real-estate-guide.net/real-estate/county/2027/allen-county/
192.74.232.161 0 B URL User Request GET real-estate-guide.net/real-estate/county/2027/allen-county/
IP 192.74.232.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /real-estate/county/2027/allen-county/ HTTP/1.1
Host: real-estate-guide.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 May 2024 19:43:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
www.real-estate-guide.net/real-estate/county/2027/allen-county/
192.74.232.161 781 B URL User Request GET www.real-estate-guide.net/real-estate/county/2027/allen-county/
IP 192.74.232.161:0
File type JavaScript source, ISO-8859 text, with CRLF line terminators
Hash 481e0b2c1bb8331b3b7ce41c436450f8
5b04ae2c3e7dec323b87e24912c25decc05f1a72
31706ee2071a7a10e63ea46406a062944f9932455c79bf45818fa545443846ff
GET /real-estate/county/2027/allen-county/ HTTP/1.1
Host: www.real-estate-guide.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 19:43:38 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive
www.real-estate-guide.net/common.js
192.74.232.161200 OK 1.2 kB URL GET HTTP/1.1 www.real-estate-guide.net/common.js
IP 192.74.232.161:80
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
File type JavaScript source, ASCII text, with very long lines (523), with CRLF line terminators
Hash dfbfbf732056f399b726e25d4ff6782e
5b676413483b544df15186312f5781dde28c9b4b
cf9fdbcbe72f9cf16b73f6976ab772ec03ad5ffc38361bc64d9e4a3b41286d45
GET /common.js HTTP/1.1
Host: www.real-estate-guide.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 19:43:39 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.real-estate-guide.net/tj.js
192.74.232.161200 OK 520 B URL GET HTTP/1.1 www.real-estate-guide.net/tj.js
IP 192.74.232.161:80
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 10d0081caea92045a2d8ec58cfd22135
c335b48fe666e065236ad2a3a1933e745e6fb881
d7ffebcfd47e1bb7fc454d1db772231ba69f2adc52daec0195ae7ccdc7505a91
GET /tj.js HTTP/1.1
Host: www.real-estate-guide.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 19:43:39 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.real-estate-guide.net/favicon.ico
192.74.232.161200 OK 1.2 kB URL GET HTTP/1.1 www.real-estate-guide.net/favicon.ico
IP 192.74.232.161:80
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.real-estate-guide.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 19:43:39 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 09 May 2024 19:43:39 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
107.149.199.61:38689/
107.149.199.61200 OK 10 kB IP 107.149.199.61:38689
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash ebcc01ae5545d4fa23b97a7ffca9d7df
336312cb60f279ed4125f1278ebd832f017935b4
f9d40ba7eb0a7c383d82895c756aeabde2ecb35eff3f6dd8ab39b69765fc2047
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 10331
content-type: text/html; charset=utf-8
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/css/ate.css
107.149.199.61200 OK 4.5 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/css/ate.css
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 507a51f8b1d147fcf60eb2a898690259
e630900e6a1a0434719c5bdaf655362313e7e33c
9a9afeb3b64f2b7ccce5b842929a2fed579e24450e6c436386e7956b2de8e12a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:10 GMT
etag: "126e5-5e5ddfa188f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4527
content-type: text/css
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/tb.js
107.149.199.61200 OK 642 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/tb.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 53489b3d1fa66d68fe0ee072a96fc068
371206feb45b28948ec1421ee98167da3c1f163f
4ddf16680300e85cf1047834f92c2ef42f9bb94fca6fbeac3732acdf00618646
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/tb.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 11:46:14 GMT
etag: "983-617772674cd80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 642
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?847af9a77c3034320368789b70e9d230
111.45.3.198200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?847af9a77c3034320368789b70e9d230
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (616)
Hash bb571d7c047e8a248de2883d060f100c
1da11e0dc9f9886e5b1999f13a57a8deb6ac208c
0a4604bd10a4f9a28cfa698655bbd328a946a4918884d093667dfd3eb74a679c
GET /hm.js?847af9a77c3034320368789b70e9d230 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Sat, 04 May 2024 19:43:42 GMT
Etag: ddfd505ad875b68aa90eef361f2d953d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4E3AB9D02530EB4B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.hgimg01.com/upload/vod/20240429-1/aaf81a45fdb17175a269cf46d0b824c0.jpg
89.105.195.71200 OK 70 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/aaf81a45fdb17175a269cf46d0b824c0.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 958x535, components 3
Hash d91aaef76b415c957ab512661845adbf
55447b26cfc9406c1aa846447ff52ff76195b62d
8a691b4f48c910e20ad23835eaff1f55f2db3e3f90624bce6c047dcfe0f68dbf
GET /upload/vod/20240429-1/aaf81a45fdb17175a269cf46d0b824c0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 69993
last-modified: Mon, 29 Apr 2024 13:25:41 GMT
etag: "662f9fd5-11169"
expires: Wed, 29 May 2024 13:25:51 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/a6404d101ff39b52b5c2f2887a5e302f.jpg
89.105.195.71200 OK 65 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/a6404d101ff39b52b5c2f2887a5e302f.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 957x535, components 3
Hash 788db8a1824a3fc116c5f7ab2ae026b6
888440e59b2f4e87a176fc2caed2048c8e2eeba6
1669db38c4de240e7658caa58d40d962aeb286c497356d71fbd011f9f8618774
GET /upload/vod/20240429-1/a6404d101ff39b52b5c2f2887a5e302f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 65444
last-modified: Mon, 29 Apr 2024 13:25:34 GMT
etag: "662f9fce-ffa4"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/9fffd720ef6f58748136fac192edcf7d.jpg
89.105.195.71200 OK 60 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/9fffd720ef6f58748136fac192edcf7d.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 720x400, components 3
Hash 554c86b5a46fe7f5d32d1948a25dca1d
679708c9c4be46930824ef69ecabe388d3581f08
f608bfe1ac43f79a422e9aca6728e33f1668fc4a2b41a04c1f46833ba1d164e0
GET /upload/vod/20240429-1/9fffd720ef6f58748136fac192edcf7d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 60092
last-modified: Mon, 29 Apr 2024 13:25:29 GMT
etag: "662f9fc9-eabc"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/9bb4f4fdb8b7111323f2e2a2ff3ab437.jpg
89.105.195.71200 OK 57 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/9bb4f4fdb8b7111323f2e2a2ff3ab437.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 718x402, components 3
Hash 347b0ceb2689591a2c8d64780fce8234
5d58ce0c3e95a208a7f52071fb1020799524f3f1
09d7129fd62a2cd452736816c433979ca66da99749bbb8623b80b3416cc4c143
GET /upload/vod/20240429-1/9bb4f4fdb8b7111323f2e2a2ff3ab437.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 57234
last-modified: Mon, 29 Apr 2024 13:25:28 GMT
etag: "662f9fc8-df92"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/b98a2b8593e3e95935bd35a3d53046cf.jpg
89.105.195.71200 OK 45 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/b98a2b8593e3e95935bd35a3d53046cf.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3
Hash d48cb51e8d8ece9095e1a6558b32d3d7
fdf8c7ecfcaeda3ea5fe2674d675f4b346138985
4648c209e9198312d6434acb9103ac571fb8daabdb8b320d8ee93b44a6d709dc
GET /upload/vod/20240504-1/b98a2b8593e3e95935bd35a3d53046cf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 44681
last-modified: Sat, 04 May 2024 05:14:02 GMT
etag: "6635c41a-ae89"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/00aa558f93892129be658ba88d71d08e.jpg
89.105.195.71200 OK 49 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/00aa558f93892129be658ba88d71d08e.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash f4520d8237493bc836ba97a4f7080b3f
d5f00ae7cddb8afb29f4091a90124b76475fec30
fe7e5327736bbad251b5762ec47196337628f028debddf7dda8ef7350399ecfe
GET /upload/vod/20240504-1/00aa558f93892129be658ba88d71d08e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 49271
last-modified: Sat, 04 May 2024 05:12:30 GMT
etag: "6635c3be-c077"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/a7eb54c467af34e1bd322425c3d7faf3.jpg
89.105.195.71200 OK 49 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/a7eb54c467af34e1bd322425c3d7faf3.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash f4520d8237493bc836ba97a4f7080b3f
d5f00ae7cddb8afb29f4091a90124b76475fec30
fe7e5327736bbad251b5762ec47196337628f028debddf7dda8ef7350399ecfe
GET /upload/vod/20240504-1/a7eb54c467af34e1bd322425c3d7faf3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 49271
last-modified: Sat, 04 May 2024 05:12:29 GMT
etag: "6635c3bd-c077"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/5fe4f7d790d12d4dc99d6f5e6e17fb3d.jpg
89.105.195.71200 OK 56 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/5fe4f7d790d12d4dc99d6f5e6e17fb3d.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1008x768, components 3
Hash 238526e5b978dc52e528365c365e09fc
85e8a421c15fbf393e3d5016d609a1dc71b1017f
30c993047caee32dbe7c3d9d33b0865bafd20c9aba0575225275b329532805c3
GET /upload/vod/20240504-1/5fe4f7d790d12d4dc99d6f5e6e17fb3d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 55528
last-modified: Sat, 04 May 2024 05:12:24 GMT
etag: "6635c3b8-d8e8"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/18472007be80aacc00a5678b8860c9ad.jpg
89.105.195.71200 OK 65 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/18472007be80aacc00a5678b8860c9ad.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1004x776, components 3
Hash 265c0ada319158d177d8fdfdf89afbae
bc5b1be8db5a8f799108554b058c9fe4ba16b6d4
72c35267cf0d2f167059d2a4fc9de666f17b00888b5ab87ab60a7fafb61c20ce
GET /upload/vod/20240504-1/18472007be80aacc00a5678b8860c9ad.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 65233
