624&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=31860&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo250.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=25243624&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=31860&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo250.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=25243624&si=43710706cbe9431ef5bccf7937e9a282&su=https%3A%2F%2Fapi.nmw43.com%2F&v=1.2.97&lv=1&sn=31860&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.niumo250.xyz%2F&tt=%E7%89%9B%E9%AD%94%E7%8E%8B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 02:26:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=429EDE9EF177A2BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.niumo250.xyz/static/fonts/voltaire.woff
104.233.145.173404 Not Found 7.5 kB URL HTTP/2 www.niumo250.xyz/static/fonts/voltaire.woff
IP 104.233.145.173:0
Hash b1b97c7218f72f6c6207b004c5526465
04196b212d8d5577b775ff8009730ddc224a2138
4eef0aa8e50e8d50692d0327d558854ffc33636da3b3b4fb72f92cb10844103c
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=psthl88rllopaleesiaad1qpub; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
104.233.145.173200 OK 49 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 120 x 67\012- data
Hash 78a02b99ca3eb77d58cc29b7ea8c5b44
ae9eacd27376b835f6b257006f0efc1da8e813b6
f3a5cdd0d6a1b5468b8e099b46b6c9e71c03ecb2fc4da7a1c51c545eeb82e6ad
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3610.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 48771
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-be83"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
45.89.208.114200 OK 87 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 702x362, components 3\012- data
Hash 24bc97fc292abfb998335fbe9ab3005a
4d1ffc237be727ce60288252da2032dd664ed2bd
0b774ca4206eac5ce088ed726095037a88daa43de242735b6dff30226a12e865
GET /upload/vod/20210912-1/46cc1c6f16800e0244070b702db4155e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: image/jpeg
Content-Length: 87395
Last-Modified: Thu, 11 Aug 2022 04:54:41 GMT
Connection: keep-alive
ETag: "62f48b91-15563"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 221d30edf53986991530c8d3b08f5203
a20d09b7b9a54d8cf65d985774bfbb11079086e2
f662a07640f498bd49df2bd04a61d0779ce57729421c7b8904da86dcb10dcfaf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 02:26:16 GMT
Ali-Swift-Global-Savetime: 1663899976
Via: cache4.l2de2[276,275,200-0,M], cache4.l2de2[276,0], cache8.se1[297,297,200-0,M], cache8.se1[298,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 23 Sep 2022 02:26:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16638999761094751e
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
104.233.145.173200 OK 25 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 120 x 68\012- data
Hash e99e5136d08f943258e8a22242313708
016ee703fd158c9b7e5bfe258664f6bda26d937b
5c4195e4fe1eead615d18c34c5c85c3402378b4735c599506c45281dc5c83212
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f3611.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 25278
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-62be"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f8edc16a50f5cc246a136fd3f13d89c4
659411b9bc83a6df7114364450a40be6f1cc571e
155484982e14927afc9ac8c495a6b34f7fd622d1c20b25b0be7e0bf9973123fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "155484982E14927AFC9AC8C495A6B34F7FD622D1C20B25B0BE7E0BF9973123FB"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8232
Expires: Fri, 23 Sep 2022 04:43:28 GMT
Date: Fri, 23 Sep 2022 02:26:16 GMT
Connection: keep-alive
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.177.104200 OK 304 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.177.104:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 304 kB (304285 bytes)
Hash 230cbf723011f9f91ccc4214312245d0
55184e10225ead4ef852ec40dbb140e52552b38f
1b67ae25d6213db18947e1f8e42bc4f7dc02ae41bf7941c73395c79741870236
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: image/gif
Content-Length: 304285
Connection: keep-alive
x-oss-request-id: 632D19479BB92033334D6FF7
Accept-Ranges: bytes
ETag: "230CBF723011F9F91CCC4214312245D0"
Last-Modified: Mon, 19 Sep 2022 11:04:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10033225339777913705
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Iwy/cjAR+fkczEIUMSJF0A==