last-modified: Sat, 04 May 2024 05:12:23 GMT
etag: "6635c3b7-fed1"
expires: Mon, 03 Jun 2024 05:27:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/84e558c74430ae8398c7874d6696b5ad.jpg
89.105.195.71200 OK 26 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/84e558c74430ae8398c7874d6696b5ad.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 640x360, components 3
Hash 8d896750e96e47daa42510cb5554002d
06be6f791ee97eda0ea89eec5e700af53365645c
ce943958e2777f72d97f50d1830d53ebccbaa0bd0c65ac2d2954525276eea693
GET /upload/vod/20240503-1/84e558c74430ae8398c7874d6696b5ad.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 25521
last-modified: Fri, 03 May 2024 05:09:52 GMT
etag: "663471a0-63b1"
expires: Sun, 02 Jun 2024 05:13:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/5cd38c118098f49f0566ffb2daba4c7a.jpg
89.105.195.71200 OK 28 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/5cd38c118098f49f0566ffb2daba4c7a.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 640x358, components 3
Hash 0deb6721501fbf8117036c10b0b9ea63
71d6563f5a377b6f3c0a4c88c64483faeed28c65
1434ab86c5108650926a72099193d11720a8e600a800ff28e479887b90765258
GET /upload/vod/20240503-1/5cd38c118098f49f0566ffb2daba4c7a.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 28357
last-modified: Fri, 03 May 2024 05:09:52 GMT
etag: "663471a0-6ec5"
expires: Sun, 02 Jun 2024 05:13:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/bf32104a84fbade8f3e750ae5a91c8b4.jpg
89.105.195.71200 OK 28 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/bf32104a84fbade8f3e750ae5a91c8b4.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 640x358, components 3
Hash 0deb6721501fbf8117036c10b0b9ea63
71d6563f5a377b6f3c0a4c88c64483faeed28c65
1434ab86c5108650926a72099193d11720a8e600a800ff28e479887b90765258
GET /upload/vod/20240503-1/bf32104a84fbade8f3e750ae5a91c8b4.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 28357
last-modified: Fri, 03 May 2024 05:09:51 GMT
etag: "6634719f-6ec5"
expires: Sun, 02 Jun 2024 05:13:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/30c5d510ba805340bb1f4fb213c22579.jpg
89.105.195.71200 OK 46 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/30c5d510ba805340bb1f4fb213c22579.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash 7056f5d210fc6bd113a1095928555ea0
ffed43cd61baaa078b81135b88c16ea5febb1b65
59b880bfde8e254e53a5e4cda47d3d7196961a17f17c98c4292e2c33dc4259b8
GET /upload/vod/20240503-1/30c5d510ba805340bb1f4fb213c22579.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 45934
last-modified: Fri, 03 May 2024 05:09:49 GMT
etag: "6634719d-b36e"
expires: Sun, 02 Jun 2024 05:13:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/4aca0539726aa7b86ca7048a1f39aa86.jpg
89.105.195.71200 OK 51 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/4aca0539726aa7b86ca7048a1f39aa86.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 956x588, components 3
Hash f1bc39e36209cfd5a937b36434f131cc
19f79941c43752da764627febda89ee6b0e15beb
d3f643f29c8a0b17e945d07e32e223bc3bdf3d170318d080b4f31d76e939a8c2
GET /upload/vod/20240504-1/4aca0539726aa7b86ca7048a1f39aa86.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 50792
last-modified: Sat, 04 May 2024 05:12:46 GMT
etag: "6635c3ce-c668"
expires: Mon, 03 Jun 2024 05:27:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/b688fbd44a2824771f0dccb4d07e0820.jpg
89.105.195.71200 OK 69 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/b688fbd44a2824771f0dccb4d07e0820.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 956x532, components 3
Hash c44cfeba5ce4440b75ffda99d23b291e
ec19ec1cd101fd283f74d1f9301de53ca27e75cb
93b18766aa48b09c78a8ec66cc903cbaef4f2026079467d6b968410bfb712e78
GET /upload/vod/20240429-1/b688fbd44a2824771f0dccb4d07e0820.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 69211
last-modified: Mon, 29 Apr 2024 13:25:31 GMT
etag: "662f9fcb-10e5b"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/7ed7b44702c68ca3b390cea64a3b0cff.jpg
89.105.195.71200 OK 77 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/7ed7b44702c68ca3b390cea64a3b0cff.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 956x533, components 3
Hash 1361f705701b662259b5347328182f7c
ba003563691b96c9cc939d49ded64639ad84047d
cc8d58fbbc28e6f79ab4d3bd673ade78ff65ea02906b9a3c974aaaeb431ff26c
GET /upload/vod/20240429-1/7ed7b44702c68ca3b390cea64a3b0cff.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 76737
last-modified: Mon, 29 Apr 2024 13:25:30 GMT
etag: "662f9fca-12bc1"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/3612ea33334e69669492ef4ac52fb412.jpg
89.105.195.71200 OK 49 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/3612ea33334e69669492ef4ac52fb412.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash d2955b360e43518db3cbd1efa6a865b8
047470101a3370531a51e9d6d0e9a2601dbb91dc
cd01efe51410a4b37b18b97e8b6bdfe4279e32d142104ae2270463883c0a27ad
GET /upload/vod/20240504-1/3612ea33334e69669492ef4ac52fb412.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 49047
last-modified: Sat, 04 May 2024 05:12:44 GMT
etag: "6635c3cc-bf97"
expires: Mon, 03 Jun 2024 05:20:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/ec98babe3b973861b1dd11fd8ecf51a6.jpg
89.105.195.71200 OK 63 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/ec98babe3b973861b1dd11fd8ecf51a6.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1480x836, components 3
Hash b3ba724dbe34b9983b5c95842f23de86
8369df56b2e60ca1792e5d2d0363a507190b15f6
22727c4c085b905ba338e40bc58e434048b3a8ed050e89042abef1fa4a037d84
GET /upload/vod/20240504-1/ec98babe3b973861b1dd11fd8ecf51a6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 62983
last-modified: Sat, 04 May 2024 05:12:43 GMT
etag: "6635c3cb-f607"
expires: Mon, 03 Jun 2024 05:20:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/623d6283e6530459a1a65f96a7ea43af.jpg
89.105.195.71200 OK 27 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/623d6283e6530459a1a65f96a7ea43af.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 720x404, components 3
Hash c712a9de98d6c5cde68dd8a7a68d3cc7
e82bfd3af8c476fd98cd1700b7fb16d8b3660f22
b29fbac6f019523347fdacedd3c911079c37f2abefaf15dc5cce75336b2da26a
GET /upload/vod/20240503-1/623d6283e6530459a1a65f96a7ea43af.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 27333
last-modified: Fri, 03 May 2024 05:10:16 GMT
etag: "663471b8-6ac5"
expires: Sun, 02 Jun 2024 05:18:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/3630122c0edf7f163777360749a7fbb1.jpg
89.105.195.71200 OK 73 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/3630122c0edf7f163777360749a7fbb1.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 955x532, components 3
Hash 7b98dd8be3ba352167c8669ee587eb7e
2e332729f07c5cf1767705cef95f97324844cba8
868f390131f99ea43f4b4974f727d6e00c73200dcc838ebb23a5d63513dcd5d1
GET /upload/vod/20240429-1/3630122c0edf7f163777360749a7fbb1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 72801
last-modified: Mon, 29 Apr 2024 13:25:27 GMT
etag: "662f9fc7-11c61"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/e561e088252704347aafa5a7dcb7c041.jpg
89.105.195.71200 OK 72 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/e561e088252704347aafa5a7dcb7c041.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 960x533, components 3
Hash b645f1337db3face9cb97837767eaaf1
dc8c9dde4ed6d4591f6e4c418fdcaee8941f6648
c562aee8b6d5ed210ab10a99a0f32ebf551b13b6f55e50202be84639a9964fc3
GET /upload/vod/20240429-1/e561e088252704347aafa5a7dcb7c041.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 72535
last-modified: Mon, 29 Apr 2024 13:25:26 GMT
etag: "662f9fc6-11b57"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/13da24f6b879f07220ae4da759e1bf7e.jpg
89.105.195.71200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/13da24f6b879f07220ae4da759e1bf7e.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 957x531, components 3
Hash 406be91c35e1b5f26f57e38ef6feb489
8f75d92445583e06973a2e5729a9e758818de84e
01ede5eaabd3c71dba1a3732bcbf5e5ef5543af6a7478a9d64464c55ba2db9ea
GET /upload/vod/20240429-1/13da24f6b879f07220ae4da759e1bf7e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 78201
last-modified: Mon, 29 Apr 2024 13:25:25 GMT
etag: "662f9fc5-13179"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/73129bd3ffd4e6563d1905a7336ed957.jpg
89.105.195.71200 OK 81 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/73129bd3ffd4e6563d1905a7336ed957.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 951x532, components 3
Hash 46b5ed54c9d57faf06fcbcc8a95c1201
07ec96b6d2912bc71ce347db9c8714c8dd715702
090de0935a7b7807a294b05ded06fd90f73ff8c5577a486f4ba3f17b624d4857
GET /upload/vod/20240429-1/73129bd3ffd4e6563d1905a7336ed957.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 80997
last-modified: Mon, 29 Apr 2024 13:25:23 GMT
etag: "662f9fc3-13c65"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/8a15a83f3721c1ee89f84e998969ea19.jpg
89.105.195.71200 OK 84 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/8a15a83f3721c1ee89f84e998969ea19.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1004x788, components 3
Hash 62939b5d7ac62c82ee79224dc0fd72e7
499a1693876180899ca2bdf8d0ce917072fe0ff4
7db00fab1a0e42643fb549da1824490092b71440a736ff3fc79164c3530da1d8
GET /upload/vod/20240504-1/8a15a83f3721c1ee89f84e998969ea19.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 83739
last-modified: Sat, 04 May 2024 05:12:31 GMT
etag: "6635c3bf-1471b"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/20ed5c79b82a3e22d6742771d429223d.jpg
89.105.195.71200 OK 71 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/20ed5c79b82a3e22d6742771d429223d.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 836x676, components 3
Hash 3e7e9dd89a572c93912b89aec3839890
e7e8618ab2edde49caa8665850f3a7a80496a241
a4dd574c1c87b28007b71564f5f725a2a612423579da21929871f5b90fa1b21e
GET /upload/vod/20240504-1/20ed5c79b82a3e22d6742771d429223d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 71065
last-modified: Sat, 04 May 2024 05:12:26 GMT
etag: "6635c3ba-11599"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/fe3915b211c6d73658b33721b82e6536.jpg
89.105.195.71200 OK 71 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/fe3915b211c6d73658b33721b82e6536.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 836x676, components 3
Hash 3e7e9dd89a572c93912b89aec3839890
e7e8618ab2edde49caa8665850f3a7a80496a241
a4dd574c1c87b28007b71564f5f725a2a612423579da21929871f5b90fa1b21e
GET /upload/vod/20240504-1/fe3915b211c6d73658b33721b82e6536.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 71065
last-modified: Sat, 04 May 2024 05:12:25 GMT
etag: "6635c3b9-11599"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/7fc2e86576e59670717c405babce51fa.jpg
89.105.195.71200 OK 107 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/7fc2e86576e59670717c405babce51fa.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1704x952, components 3
Size 107 kB (107404 bytes)
Hash 14162a1f5429231acd6998f88a72c1b0
22a85ac018f22ff66b333cc2ce77b531100eaa30
e2e3a0e175388eb8422488efdbfb18b90d05126a2979b21d13c52ef49de494e3
GET /upload/vod/20240503-1/7fc2e86576e59670717c405babce51fa.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 107404
last-modified: Fri, 03 May 2024 05:09:50 GMT
etag: "6634719e-1a38c"
expires: Sun, 02 Jun 2024 05:13:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/d4e544265a51666add83ac9d12f3efa4.jpg
89.105.195.71200 OK 109 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/d4e544265a51666add83ac9d12f3efa4.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 109 kB (108832 bytes)
Hash 52836a6f3100d3b4ca7ec027f8685a40
ee5c62cbe05456db7f8577257b43bde07218d2fb
1768ec24892c7cff842a9aa845d88e703f06ca88c6544bfd8ef2ba2be9f86291
GET /upload/vod/20240504-1/d4e544265a51666add83ac9d12f3efa4.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 108832
last-modified: Sat, 04 May 2024 05:12:47 GMT
etag: "6635c3cf-1a920"
expires: Mon, 03 Jun 2024 05:27:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/4501197fc59d54db2a13c95f94b8e95f.jpg
89.105.195.71200 OK 97 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/4501197fc59d54db2a13c95f94b8e95f.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash b7d90c72dbeb0b1778373c908aab421d
5343efeb19d7a6afaccada1dbcd33c2c3d914303
6871a561f25344cc5e120c73c663f6b8dc04f7a7eab2c9950ba2e9b38d87ccd2
GET /upload/vod/20240504-1/4501197fc59d54db2a13c95f94b8e95f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 96768
last-modified: Sat, 04 May 2024 05:12:43 GMT
etag: "6635c3cb-17a00"
expires: Mon, 03 Jun 2024 05:20:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/2be8a0e6a3c0fa9d855973e6d42ce15d.jpg
89.105.195.71200 OK 107 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/2be8a0e6a3c0fa9d855973e6d42ce15d.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 107 kB (107088 bytes)
Hash 8f0cc634e0b43e86254c52e62d9151e1
7638690f03a07cb957b569f002d849a34408c3e4
7bddeeb010f5dd7641111e01d65e6c241a9c775f985d3e070a68ee4f548079e1
GET /upload/vod/20240504-1/2be8a0e6a3c0fa9d855973e6d42ce15d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 107088
last-modified: Sat, 04 May 2024 05:12:35 GMT
etag: "6635c3c3-1a250"
expires: Mon, 03 Jun 2024 05:20:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/062719643928660e5e9364532b7605b3.jpg
89.105.195.71200 OK 97 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/062719643928660e5e9364532b7605b3.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash 6a06a9a02bb9a193ce7b6ac25c845366
9e291d14e99cf63a2e3410ae7c24f9644cf36fc5
ba87c8d1c037a766dbf20c47a855671ea0ad93680a64a08d4dcdf6db521f9f17
GET /upload/vod/20240504-1/062719643928660e5e9364532b7605b3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 96752
last-modified: Sat, 04 May 2024 05:12:34 GMT
etag: "6635c3c2-179f0"
expires: Mon, 03 Jun 2024 05:20:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/cd2237f4a5b228ce927224bbcbe6b47b.jpg
89.105.195.71200 OK 83 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/cd2237f4a5b228ce927224bbcbe6b47b.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash b0ab27a43eaac1ec651ae724e57fedc5
8c3d54e6e6893140eee77e1edffb53a1fd834734
f7a0be9b6f8d6ab1f05160ac10b5d269bd3820192a89a66c8f44dab756a2fe02
GET /upload/vod/20240504-1/cd2237f4a5b228ce927224bbcbe6b47b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 82832
last-modified: Sat, 04 May 2024 05:12:33 GMT
etag: "6635c3c1-14390"
expires: Mon, 03 Jun 2024 05:20:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/b90ba44cd99e90839faa7b20e3fcbaef.jpg
89.105.195.71200 OK 117 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/b90ba44cd99e90839faa7b20e3fcbaef.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 117 kB (117354 bytes)
Hash a387cc3ebcb9ee8d593fafffb48a9333
2b3a90f3178145dc0166e8c029e7cba8cd8ad84d
5e95e72578a989ed49fc3ecc8f04cb9f5fd3472495bead0ebf6ba6338465be2f
GET /upload/vod/20240503-1/b90ba44cd99e90839faa7b20e3fcbaef.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 117354
last-modified: Fri, 03 May 2024 05:10:18 GMT
etag: "663471ba-1ca6a"
expires: Sun, 02 Jun 2024 05:18:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/5eaffe65a2fa1b566ad9a39d302ff2f1.jpg
89.105.195.71200 OK 76 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/5eaffe65a2fa1b566ad9a39d302ff2f1.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1224x689, components 3
Hash c22eae82fdb4824f65f6c95eb3d83897
ef137f3725ee4dbafbd7f84e157b3c4c4001cd3b
2415da691145e2bbad7ebe5c537271933e8275822cff9e055a6a4d8a247eac8b
GET /upload/vod/20240503-1/5eaffe65a2fa1b566ad9a39d302ff2f1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 76086
last-modified: Fri, 03 May 2024 05:10:16 GMT
etag: "663471b8-12936"
expires: Sun, 02 Jun 2024 05:18:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/80ae930629cb19364803feeb06393c7e.jpg
89.105.195.71200 OK 121 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/80ae930629cb19364803feeb06393c7e.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 121 kB (120728 bytes)
Hash 8dd957238576168a9ea8cd66c80bde41
51f17c19d7481bf4fa9704afd6daa8f6efc9dbc3
2da793c2f7175f8842f932b8834d0fc976060deb22f36309e7b7398ee8721c5e
GET /upload/vod/20240503-1/80ae930629cb19364803feeb06393c7e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 120728
last-modified: Fri, 03 May 2024 05:10:15 GMT
etag: "663471b7-1d798"
expires: Sun, 02 Jun 2024 05:18:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/ede8aff1efe01f7e4a991986c9f5afc5.jpg
89.105.195.71200 OK 120 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/ede8aff1efe01f7e4a991986c9f5afc5.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 120 kB (120097 bytes)
Hash 4dbb7aff83757f061c8b08b99ea3e1ff
15bedf280678e806cbb61e816e553d6604365aad
b0953e959a4bd9c4a7bfd73d6c3016b0812a060da3cd4eac7ce96bc7b2540fc4
GET /upload/vod/20240503-1/ede8aff1efe01f7e4a991986c9f5afc5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 120097
last-modified: Fri, 03 May 2024 05:10:13 GMT
etag: "663471b5-1d521"
expires: Sun, 02 Jun 2024 05:18:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/08b0637796850e91da8d4c16c74fce9d.jpg
89.105.195.71200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/08b0637796850e91da8d4c16c74fce9d.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 952x532, components 3
Hash 44da1f7312e785d7469efe5a2e7fdc20
b993ab155c8c47a0f0173e459892969a73badf11
91890cd0dc86f8e5a955e6e9f671bb96e73baaea2ca4a357363cfb8e27b13e74
GET /upload/vod/20240429-1/08b0637796850e91da8d4c16c74fce9d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 77869
last-modified: Mon, 29 Apr 2024 13:25:35 GMT
etag: "662f9fcf-1302d"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/916f9ceafb799344f64c89e47d2f7907.jpg
89.105.195.71200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/916f9ceafb799344f64c89e47d2f7907.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 953x536, components 3
Hash 80083be7d376464d94d9bffa6d22fdd4
9dbb7c877313fdb9cd786fa21ae9435c61f4e0ef
37a719745e01a29e05fa3d10c4b7994a7b605bfb86c5c167c74dd4e18b403853
GET /upload/vod/20240429-1/916f9ceafb799344f64c89e47d2f7907.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 77749
last-modified: Mon, 29 Apr 2024 13:25:36 GMT
etag: "662f9fd0-12fb5"
expires: Wed, 29 May 2024 13:30:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/f59e1371b9600a65b8fd6f72f3a2baf1.jpg
89.105.195.71200 OK 82 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/f59e1371b9600a65b8fd6f72f3a2baf1.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 955x532, components 3
Hash dcb1faf73b1d88baf2c62383376d0704
18fc7bc45934a2a84ed6cadb7bf497ff148e0ecd
7409b2e1d91f1e03ece09f060fcbdce597247a453c29fbe77f4eab3a725c9318
GET /upload/vod/20240429-1/f59e1371b9600a65b8fd6f72f3a2baf1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 81649
last-modified: Mon, 29 Apr 2024 13:25:40 GMT
etag: "662f9fd4-13ef1"
expires: Wed, 29 May 2024 13:25:51 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/a417c73fdbe4d18eb9cfa5b16f90198a.jpg
89.105.195.71200 OK 82 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/a417c73fdbe4d18eb9cfa5b16f90198a.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 952x532, components 3
Hash 2f07da3f93a1fe652db81f6cd34f07dc
f26c1d5d7337a474167cd081b92c94091a5ae260
2e0b70c56204e89c4d4954896b25ddf5f0409b14ba11c86aebc8cf88dca463ef
GET /upload/vod/20240429-1/a417c73fdbe4d18eb9cfa5b16f90198a.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 81461
last-modified: Mon, 29 Apr 2024 13:25:39 GMT
etag: "662f9fd3-13e35"
expires: Wed, 29 May 2024 13:26:18 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/fd4aca22efa89a01419c96b60da03bee.jpg
89.105.195.71200 OK 71 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/fd4aca22efa89a01419c96b60da03bee.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 952x532, components 3
Hash bc7e2d30457eb790c6c60f4aa639891c
db3ac8baf2f50fe3b771feb2b3d3e0a8057a332e