x-oss-server-time: 3
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 221d30edf53986991530c8d3b08f5203
a20d09b7b9a54d8cf65d985774bfbb11079086e2
f662a07640f498bd49df2bd04a61d0779ce57729421c7b8904da86dcb10dcfaf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 02:26:16 GMT
Ali-Swift-Global-Savetime: 1663899976
Via: cache17.l2de2[491,490,200-0,M], cache17.l2de2[491,0], cache1.se1[513,513,200-0,M], cache1.se1[515,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 23 Sep 2022 02:26:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516638999761701866e
collect-v6.51.la/v6/collect?dt=4
139.9.63.194403 Forbidden 0 B URL HTTP/2 collect-v6.51.la/v6/collect?dt=4
IP 139.9.63.194:0
ASN #55990 Huawei Cloud Service data center
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 370
Origin: https://www.niumo250.xyz
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Fri, 23 Sep 2022 02:26:16 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.niumo250.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
103.170.15.98200 OK 219 kB URL HTTP/1.1 95865127529.com/fd1d4490b68648e2ba933a8a6394fb13.gif
IP 103.170.15.98:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 128 x 128\012- data
Size 219 kB (218557 bytes)
Hash 4dea2422e271cea76f0e1129e96a4ab7
5c24ffa9522829ba0c163284f74a60815336c084
d3edbddff31ba83b46fef890e2e6bfd8308e909581de17000b95921d12230036
Analyzer Verdict Alert quad9 Sinkholed
GET /fd1d4490b68648e2ba933a8a6394fb13.gif HTTP/1.1
Host: 95865127529.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6329479d-355bd"
Date: Wed, 21 Sep 2022 14:37:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 20 Sep 2022 04:54:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-28
Content-Length: 218557
vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
103.189.108.99200 OK 237 kB URL HTTP/2 vbutjg.com/689ee8f2d76b43839d2db40201c1487a.gif
IP 103.189.108.99:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /689ee8f2d76b43839d2db40201c1487a.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e852-39cbe"
server: nginx
date: Sun, 28 Aug 2022 06:52:42 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:48:02 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-089
content-length: 236734
X-Firefox-Spdy: h2
vbutjg.com/ae707788dc584176a6227a0adb594665.gif
103.189.108.99200 OK 445 kB URL HTTP/2 vbutjg.com/ae707788dc584176a6227a0adb594665.gif
IP 103.189.108.99:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /ae707788dc584176a6227a0adb594665.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c304ca-6cad4"
server: nginx
date: Wed, 24 Aug 2022 09:11:55 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:18:34 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-089
content-length: 445140
X-Firefox-Spdy: h2
885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
47.75.19.14200 OK 94 kB URL HTTP/1.1 885841.com/8f2a8ec30bfc478abefd69fe3ff8bbeb.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 200\012- data
Hash be67baa9c715136dff120d9645435ea0
c3326ce07fdd64f6e1538d539cfcb60a6bad5fa1
f010c0663ac0e8e9179459c11c8496a73411ed4f99b361868221c4de73e0563a
GET /8f2a8ec30bfc478abefd69fe3ff8bbeb.gif HTTP/1.1
Host: 885841.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 23 Sep 2022 02:26:16 GMT
Content-Type: image/gif
Content-Length: 94436
Connection: keep-alive
x-oss-request-id: 632D19487E084E3236A5C772
Accept-Ranges: bytes
ETag: "BE67BAA9C715136DFF120D9645435EA0"
Last-Modified: Fri, 26 Aug 2022 12:05:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2209351752192578304
x-oss-storage-class: Standard
Content-MD5: vme6qccVE23/Eg2WRUNeoA==
x-oss-server-time: 1
p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
43.129.255.47200 OK 177 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 200\012- data
Size 177 kB (177086 bytes)
Hash be83c16833e7818983eb893bfd657c71
0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 23 Sep 2022 02:26:16 GMT
content-type: image/gif
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 30856 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 06e9f798-2a7f-46a3-bd82-25689c0c51d8
X-Firefox-Spdy: h2
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
47.75.19.83200 OK 1.1 MB URL HTTP/1.1 tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
IP 47.75.19.83:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1071505 bytes)
Hash d71a0585aedaa3ec4afda6baec03ac6b