9b3e27c1c38f2ae31418ef9ba5b08ff940829ef1509406707f1086c8f0d015d3
GET /upload/vod/20240429-1/fd4aca22efa89a01419c96b60da03bee.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 71330
last-modified: Mon, 29 Apr 2024 13:25:38 GMT
etag: "662f9fd2-116a2"
expires: Wed, 29 May 2024 13:26:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/13ae4fafc16d635bf24776eb0e24163c.jpg
89.105.195.71200 OK 131 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/13ae4fafc16d635bf24776eb0e24163c.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1960x1100, components 3
Size 131 kB (131218 bytes)
Hash cac5f598380efe0999ff71dc3b0ad617
379187be83d1a1d378ad32be97737bcb1d0bbc36
302cf63163035ac2680ed52cf4eb428507303feeec975f654ea5b8a2b8b8c9a0
GET /upload/vod/20240504-1/13ae4fafc16d635bf24776eb0e24163c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 131218
last-modified: Sat, 04 May 2024 05:12:24 GMT
etag: "6635c3b8-20092"
expires: Mon, 03 Jun 2024 05:27:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/5ca9e2f6884bba541b5f26d7662870fb.jpg
89.105.195.71200 OK 132 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/5ca9e2f6884bba541b5f26d7662870fb.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1704x952, components 3
Size 132 kB (131745 bytes)
Hash 89d8fc8f90c0a1f6255fa646c1352413
6b91c6eaf68fe99bb36d1416e0305657f08aa686
fe27bb49d392163c580b2f64d430aea58233fc75f822e01b41fd314085bcdbbc
GET /upload/vod/20240503-1/5ca9e2f6884bba541b5f26d7662870fb.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 131745
last-modified: Fri, 03 May 2024 05:10:03 GMT
etag: "663471ab-202a1"
expires: Sun, 02 Jun 2024 05:13:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/cbb8e8a14adcbd161b6e8ee1fc34f72c.jpg
89.105.195.71200 OK 140 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/cbb8e8a14adcbd161b6e8ee1fc34f72c.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 140 kB (140233 bytes)
Hash 9c5c2d30d1c41af9801c9af9b372689b
6e488300bf3ec464cf99f88071df87568afeeefd
0b616d768b54e4344c3a95627d5f0ce7e76740998d0923a07a049b57071a3b32
GET /upload/vod/20240503-1/cbb8e8a14adcbd161b6e8ee1fc34f72c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 140233
last-modified: Fri, 03 May 2024 05:10:17 GMT
etag: "663471b9-223c9"
expires: Sun, 02 Jun 2024 05:18:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/css/zui.css
107.149.199.61200 OK 25 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/css/zui.css
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type assembler source, Unicode text, UTF-8 (with BOM) text
Hash 5660a22ccd545550e17c4ac22fe72135
a35b2c5e39c20cc8a1f6ded28a7adb521cc49a3f
aff7ebc6015eb363a857aeb10e4f104f2adf868573874d3db2fab2aa93e866c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 16 Sep 2023 13:41:03 GMT
etag: "1bf31-6057a0f69b9c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 25171
content-type: text/css
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?1597dbc0d180c4192c37e9004d428ec7
111.45.3.198200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?1597dbc0d180c4192c37e9004d428ec7
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (615)
Hash 301b5037f63e39e83632a7a79da203bb
1f13bf6cd26b26f66e52627eff1cfadccdb90af5
751c680ac0bc8a0f41facb46c42ee8ff3243b3266bcd1cd68af27857cab9e42d
GET /hm.js?1597dbc0d180c4192c37e9004d428ec7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 04 May 2024 19:43:42 GMT
Etag: b687f6a3f058ada146a68691eecfa204
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B113B745A5167511; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.hgimg01.com/upload/vod/20240504-1/e7362bce9e5768ee94dd91ddc18c80e2.jpg
89.105.195.71200 OK 468 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/e7362bce9e5768ee94dd91ddc18c80e2.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 468 kB (468012 bytes)
Hash b0a114d5da54950c76034fd36b792ffd
ed10917e3a7cf2e0c011a54fed1366725a5f6b4b
9cfdae9c759f79c8cad5187246782d541e7905d99dc64ed03d5074ae2ba6c903
GET /upload/vod/20240504-1/e7362bce9e5768ee94dd91ddc18c80e2.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 468012
last-modified: Sat, 04 May 2024 05:14:12 GMT
etag: "6635c424-7242c"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/qq1.js
107.149.199.61200 OK 2.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq1.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 4bea9028ca7e06074717a28231570764
4881c1aa753d4efb5e9cea7f35123bf5ec8c81d5
5598c79548ea3b63933fb0e47ce7ee8c37c3a37a0478559d5bae521d44ca9b4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq1.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 May 2024 14:32:41 GMT
etag: "30d5-617a1b56aa75b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1980
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/919fb53614d9a57b2fcd47c63a57ae32.jpg
89.105.195.71200 OK 477 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/919fb53614d9a57b2fcd47c63a57ae32.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 477 kB (476906 bytes)
Hash 977f6866c3f70ff7386d32dfc1fe7337
06df72f5cadc4c132251ac2bff8c1f4118124401
5bfad2191552114142276c56864c51cb0f21a1682707b770c6af7081c03001f4
GET /upload/vod/20240504-1/919fb53614d9a57b2fcd47c63a57ae32.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 476906
last-modified: Sat, 04 May 2024 05:14:11 GMT
etag: "6635c423-746ea"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/dht.js
107.149.199.61200 OK 1.3 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/dht.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash 3f43e1e1f6923961b6c431fd305ca0c0
cc5c7af1a6ed74c6dd37fe465f50963aa3f503b3
21cc83d664c7272a96a18e8ace1c9bd94f43cd6226cab907c749a7572795a90a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/dht.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2024 13:03:55 GMT
etag: "2e2a-61750009744c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1319
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/f143310943252f6aa00c431f53b6e90e.jpg
89.105.195.71200 OK 536 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/f143310943252f6aa00c431f53b6e90e.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 536 kB (536383 bytes)
Hash 66b40da48db4275d14ae11691e02f3bf
edaf0494aa3c02c5e5c043091a269d5b0668feee
602d89c8e5a957274e94de2fc058747538f10615fea181c1a373657710785fe4
GET /upload/vod/20240504-1/f143310943252f6aa00c431f53b6e90e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 536383
last-modified: Sat, 04 May 2024 05:14:09 GMT
etag: "6635c421-82f3f"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/images/1.gif
107.149.199.61200 OK 254 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/images/1.gif
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type GIF image data, version 89a, 16 x 17
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Aug 2023 11:58:21 GMT
etag: "fe-6029050003140"
accept-ranges: bytes
content-length: 254
content-type: image/gif
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/5683219b7b9f55172f09b292b2552abc.jpg
89.105.195.71200 OK 314 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/5683219b7b9f55172f09b292b2552abc.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 314 kB (313727 bytes)
Hash 51566c7d97df75aa6a2d70a198d2ee50
6d4e3b2cab64cf46ca371c6247b93bb65994c7bd
889fa70596326003d23e9ac9e5ecf2ec39aa0bb38ca019e8d2968425d0a2cb97
GET /upload/vod/20240504-1/5683219b7b9f55172f09b292b2552abc.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 313727
last-modified: Sat, 04 May 2024 05:14:08 GMT
etag: "6635c420-4c97f"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/dh.js
107.149.199.61200 OK 1.1 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/dh.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash 36f2b6c328c23386159b8fbb04e325f2
df89833edc8a5e241b5744636f4d3b34d49dafb5
5538178b9791732a03125c5d7492e0add412e399f77fa1ea531f7c36ff442fbc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 May 2024 15:02:01 GMT
etag: "28c7-6178e00792c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1085
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 May 2024 19:43:43 GMT
Etag: "4078521116"
Expires: Sun, 04 May 2025 19:43:43 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=C798C715146C34BF17D1362A6691C9A5:FG=1; max-age=31536000; expires=Sun, 04-May-25 19:43:43 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
img.hgimg01.com/upload/vod/20240504-1/554995d22d921679b0f3666058041597.jpg
89.105.195.71200 OK 240 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/554995d22d921679b0f3666058041597.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 240 kB (240195 bytes)
Hash 5958a4f47d73dad886fc6706c93f217e
8b4c5f9c9d98b0067be40692a7fba7608218e750
a2663b7fb76dc817624ce94380ca5271a2f025d8b70bf3519c768b86997dc381
GET /upload/vod/20240504-1/554995d22d921679b0f3666058041597.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 240195
last-modified: Sat, 04 May 2024 05:14:07 GMT
etag: "6635c41f-3aa43"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/sp.js
107.149.199.61200 OK 636 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/sp.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 9f5f07272f1a76a347423cb76cb56dbd
5f6dbfb05b9288acde1555a720432e6f254c93b1
ef02692a9a1489fffa9049448a5c468c21fb59eba7571f47c508e9b016d78f66
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/sp.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 12:04:27 GMT
etag: "789-61777679aa8c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 636
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/8c8c7eff03e3a9dcf45754d2a0524b68.jpg
89.105.195.71200 OK 387 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/8c8c7eff03e3a9dcf45754d2a0524b68.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 387 kB (386942 bytes)
Hash c1874203e7600926d9c647f0f001b259
d3f5ddfdfa494f4ba89c6f8d51f7bf12a1acf330
8e7f209da8275ddf85c65d27dcd090ff0be3310caa72e8a2018156fb44e15d89
GET /upload/vod/20240504-1/8c8c7eff03e3a9dcf45754d2a0524b68.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 386942
last-modified: Sat, 04 May 2024 05:14:06 GMT
etag: "6635c41e-5e77e"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/bctp.js
107.149.199.61200 OK 1.1 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/bctp.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash d2b51eba9e2b74b767e4bf358da4c8a1
ed1d80cd2ae95f322f33b646c93055033db6f8a9
102bdd931151c50b93cddde63508cac26f327f270c56ad24a73cdf80f2c16ce7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/bctp.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 May 2024 14:32:41 GMT
etag: "1629-617a1b56a9f8b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1129
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/835ffa915dc98f2ed517f323236a805e.jpg
89.105.195.71200 OK 419 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/835ffa915dc98f2ed517f323236a805e.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 419 kB (419064 bytes)
Hash d898dd012389e5ed9141ea4d986a4902
b750b79fc02dc79f76dc58bb7e17d3165a67000b
63125ab50f633403091539f5dec863c44f20919c27ea3b46eed8d18b1c6a92aa
GET /upload/vod/20240504-1/835ffa915dc98f2ed517f323236a805e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 419064
last-modified: Sat, 04 May 2024 05:14:04 GMT
etag: "6635c41c-664f8"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 May 2024 19:43:43 GMT
Etag: "4078521116"
Expires: Sun, 04 May 2025 19:43:43 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=6E9DA6D11F9F4C3A938BABC44B2F0FC0:FG=1; max-age=31536000; expires=Sun, 04-May-25 19:43:43 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
107.149.199.61:38689/template/m1938pc/ads/qq2.js
107.149.199.61200 OK 2.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq2.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (302)
Hash db99bffbf92a14de4c72e06e022e8788
3dae046fbfdc4c5959fff45c69e454df3123a8b7
fbac7bdff85112be3c8694135885f82022496cff8ef17b2727a4ad61e4ebecc3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq2.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 12:04:27 GMT
etag: "2775-61777679aa8c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2002
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/002e1c258c5a00a86c474125970bcc3f.jpg
89.105.195.71200 OK 731 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/002e1c258c5a00a86c474125970bcc3f.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 731 kB (730801 bytes)
Hash b17186ab52ee3c5b8ceb15ec757c5f38
56610a51d95276b9e361d66045c3f91c08f400d4
4bb8a29d671b35012e3784071c1180ecb84cb29b2c493d414bc392db414b83df
GET /upload/vod/20240504-1/002e1c258c5a00a86c474125970bcc3f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 730801
last-modified: Sat, 04 May 2024 05:14:03 GMT
etag: "6635c41b-b26b1"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/qq3.js
107.149.199.61200 OK 998 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq3.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash f09f6b8d50a5387d8ee4bf7a13903c04
d42509d3b0e601babb9b9b1b0b9f1f1d6568540f
460ac62ab9bf6913f4e070fca6c3333905ede4cd190b33591bc8d1ed7e9f3142
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq3.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 May 2024 10:56:34 GMT
etag: "1954-6178a92acfc80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 998
content-type: text/javascript
date: Sat, 04 May 2024 19:43:42 GMT
server: Apache
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/cde649e625d2bd63f220d7bcd022e8a7.jpg
89.105.195.71200 OK 242 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/cde649e625d2bd63f220d7bcd022e8a7.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2560x1667, components 3
Size 242 kB (241631 bytes)
Hash ccf08751f3b921ab8fbbb73376a200b2
9ba637e7fa8e61e7973abf7bf76e2b808cf90071
15b14cad9a2652650ca57555d0c358c432cd9ee4311601b5706cb0c4c0f5b0d9
GET /upload/vod/20240504-1/cde649e625d2bd63f220d7bcd022e8a7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 241631
last-modified: Sat, 04 May 2024 05:12:28 GMT
etag: "6635c3bc-3afdf"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/abb43e70f4a595a89d9514d4c8bd1d71.jpg
89.105.195.71200 OK 242 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/abb43e70f4a595a89d9514d4c8bd1d71.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2560x1667, components 3
Size 242 kB (241631 bytes)
Hash ccf08751f3b921ab8fbbb73376a200b2
9ba637e7fa8e61e7973abf7bf76e2b808cf90071
15b14cad9a2652650ca57555d0c358c432cd9ee4311601b5706cb0c4c0f5b0d9
GET /upload/vod/20240504-1/abb43e70f4a595a89d9514d4c8bd1d71.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 241631
last-modified: Sat, 04 May 2024 05:12:27 GMT
etag: "6635c3bb-3afdf"
expires: Mon, 03 Jun 2024 05:20:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/7ef9f9a398803f883f5cdd3f0c09f04a.jpg
89.105.195.71200 OK 241 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/7ef9f9a398803f883f5cdd3f0c09f04a.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2876x1612, components 3
Size 241 kB (241341 bytes)
Hash f785581719a85368fbc36fea01931a03
3b301797920b60c481a779ea11cba6735daaa1a0
0df418b58cbcee6a7acd1e9e1bc1c086f4c92494c417baafd2052c2d50ad9350
GET /upload/vod/20240504-1/7ef9f9a398803f883f5cdd3f0c09f04a.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 241341
last-modified: Sat, 04 May 2024 05:12:45 GMT
etag: "6635c3cd-3aebd"
expires: Mon, 03 Jun 2024 05:20:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/3327ecd488f51a7f83547cea6dd8f5ad.jpg
89.105.195.71200 OK 211 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/3327ecd488f51a7f83547cea6dd8f5ad.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2560x1440, components 3
Size 211 kB (211178 bytes)
Hash 0af853113f5f439abe5a4a0835a0bcd0
d10af1c76f659ef204db989378c3593ae04fa525
b62b90d50de83686c704a78783ebfe03e77366c1ab361009b59777290777ffb2
GET /upload/vod/20240504-1/3327ecd488f51a7f83547cea6dd8f5ad.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 211178
last-modified: Sat, 04 May 2024 05:12:32 GMT
etag: "6635c3c0-338ea"
expires: Mon, 03 Jun 2024 05:20:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/168050633c1037b727ba84f21fdd831b.jpg
89.105.195.71200 OK 462 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/168050633c1037b727ba84f21fdd831b.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 462 kB (461564 bytes)
Hash b4def3ad6ae1e0392ca1bdd5d642ce58
cd0a1a70bd7033c855a28d07fae1fbb5c6e8a647
2214259af1d5f0378dcef12ca2c09e725f33421d4b5d18752839c8c99e4e07cc
GET /upload/vod/20240504-1/168050633c1037b727ba84f21fdd831b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 461564
last-modified: Sat, 04 May 2024 05:14:01 GMT
etag: "6635c419-70afc"
expires: Mon, 03 Jun 2024 05:15:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/264fbe26d06c6308047c643137cef54f.jpg
89.105.195.71200 OK 433 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/264fbe26d06c6308047c643137cef54f.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 433 kB (433067 bytes)
Hash a3888320827951979dfd884e0e428fb5
3ff5eefb803e9e321a1ec4a9245387960d1c5c16
e4ac801f060c760006a0acee133866aedd9525e10673aca884a3db169a64f953
GET /upload/vod/20240503-1/264fbe26d06c6308047c643137cef54f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 433067
last-modified: Fri, 03 May 2024 05:11:32 GMT
etag: "66347204-69bab"
expires: Sun, 02 Jun 2024 05:23:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/708ec1eba50a56f48efa723086800dc4.jpg
89.105.195.71200 OK 465 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/708ec1eba50a56f48efa723086800dc4.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 465 kB (464933 bytes)
Hash fd468c8eab4c2a896a26e6e88eac5df0
9e2d86ccc837a5f4ad6e853c57a6144b2903f776
22e3d073125067f0b429ca1124315537b343fe78eccdd1325234c98f397249b5
GET /upload/vod/20240503-1/708ec1eba50a56f48efa723086800dc4.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 464933
last-modified: Fri, 03 May 2024 05:11:29 GMT
etag: "66347201-71825"
expires: Sun, 02 Jun 2024 05:23:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/f4937bb7ba838069bd95a121fb131fb9.jpg
89.105.195.71200 OK 528 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/f4937bb7ba838069bd95a121fb131fb9.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 528 kB (528160 bytes)
Hash 06664a3e3311aa3358cea9a9dd0d3568
5603330410a3c26f7d307e137ec7c228b56badc0
48ee23738039a7610f95b27509ad6cbc9191cf01ba092c2717df8c72a4479288
GET /upload/vod/20240503-1/f4937bb7ba838069bd95a121fb131fb9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 528160
last-modified: Fri, 03 May 2024 05:11:14 GMT
etag: "663471f2-80f20"
expires: Sun, 02 Jun 2024 05:23:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
47.246.44.250200 OK 2.7 kB URL GET HTTP/2 img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
IP 47.246.44.250:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT
Hash 78cdf5f8995a77bde017c9afb00ff09c
892a0c961a111310a1c6a76f611edcfe0f5472d3
3724b8fd47d02379fa76d99f3ef90b3f3c108de19d4f0ae9899352dc7ffbebd3
GET /imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/avif
content-length: 2725
date: Sun, 14 Apr 2024 00:57:57 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: HIT
request-time: 0.002
traceid: a3b55c9517130562768888849e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: jpg2avif
cache-control: max-age=31536000
ali-swift-global-savetime: 1713056277
via: cache16.l2us1[0,0,200-0,H], cache6.l2us1[0,0], ens-cache15.se2[0,0,200-0,H], ens-cache11.se2[0,0]
access-control-allow-origin: *
age: 1795547
x-cache: HIT TCP_MEM_HIT dirn:11:36345466
x-swift-savetime: Sun, 14 Apr 2024 01:02:13 GMT
x-swift-cachetime: 31535744
s-rt: 2
vary: Accept
timing-allow-origin: *
eagleid: 2ff62c9f17148518247012761e
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1724504170&si=847af9a77c3034320368789b70e9d230&v=1.3.0&lv=1&sn=63013&r=0&ww=1280&u=http%3A%2F%2Fwww.real-estate-guide.net%2Freal-estate%2Fcounty%2F2027%2Fallen-county%2F&tt=%E4%BD%99%E5%A7%9A%E7%88%AC%E6%AE%8B%E9%A1%BE%E9%97%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