ad3a590c022e5d82b43efc4b9f159eb6598c4890
6bfb388b33c1e444ca7382fceadf93b83a753f7ff0c4c960f7b142732ac28cd8
GET /huazidongtu/hybbff.gif HTTP/1.1
Host: tupaiyy.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: image/gif
Content-Length: 1071505
Connection: keep-alive
x-oss-request-id: 632D1947D0409B3438B1CCC1
Accept-Ranges: bytes
ETag: "D71A0585AEDAA3EC4AFDA6BAEC03AC6B"
Last-Modified: Mon, 04 Jul 2022 07:26:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7665046247320685581
x-oss-storage-class: Standard
Content-MD5: 1xoFha7ao+xK/aa67AOsaw==
x-oss-server-time: 2
www.niumo250.xyz/images/st1dfgtr5thfhyg.gif
104.233.145.173200 OK 870 kB URL HTTP/2 www.niumo250.xyz/images/st1dfgtr5thfhyg.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 870 kB (870065 bytes)
Hash 54ad8f07ce3eed670382405ba4cf2de1
d77c7807c8ab1ae037bfe1d8b582de43627ca72a
43b693ad72ca231e102a0cc0944dcffd297b3801b687097bccf5a0c459761e80
GET /images/st1dfgtr5thfhyg.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: image/gif
content-length: 870065
last-modified: Wed, 03 Nov 2021 10:48:28 GMT
etag: "618268fc-d46b1"
expires: Sun, 23 Oct 2022 10:35:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
104.233.145.173200 OK 35 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 788b44c904a7b3a60753805c4763385a
b1f2664a0e3259acd09324e70d41dc0901cc6a8c
bcde8e39467e6c7540e7c1606161eea9a61e860f90616a0e05b6d0d2db0b86e1
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f366.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 34559
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-86ff"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
104.233.145.173200 OK 60 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 93 x 93\012- data
Hash f67f3fb7d26af08cbdbe525989533842
377a275103355b2d73aebc75e70dac34d13089a0
26243e5e8c3876779c6da5b824cb50db7724df70eb0630a14d5a8435bb802ea5
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f367.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 59550
last-modified: Sun, 29 May 2022 19:29:15 GMT
etag: "6293c98b-e89e"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/static/images/empty.jpg
104.233.145.173200 OK 13 kB URL HTTP/2 www.niumo250.xyz/static/images/empty.jpg
IP 104.233.145.173:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty.jpg HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:44:18 GMT
etag: "6183d5a2-32a3"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
119.28.164.142403 Forbidden 494 B URL HTTP/2 s.pc.qq.com/tousu/img/20211016/1690343_1634319306.jpg
IP 119.28.164.142:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type XML 1.0 document text\012- XML document, ASCII text
Hash a78c689f0a668a0226930c8dd3141c25
1dd5b5a1634ec6a56e2777d94658b22d7ae2a645
ff37123442cf82cb034377ebb1ce26f54040f7ed769eec8b5f62086786bd967e
GET /tousu/img/20211016/1690343_1634319306.jpg HTTP/1.1
Host: s.pc.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Fri, 23 Sep 2022 02:26:17 GMT
server: tencent-cos
x-cos-request-id: NjMyZDE5NDlfNzMzNTQwMGJfMWM5OTFfMjYyNzA0NQ==
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTQyYWVlY2QwZTk2MDVmZDQ3MmI2Y2I4ZmI5ZmM4ODFjM2NjYTQwYmE0ZDFhOThhMDFlYTNiMTVjOWRkYjZjNTg=
content-length: 494
x-nws-log-uuid: 16302862092760757046
x-cache-lookup: Cache Miss, Hit From Inner Cluster
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
104.233.145.173200 OK 111 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f368.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 29 May 2022 19:29:16 GMT
etag: "6293c98c-1b020"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
43.129.255.47200 OK 989 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 481 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: ae5aa77e-5e8e-472c-8d5b-e81e85697ae8
X-Firefox-Spdy: h2
www.niumo250.xyz/static/images/empty_288_144.jpg
104.233.145.173200 OK 13 kB URL HTTP/2 www.niumo250.xyz/static/images/empty_288_144.jpg
IP 104.233.145.173:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:11:04 20:37:31], baseline, precision 8, 220x124, components 3\012- data
Hash 01c8a475aee5f8d54e4d8c738f0321a8
1f8d7344c8e70c1486b221cfd3a4e01e6bb2f456
d6b469f959e9b0bfdf3bab6217d8ab6721979c7ebe53354daa92a5d68c51bac4
GET /static/images/empty_288_144.jpg HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: image/jpeg
content-length: 12963
last-modified: Thu, 04 Nov 2021 12:48:12 GMT