111.45.3.198200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1724504170&si=847af9a77c3034320368789b70e9d230&v=1.3.0&lv=1&sn=63013&r=0&ww=1280&u=http%3A%2F%2Fwww.real-estate-guide.net%2Freal-estate%2Fcounty%2F2027%2Fallen-county%2F&tt=%E4%BD%99%E5%A7%9A%E7%88%AC%E6%AE%8B%E9%A1%BE%E9%97%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1724504170&si=847af9a77c3034320368789b70e9d230&v=1.3.0&lv=1&sn=63013&r=0&ww=1280&u=http%3A%2F%2Fwww.real-estate-guide.net%2Freal-estate%2Fcounty%2F2027%2Fallen-county%2F&tt=%E4%BD%99%E5%A7%9A%E7%88%AC%E6%AE%8B%E9%A1%BE%E9%97%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 May 2024 19:43:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=644714EEDE4BCF63; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.ofr614.com/images/6630f3345d556db1e0402332.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.ofr614.com/images/6630f3345d556db1e0402332.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectofr614.com
Fingerprint14:39:36:A2:F3:D9:E3:86:91:2D:9E:15:EA:0B:0F:D7:09:A7:65:C3
ValidityTue, 30 Apr 2024 10:03:59 GMT - Mon, 29 Jul 2024 10:03:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f3345d556db1e0402332.gif HTTP/1.1
Host: www.ofr614.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/c9fcc3cec3fdfc0333d13384923f8794a4c22665.jpg
X-Firefox-Spdy: h2
www.eql814.com/images/6630f1795d556db1e040231b.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.eql814.com/images/6630f1795d556db1e040231b.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecteql814.com
Fingerprint5A:EF:EE:AC:F8:6C:8A:F7:90:4C:76:54:F2:7B:24:D6:82:9D:02:52
ValidityTue, 30 Apr 2024 10:02:05 GMT - Mon, 29 Jul 2024 10:02:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f1795d556db1e040231b.gif HTTP/1.1
Host: www.eql814.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/gg.jpg
107.149.199.61200 OK 14 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/gg.jpg
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 960x51, components 3
Hash aaa12973bfefffcf6680081350d345a4
0231169877cf780337619db83e7591cba019854b
4124a6e1c9baa8735275f7d5be1f06a1cc8eaca18e52c14050ff41b8d00db127
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/gg.jpg HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Feb 2024 12:49:54 GMT
etag: "35b0-610516e964080"
accept-ranges: bytes
content-length: 13744
content-type: image/jpeg
date: Sat, 04 May 2024 19:43:45 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2137048788&si=1597dbc0d180c4192c37e9004d428ec7&v=1.3.0&lv=1&sn=63015&r=0&ww=1280&u=http%3A%2F%2Fwww.real-estate-guide.net%2Freal-estate%2Fcounty%2F2027%2Fallen-county%2F&tt=%E4%BD%99%E5%A7%9A%E7%88%AC%E6%AE%8B%E9%A1%BE%E9%97%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
111.45.3.198200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2137048788&si=1597dbc0d180c4192c37e9004d428ec7&v=1.3.0&lv=1&sn=63015&r=0&ww=1280&u=http%3A%2F%2Fwww.real-estate-guide.net%2Freal-estate%2Fcounty%2F2027%2Fallen-county%2F&tt=%E4%BD%99%E5%A7%9A%E7%88%AC%E6%AE%8B%E9%A1%BE%E9%97%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2137048788&si=1597dbc0d180c4192c37e9004d428ec7&v=1.3.0&lv=1&sn=63015&r=0&ww=1280&u=http%3A%2F%2Fwww.real-estate-guide.net%2Freal-estate%2Fcounty%2F2027%2Fallen-county%2F&tt=%E4%BD%99%E5%A7%9A%E7%88%AC%E6%AE%8B%E9%A1%BE%E9%97%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 May 2024 19:43:45 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9D2BE46528A72A33; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
107.149.199.61:38689/template/m1938pc/images/video-play.png
107.149.199.61200 OK 1.6 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/images/video-play.png
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:16 GMT
etag: "61f-5e5ddfa741d00"
accept-ranges: bytes
content-length: 1567
content-type: image/png
date: Sat, 04 May 2024 19:43:45 GMT
server: Apache
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
182.61.201.94200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
IP 182.61.201.94:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.real-estate-guide.net/real-estate/county/2027/allen-county/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.real-estate-guide.net/real-estate/county/2027/allen-county/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.real-estate-guide.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 May 2024 19:43:45 GMT
107.149.199.61:38689/template/m1938pc/ads/dh.js
107.149.199.61200 OK 1.1 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/dh.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash 36f2b6c328c23386159b8fbb04e325f2
df89833edc8a5e241b5744636f4d3b34d49dafb5
5538178b9791732a03125c5d7492e0add412e399f77fa1ea531f7c36ff442fbc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 May 2024 15:02:01 GMT
etag: "28c7-6178e00792c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1085
content-type: text/javascript
date: Sat, 04 May 2024 19:43:45 GMT
server: Apache
X-Firefox-Spdy: h2
jindie.luorun1.top/jd/100.gif
23.225.89.130200 OK 244 kB URL GET HTTP/2 jindie.luorun1.top/jd/100.gif
IP 23.225.89.130:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 100 x 100
Size 244 kB (243627 bytes)
Hash 8d6565c0cf3f9b644e5f06b712119837
e25b360314e01be8ab80c0fd2fadd162ed6b6014
fe67a8e4c1f45b49ba996319872278ee3f5ff508c63a6ad205ac051a4c86de78
GET /jd/100.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:44 GMT
content-type: image/gif
content-length: 243627
last-modified: Wed, 03 Apr 2024 05:43:56 GMT
etag: "660cec9c-3b7ab"
expires: Thu, 30 May 2024 07:27:38 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?f5f73e5916871afe97c68215440d54e7
111.45.3.198200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?f5f73e5916871afe97c68215440d54e7
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (615)
Hash dd8146b92c138d3777ffbd8b1ee5efff
a01a12b494e93d1f02e3803899a8c055b4084385
72fb626c2a0079d593ca942e66f454a87b706a45a13d065c6182134a150828e7
GET /hm.js?f5f73e5916871afe97c68215440d54e7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 04 May 2024 19:43:45 GMT
Etag: 8375dbba91b5aa3eb019537010badcf7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CCD40C2FD9CC990C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
107.149.199.61:38689/template/m1938pc/ads/qq1.js
107.149.199.61200 OK 2.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq1.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 4bea9028ca7e06074717a28231570764
4881c1aa753d4efb5e9cea7f35123bf5ec8c81d5
5598c79548ea3b63933fb0e47ce7ee8c37c3a37a0478559d5bae521d44ca9b4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq1.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 May 2024 14:32:41 GMT
etag: "30d5-617a1b56aa75b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1980
content-type: text/javascript
date: Sat, 04 May 2024 19:43:45 GMT
server: Apache
X-Firefox-Spdy: h2
jindie.luorun1.top/jj417/640-160.gif
23.225.89.130200 OK 258 kB URL GET HTTP/2 jindie.luorun1.top/jj417/640-160.gif
IP 23.225.89.130:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 640 x 160
Size 258 kB (258064 bytes)
Hash 434c508c4291f2ef2f456d52b022d702
38ed0c146b88577190ff88130f536d54cf9f78c1
21de3ee4dde190176e1b84e1cbefa5312e6a9ae8480c3cfec3541a76e5978248
GET /jj417/640-160.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 258064
last-modified: Tue, 16 Apr 2024 20:17:12 GMT
etag: "661edcc8-3f010"
expires: Thu, 30 May 2024 07:27:29 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jindie.luorun1.top/jj417/300-200.gif
23.225.89.130200 OK 538 kB URL GET HTTP/2 jindie.luorun1.top/jj417/300-200.gif
IP 23.225.89.130:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 300 x 200
Size 538 kB (538466 bytes)
Hash 360a35c33859b87a4f8078f3e31eddb7
c56ecf9ef564adb903fa9eb34613f3b1af2022f7
c3a2cf1bb01b17826730f3ddaf8f20523500ad684b152a3e30a1b0e14e201b02
GET /jj417/300-200.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 538466
last-modified: Tue, 16 Apr 2024 20:17:10 GMT
etag: "661edcc6-83762"
expires: Thu, 30 May 2024 07:27:39 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jindie.luorun1.top/tu/300-200.gif
23.225.89.130200 OK 264 kB URL GET HTTP/2 jindie.luorun1.top/tu/300-200.gif
IP 23.225.89.130:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 600 x 360
Size 264 kB (264185 bytes)
Hash 580d4c7a30e55329d2c02ca1fecf0b35
82d9954027229e4bfafe45f4e9c8a0525f5eb6c9
25bd3d949f0e4a7b1196aeb95fe1e23c31826914d4fe3a8b0e0ad471fb92b40e
GET /tu/300-200.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 264185
last-modified: Fri, 26 Jan 2024 09:29:02 GMT
etag: "65b37b5e-407f9"
expires: Thu, 30 May 2024 07:27:33 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2072507486&si=f5f73e5916871afe97c68215440d54e7&su=http%3A%2F%2Fwww.real-estate-guide.net%2F&v=1.3.0&lv=1&sn=63016&r=0&ww=1280&u=https%3A%2F%2F107.149.199.61%3A38689%2F&tt=Welcome-91%E6%8A%96%E9%98%B4%E8%A7%86%E9%A2%91
111.45.3.198200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2072507486&si=f5f73e5916871afe97c68215440d54e7&su=http%3A%2F%2Fwww.real-estate-guide.net%2F&v=1.3.0&lv=1&sn=63016&r=0&ww=1280&u=https%3A%2F%2F107.149.199.61%3A38689%2F&tt=Welcome-91%E6%8A%96%E9%98%B4%E8%A7%86%E9%A2%91
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2072507486&si=f5f73e5916871afe97c68215440d54e7&su=http%3A%2F%2Fwww.real-estate-guide.net%2F&v=1.3.0&lv=1&sn=63016&r=0&ww=1280&u=https%3A%2F%2F107.149.199.61%3A38689%2F&tt=Welcome-91%E6%8A%96%E9%98%B4%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 May 2024 19:43:45 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F741D2282719802E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.imageoss.com/images/2023/12/21/200x200b14df1813e2b8d3a.gif
104.21.55.185200 OK 52 kB URL GET HTTP/2 www.imageoss.com/images/2023/12/21/200x200b14df1813e2b8d3a.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 200 x 200
Hash b45620b8a25740037c5663ce95529462
62ed76c344823f7bae749d2fc6934ca75ec410b8
3ae29c912e67b54241f7b9ed884f64865617096371573d4f50444c4c0e7d7e37
GET /images/2023/12/21/200x200b14df1813e2b8d3a.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 51512
last-modified: Thu, 21 Dec 2023 03:35:06 GMT
etag: "6583b26a-c938"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 345276
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVEXG%2By7QaagYm7X2hZCDVbEWBTwRO0Ek0%2Bn5EXv1JXaNbxyhZ2%2B7jTEni%2FwMHDoDyDggwX15lcZqViQqadp4LfthGXC%2BbOb83Dq9IoxubaZcbhUGPAgQFLQQoU%2Fp9461Nst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb486a61b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2023/12/21/200x200d76d09f4c7492b75.gif
104.21.55.185200 OK 53 kB URL GET HTTP/2 www.imageoss.com/images/2023/12/21/200x200d76d09f4c7492b75.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 200 x 200
Hash 6de8cc732d9dde1007bc8898e1c625ad
0b5f3387fa79a1a79d88fc71a4371946adef26b7
7989cebb5c79b3a797e15d8669441d166205ac4607c9b9e0ab3743e63f958739
GET /images/2023/12/21/200x200d76d09f4c7492b75.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 52597
last-modified: Thu, 21 Dec 2023 03:35:05 GMT
etag: "6583b269-cd75"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 345276
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZE9KQ0%2FFyKO8ZDsGHKNsR4809QgZeVxakBrT%2BvsXVhUj4Ql1YLO%2FXBKSkrT9XxdqYWaTTOELFfMx5gGtf8u0mkQqmSuwBnK4i9oL9mEC69DXkUbM4899Tm8Ys6DS0N4weOf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb486a5fb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/18/150-17aae9c065e105680.gif
104.21.55.185200 OK 59 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/18/150-17aae9c065e105680.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 150 x 150
Hash cb7ed2cddfd87e48f2ac30b32ab91049
fee39c6733e42d547294d01efe849389798ea744
68800044a7d96856376fa6f4557a86178b68f1454e66da29503edce2fe941594
GET /images/2024/03/18/150-17aae9c065e105680.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 59002
last-modified: Mon, 18 Mar 2024 09:17:55 GMT
etag: "65f806c3-e67a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 343219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vdetq7pZnLVdu1TGc3pPByGuSUhwxV41XgbqhbACkxndRlVhsnzqKIkpB7GJee0f869981m3oy0CTRXcAsLL3VKPPgVReS65SGz3kzQ8IIyO6v3WKyocdFEA5JRmXHn1n7h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb487a6bb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/22/960-12015e2ddbb9f2d03d5.gif
104.21.55.185200 OK 384 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/22/960-12015e2ddbb9f2d03d5.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 960 x 120
Size 384 kB (383938 bytes)
Hash a2936963cf1a500939a7b27853e56d05
fdfaaceeda659b280173e6e96e2c5ffa6ff64ee6
cf696f895986d551342f9ea7339ab1c1932dd0cfca727299899ec3410e3d1c97
GET /images/2024/03/22/960-12015e2ddbb9f2d03d5.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 383938
last-modified: Fri, 22 Mar 2024 06:43:08 GMT
etag: "65fd287c-5dbc2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 353168
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BvprAuKgbkGNvJ5ChOwnSGlr%2BhvIR2apkStEDn9JZzCsTt%2B49NB6Gca4Iq25yoPPLmMXWODZiwDbcvAfI60NEBNvbmYQvflSHi3PHERNjF4eO3tyW05Ek2aX5xsPrR0w0i8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb486a5db4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/18/960x100aebb6bc1b7faf83f.gif
104.21.55.185200 OK 151 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/18/960x100aebb6bc1b7faf83f.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 960 x 100
Size 151 kB (151286 bytes)
Hash 26c9594e2d6be0cdc43d9e070a7c7cfd
cf79f9fe171dc524ae4453d5f2a272727a6a04c6
07e31dbcfcd8215cd0b8a07de5bb286cf3a185969e9763990050261bf9805d25
GET /images/2024/03/18/960x100aebb6bc1b7faf83f.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 151286
last-modified: Mon, 18 Mar 2024 04:30:43 GMT
etag: "65f7c373-24ef6"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 353169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqytkTBxwsGG%2FEDeWfXdJDsBhO6bJvSBV0jQ2LBAFE0ISMkZpN6VzbSUx5qzt2K1BgmZro497Lot5XM2aqCervwtpfSkH4SOnrB3%2BrDUEQ8waMpv1bfolzA2E09Ywk%2FmcKd2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb48bac7b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/04/1509f3c38f8204b249a.gif
104.21.55.185404 Not Found 3.2 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/04/1509f3c38f8204b249a.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 160 x 120
Hash fc3acd5ab534ff63c125732b8e6d262c
186a7fcb1cbe1523584bad964bbff6c794f02ff7
acc8db295b2e1bf50cf1d7eef9f7d7966a551ea03ef88eacbabbed7f69323111
GET /images/2024/03/04/1509f3c38f8204b249a.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 3232
etag: "6281e1e6-ca0"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 352835
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kit1YDkl4HjI5Dh60p%2BfJr3%2FCNqSYt0kqtS4BRwW7ckP21rYXgdWtGXjmRoiDsPGklmrNoCKwDU%2FZzIWEbNsxwyHjiSHKi8RJgkLbP83floEDfGCoxapgHXfJr1EPCJYQfK2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb48cae4b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/02/100-qjb4248da05c23a983.gif
104.21.55.185404 Not Found 3.2 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/02/100-qjb4248da05c23a983.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 160 x 120
Hash fc3acd5ab534ff63c125732b8e6d262c
186a7fcb1cbe1523584bad964bbff6c794f02ff7
acc8db295b2e1bf50cf1d7eef9f7d7966a551ea03ef88eacbabbed7f69323111
GET /images/2024/03/02/100-qjb4248da05c23a983.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 3232
etag: "6281e1e6-ca0"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 345277
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwfjLYhdHGQ87ByAz51W2OflMWzvOI%2BcM7Q0IgEDcJxsUst0zHvKpFjso%2F2%2BJl3HR3jeYjyC9ldf%2FgeZ1OeYZgKzbHWGXjgMa9jiDXQz%2Bz9rHVR1I6CVgDWdbFQEHb42qWF9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb48cae7b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2023/12/21/200x200812419f870f4082b.gif
104.21.55.185200 OK 54 kB URL GET HTTP/2 www.imageoss.com/images/2023/12/21/200x200812419f870f4082b.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 200 x 200
Hash 761cdfaf3ecbc9c2acc7a61e1ba78294
2555856cc6d94d8c004ad1d27922b77b98ab3150
32bdf8d86f56a1cfae43312bb4d7601c925d44b2e894cfe8ee0256d2aa203542
GET /images/2023/12/21/200x200812419f870f4082b.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 53996
last-modified: Thu, 21 Dec 2023 03:35:06 GMT
etag: "6583b26a-d2ec"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 301541
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfiiyTtdZxHpbTUEX2fbMezdMrX5ZbhwGgP0vNtsGmcUDbGP1IFLtTXZ7Mtv5tVbwiLMw19rHFApA7Dxfdx2APmTufIPxZv1zc0eK9klHid5SxFZo1BrcNotSFZPWtANQLsB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb496b9eb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/29/100-meiji0557e7389ab23451.gif
104.21.55.185200 OK 194 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/29/100-meiji0557e7389ab23451.gif
IP 104.21.55.185:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 100 x 100
Size 194 kB (193643 bytes)
Hash dde55b5dcef2c765e36e6cdaf782493b
b4131e1f90f7209540f4cd4b8e5aabc905870de2
4687634e63e2150e202ed134eecfa6d67adbc7b584b10ceb0daf7402a3fd6d7c
GET /images/2024/03/29/100-meiji0557e7389ab23451.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 193643
last-modified: Fri, 29 Mar 2024 09:03:13 GMT
etag: "660683d1-2f46b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 345277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Des%2F%2BQHqb2Efj0C9LOG0DsGdeiAgUir2sSOezoqVtL%2F6KfzB2d5obd0Pu0b6x0OEZ1uULwTa7BHXedINuPYyyAwxwVIcXegKAzBnggzINz7n3Y3ZnuWWTbcyYXnUG6W%2F8mX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb496b9ab4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
shtv3.xyz/template/sihaitv/ads/hf8.gif
188.114.96.1200 OK 119 kB URL GET HTTP/2 shtv3.xyz/template/sihaitv/ads/hf8.gif
IP 188.114.96.1:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectshtv3.xyz
FingerprintC5:ED:CC:54:2B:B5:51:E3:26:58:A6:01:36:00:C4:FC:0C:91:80:76
ValidityFri, 19 Apr 2024 12:21:31 GMT - Thu, 18 Jul 2024 12:21:30 GMT
File type GIF image data, version 89a, 980 x 90
Size 119 kB (119225 bytes)
Hash d0416b3e83f544ca607f76d17cbcad9d
68efaf49a87bc1764c0bcd397297cf3351c0d96e
59c2dcb3a1607dcc0e106cfc52c644e335184eea53d513c17b9c89e897ab4b05
GET /template/sihaitv/ads/hf8.gif HTTP/1.1
Host: shtv3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 119225
last-modified: Thu, 07 Mar 2024 15:07:59 GMT
etag: "65e9d84f-1d1b9"
expires: Thu, 30 May 2024 20:23:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 343222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehTM734Sska3bp6OSDdiGKIanetRECLahZ4yZd2giwuJVBLGia7UeFsxMuB%2FkEPAlWMUG3UZcZwKAHYJdxnvnzAY4Z%2FxBIvXQH6xeiYJC3Y6pLOHAiM4IttPblU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb49bcbab4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
172.67.197.136200 OK 141 kB URL GET HTTP/2 sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
IP 172.67.197.136:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectimgclh.com
Fingerprint5E:47:41:BD:54:79:7A:E5:8A:08:61:55:D2:A3:F0:19:89:8F:FC:D3
ValidityTue, 26 Mar 2024 05:00:44 GMT - Mon, 24 Jun 2024 05:00:43 GMT
File type GIF image data, version 89a, 960 x 100
Size 141 kB (140774 bytes)
Hash f0e441ef3131255acdf935206c0d3635
03e14b2f6c54d3342f389fe5d773ee05e8b809fd
8d23939f6175a7229124ae55c8cd5920f2550138ee3ca273d4c708787d3090af
GET /imgs/2023/04/03/8fc08c0346fcc0a4.gif HTTP/1.1
Host: sta2.imgclh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 140774
last-modified: Mon, 03 Apr 2023 09:16:52 GMT
etag: "642a9984-225e6"
expires: Thu, 30 May 2024 18:39:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 349434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izGPnuN6g9T7KoV8EcsGxouWdGghgk1PKobSn9B%2BH41CTkkpZGkFB9V2fpJOTo4PNcMwU8QV4UirPnSum4bu4NIywWctNRVIdAy7YJbjkd1YAawx7oiuDejXxu6T1MxSw64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb49cb1756c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xxxx6686.app/960x100.gif