etag: "6183d68c-32a3"
expires: Sun, 23 Oct 2022 10:35:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
43.129.255.47200 OK 689 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 23 Sep 2022 02:26:15 GMT
content-type: image/gif
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 53661 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: f8d8d5d8-7fc5-4fcc-92b2-7253548b825f
X-Firefox-Spdy: h2
www.niumo250.xyz/images/stvf4grh65uh54y.gif
104.233.145.173200 OK 996 kB URL HTTP/2 www.niumo250.xyz/images/stvf4grh65uh54y.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 996 kB (995865 bytes)
Hash da5a2026b6a8c6997730b1859156940e
b949833727e7a7f15dcb010ab6c6535cecbe887a
908e5d945ea40a559bca4e264f1dcf99dac74acb2aa4143c6729f65e6df8fe30
GET /images/stvf4grh65uh54y.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: image/gif
content-length: 995865
last-modified: Wed, 03 Nov 2021 10:48:32 GMT
etag: "61826900-f3219"
expires: Sun, 23 Oct 2022 10:35:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
104.233.145.173200 OK 73 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f361.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-11e07"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/dbhf.gif
104.233.145.173200 OK 137 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/dbhf.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 137 kB (137392 bytes)
Hash a112d6f3413ecd31e05d8176fe9d3f6d
0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
GET /images/ggzz/dbhf.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 137392
last-modified: Sun, 29 May 2022 19:06:59 GMT
etag: "6293c453-218b0"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/4fdgg564gfhty5tuhj7juy.gif
104.233.145.173200 OK 126 kB URL HTTP/2 www.niumo250.xyz/images/4fdgg564gfhty5tuhj7juy.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash e86de06f8c93e02c163b9e45cf045302
d42a58caef024c080f8795ad3d293e603d88cf68
5316b4ca479247e3b8798655adddd4765941fe3ad1b6e142a247c6c64b3f2c18
GET /images/4fdgg564gfhty5tuhj7juy.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: image/gif
content-length: 125587
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-1ea93"
expires: Sun, 23 Oct 2022 10:35:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
104.233.145.173200 OK 315 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 315 kB (315353 bytes)
Hash f229ea053aaab196bd2ea447d1ee923f
eae25a4c913493bd52582072605b4fd1b22881ca
bc23d42f60fca9a58f1f646ad67b18a56efdee957ea3ff375a899b626589cd16
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f363.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 315353
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-4cfd9"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
104.233.145.173200 OK 410 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 433 x 324\012- data
Size 410 kB (410363 bytes)
Hash f2662d05c24a292ddb03b9c71a2153b8
dee79546fd807466fb00c7530208ea8e425f153f
2700b6729723bd000401e00e177677b2b99b45c43ea0d2d1508b36c0ebe72b93
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f365.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 410363
last-modified: Sun, 29 May 2022 19:29:14 GMT
etag: "6293c98a-642fb"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/4dfsdadsd5ghrt5.gif
104.233.145.173200 OK 411 kB URL HTTP/2 www.niumo250.xyz/images/4dfsdadsd5ghrt5.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 310 x 150\012- data
Size 411 kB (411269 bytes)
Hash e677fef93938e45f94dbdac40dcbe2ee
661f58d604341a3aaeacdb061e105cf88c5a4219
0f3ee208963c41dc1f36259f395e793a7e328aa7ab7a4a924df4d88323284047
GET /images/4dfsdadsd5ghrt5.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: image/gif
content-length: 411269
last-modified: Wed, 03 Nov 2021 10:48:26 GMT
etag: "618268fa-64685"
expires: Sun, 23 Oct 2022 10:35:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
104.233.145.173200 OK 551 kB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 448 x 334\012- data
Size 551 kB (551040 bytes)
Hash 5d9adfd1d61947b95a43f5cbc62799b0
739ce4b2ce498c91f1276bc8778683135ff40ee1
e27ab4fb801faf726c53b004de4dbd2538614ebf6dd3f319092633f88eac975a
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f364.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 551040
last-modified: Sun, 29 May 2022 19:29:13 GMT
etag: "6293c989-86880"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
104.233.145.173200 OK 1.3 MB URL HTTP/2 www.niumo250.xyz/images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif
IP 104.233.145.173:0
File type GIF image data, version 89a, 488 x 750\012- data
Size 1.3 MB (1270430 bytes)
Hash 6584d7e2c9ae0dab3612c8234168231a
1c807860eba7aa8af874eeb9063f667c9951c309
a482c42a995806e7d2371a9410ace65918be8522f40e36c0f5fb9c20124bb5f7
GET /images/ggzz/xiazai/6ce732040d4d9750ef120f2a4221f362.gif HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: image/gif
content-length: 1270430
last-modified: Sun, 29 May 2022 19:29:12 GMT
etag: "6293c988-13629e"
expires: Sun, 23 Oct 2022 10:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.167200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.167:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 23 Sep 2022 02:26:15 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 632D194722C82A3237C7442D
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Thu, 15 Sep 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgICkqI_.mRgiIGMyOGU5YjM3M2Y5OTQ2N2M4NzA0MDg4OTQ3ZTBhMTNl
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 2
www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/style.css
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/style.css
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/style.css HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 18:30:54 GMT
vary: Accept-Encoding
etag: W/"6211375e-5602"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x953.xyz/images/631b3345b62b4063cbda492f.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.x953.xyz/images/631b3345b62b4063cbda492f.gif
IP 23.225.222.2:0
GET /images/631b3345b62b4063cbda492f.gif HTTP/1.1
Host: img.x953.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/826a7fe5107a44b79ef403b2c94a2514
cache-control: max-age=3600
X-Firefox-Spdy: h2
9191919199.com//960x60-2.gif
137.175.12.178200 OK 0 B URL HTTP/2 9191919199.com//960x60-2.gif
IP 137.175.12.178:0
GET //960x60-2.gif HTTP/1.1
Host: 9191919199.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 02:27:43 GMT
content-type: image/gif
expires: Sun, 23 Oct 2022 02:27:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.nmw43.com/news/api.php
104.233.148.41200 OK 0 B URL HTTP/2 api.nmw43.com/news/api.php
IP 104.233.148.41:0
GET /news/api.php HTTP/1.1
Host: api.nmw43.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.nmw43.com/news/data.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
23.225.228.34302 Found 0 B URL HTTP/2 img.x971.xyz/images/6319d98e178bb5a0f9388071.gif
IP 23.225.228.34:0
GET /images/6319d98e178bb5a0f9388071.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ef8491f337f44698b674a41f84178988
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.niumo250.xyz/smbaidu/tj.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo250.xyz/smbaidu/tj.js
IP 104.233.145.173:0
GET /smbaidu/tj.js HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:40:36 GMT
vary: Accept-Encoding
etag: W/"632a1734-bc8"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/jquery.autocomplete.js HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/jquery.base.js
IP 104.233.145.173:0
GET /template/RX@04dgr@r/static/niumowang/jquery.base.js HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:10 GMT
vary: Accept-Encoding
etag: W/"61554e6e-1917"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo250.xyz/smbaidu/dibu.js
104.233.145.173200 OK 0 B URL HTTP/2 www.niumo250.xyz/smbaidu/dibu.js
IP 104.233.145.173:0
GET /smbaidu/dibu.js HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.niumo250.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:35:19 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 00:27:20 GMT
vary: Accept-Encoding
etag: W/"6292bde8-531d"
expires: Fri, 23 Sep 2022 22:35:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.niumo250.xyz/static/fonts/voltaire.woff
104.233.145.173404 Not Found 0 B URL HTTP/2 www.niumo250.xyz/static/fonts/voltaire.woff
IP 104.233.145.173:0
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.niumo250.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.niumo250.xyz/template/RX@04dgr@r/static/niumowang/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 23 Sep 2022 10:35:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=j6hddbhd81nu43sn9k989sc7ra; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2