115.92.19.154200 OK 79 kB IP 115.92.19.154:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoDaddy.com, Inc.
Subjectxxxx6686.app
Fingerprint20:B8:90:00:B6:9C:E2:70:81:35:4F:2E:B3:19:8E:D6:1D:92:36:8B
ValidityMon, 25 Mar 2024 05:32:34 GMT - Tue, 25 Mar 2025 05:32:34 GMT
File type GIF image data, version 89a, 960 x 100
Hash 12c2a5335258e731f3c5f6127b16c22e
8f6740310b97fe07c983f0ef1ca24352e0a2deed
f1bb45aaeaeab16bf28d53a1a82ea51bdbcdb24a3c77970008c8b5a5cac74d7b
GET /960x100.gif HTTP/1.1
Host: xxxx6686.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 78562
last-modified: Tue, 19 Sep 2023 08:21:59 GMT
etag: "65095a27-132e2"
expires: Mon, 03 Jun 2024 19:43:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.175532.com/images/6627adf9eac85a2d39a1b274.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 img.175532.com/images/6627adf9eac85a2d39a1b274.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject175532.com
FingerprintC2:DF:89:FA:E9:ED:4C:FE:A1:F7:BB:85:E6:9F:C1:AA:70:D2:EF:62
ValiditySat, 02 Mar 2024 16:39:03 GMT - Fri, 31 May 2024 16:39:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6627adf9eac85a2d39a1b274.gif HTTP/1.1
Host: img.175532.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg
X-Firefox-Spdy: h2
img.175532.com/images/6627adfdeac85a2d39a1b275.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 img.175532.com/images/6627adfdeac85a2d39a1b275.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject175532.com
FingerprintC2:DF:89:FA:E9:ED:4C:FE:A1:F7:BB:85:E6:9F:C1:AA:70:D2:EF:62
ValiditySat, 02 Mar 2024 16:39:03 GMT - Fri, 31 May 2024 16:39:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6627adfdeac85a2d39a1b275.gif HTTP/1.1
Host: img.175532.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg
X-Firefox-Spdy: h2
xxxx6686.app/320x180.gif
115.92.19.154200 OK 59 kB IP 115.92.19.154:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoDaddy.com, Inc.
Subjectxxxx6686.app
Fingerprint20:B8:90:00:B6:9C:E2:70:81:35:4F:2E:B3:19:8E:D6:1D:92:36:8B
ValidityMon, 25 Mar 2024 05:32:34 GMT - Tue, 25 Mar 2025 05:32:34 GMT
File type GIF image data, version 89a, 320 x 180
Hash 801a70fe82f04902739e9aaf09d41989
8c873de0ccfd0326f0dade75107346553fa98664
0a04c4e412dcbc6b1ce486675aaee649d62afeb00c1ce2b7f4bfa461aa08e169
GET /320x180.gif HTTP/1.1
Host: xxxx6686.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:45 GMT
content-type: image/gif
content-length: 59012
last-modified: Tue, 19 Sep 2023 08:21:49 GMT
etag: "65095a1d-e684"
expires: Mon, 03 Jun 2024 19:43:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
111aa888bb.com/204265e580d9450bbbe2fe241f6e51e0.gif
64.32.19.13200 OK 496 kB URL GET HTTP/1.1 111aa888bb.com/204265e580d9450bbbe2fe241f6e51e0.gif
IP 64.32.19.13:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject111aa111bb.com
FingerprintA2:56:A4:D6:E0:B7:CF:09:78:22:7A:75:F3:81:A1:29:DA:D3:AB:40
ValidityThu, 02 May 2024 21:55:35 GMT - Wed, 31 Jul 2024 21:55:34 GMT
File type GIF image data, version 89a, 980 x 120
Size 496 kB (496039 bytes)
Hash 1ed38d0d02425101153c749ad393200a
b2119ff464dbb8af866407fb9fc739a7b21ece63
edf44159e52da4c3d90ccfe238f0d365339eda8316ddfdfe2e927d70b7a99122
GET /204265e580d9450bbbe2fe241f6e51e0.gif HTTP/1.1
Host: 111aa888bb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:45 GMT
Content-Type: image/gif
Content-Length: 496039
Connection: keep-alive
Last-Modified: Sat, 04 May 2024 09:48:15 GMT
ETag: "6636045f-791a7"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
m1170.top/9bef4285c9ea4840fabcc5335deef3b4.gif
107.148.40.136 334 kB URL GET m1170.top/9bef4285c9ea4840fabcc5335deef3b4.gif
IP 107.148.40.136:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm1170.top
Fingerprint5C:AE:EA:6E:22:90:AF:20:2D:0A:72:D3:46:BD:EB:86:77:47:02:6D
ValidityMon, 25 Mar 2024 18:09:57 GMT - Sun, 23 Jun 2024 18:09:56 GMT
File type gzip compressed data, from Unix
Size 334 kB (334191 bytes)
Hash c70057b90a8b2ea6dd4b031ed07cb4e0
f12463fbe71b904980cd1721a9b7952e328f8750
205492ee4b2c7c15da072e3f39e0f38f5f244ae75b56217bff15fa3af80ad81f
GET /9bef4285c9ea4840fabcc5335deef3b4.gif HTTP/1.1
Host: m1170.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 17:29:52 GMT
etag: W/"6631efcd-51c75"
expires: Mon, 03 Jun 2024 17:29:52 GMT
last-modified: Sat, 04 May 2024 17:33:39 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
wuniang.luorun1.top/wn/300-200.gif
23.225.89.135200 OK 175 kB URL GET HTTP/2 wuniang.luorun1.top/wn/300-200.gif
IP 23.225.89.135:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectwuniang.luorun1.top
Fingerprint6E:18:AE:F6:08:FF:75:8E:23:EC:09:A1:67:66:9E:CD:C8:3C:DD:EF
ValidityWed, 01 May 2024 13:31:12 GMT - Tue, 30 Jul 2024 13:31:11 GMT
File type GIF image data, version 89a, 300 x 200
Size 175 kB (174759 bytes)
Hash b475e727cc3eb2f8029618ed9799fab8
95f91c0545f9aa5411cf757bc2cc58de327b191f
6956250b0838a5f9afcb6c1f30919f6fddc5336860a6aabb783bab7b7a39a952
GET /wn/300-200.gif HTTP/1.1
Host: wuniang.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 174759
last-modified: Wed, 01 May 2024 14:19:18 GMT
etag: "66324f66-2aaa7"
expires: Mon, 03 Jun 2024 14:38:38 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
555bbb999www.com/d6347beea29443c2ab0b937ac1d9afe9.gif
107.167.16.157200 OK 311 kB URL GET HTTP/1.1 555bbb999www.com/d6347beea29443c2ab0b937ac1d9afe9.gif
IP 107.167.16.157:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 960 x 80
Size 311 kB (310888 bytes)
Hash 2b19142af40e11102aa895256cc9241d
62bf50abd2ea4cbd5cbe2274c87a59a2b47611c9
679a13cb4b97d41269816f338157191f5d57d8433e05e962008665bd7830bc92
GET /d6347beea29443c2ab0b937ac1d9afe9.gif HTTP/1.1
Host: 555bbb999www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:46 GMT
Content-Type: image/gif
Content-Length: 310888
Connection: keep-alive
Last-Modified: Thu, 25 Apr 2024 04:33:34 GMT
ETag: "6629dd1e-4be68"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
wuniang.luorun1.top/wn/960-120.gif
23.225.89.135200 OK 231 kB URL GET HTTP/2 wuniang.luorun1.top/wn/960-120.gif
IP 23.225.89.135:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectwuniang.luorun1.top
Fingerprint6E:18:AE:F6:08:FF:75:8E:23:EC:09:A1:67:66:9E:CD:C8:3C:DD:EF
ValidityWed, 01 May 2024 13:31:12 GMT - Tue, 30 Jul 2024 13:31:11 GMT
File type GIF image data, version 89a, 960 x 120
Size 231 kB (230880 bytes)
Hash d73b4f9d812406db8f20cdc132ca6d4c
5aaaeb89a212a0b38f99df39d52026ec5ae87f19
9125a22b22f10d9a46a68971edb1443b3792969728ce4f9000893fc12c4be3b4
GET /wn/960-120.gif HTTP/1.1
Host: wuniang.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 230880
last-modified: Wed, 01 May 2024 14:19:23 GMT
etag: "66324f6b-385e0"
expires: Mon, 03 Jun 2024 14:38:25 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u2024.xyz/uu1.jpg
38.34.172.133200 OK 22 kB IP 38.34.172.133:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectu2024.xyz
Fingerprint83:0E:0C:B3:D5:D0:D7:D9:BF:82:56:7E:20:AB:D1:8C:4F:19:EE:A1
ValidityWed, 27 Mar 2024 14:57:56 GMT - Tue, 25 Jun 2024 14:57:55 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 336x221, components 3
Hash 4c9700cad6c1e3729c4f5efe6f38e761
b47eccbf3f970ec93dd1d63c190a8f73e890f90a
d130a5c8c022648e159595b4ae08cf197b10ff59479080720c7f1834da76bc8a
GET /uu1.jpg HTTP/1.1
Host: u2024.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/jpeg
content-length: 21822
last-modified: Wed, 27 Mar 2024 16:00:48 GMT
etag: "660442b0-553e"
expires: Mon, 03 Jun 2024 19:43:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
amxpj66.oss-cn-hangzhou.aliyuncs.com/baiban/960x120bai.gif
121.199.204.252200 OK 346 kB URL GET HTTP/1.1 amxpj66.oss-cn-hangzhou.aliyuncs.com/baiban/960x120bai.gif
IP 121.199.204.252:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectcn-hangzhou.oss.aliyuncs.com
FingerprintBA:B1:7D:10:E5:EF:BD:A3:65:22:81:6E:73:E8:F1:B9:DB:ED:27:15
ValidityMon, 19 Feb 2024 05:01:07 GMT - Sat, 22 Mar 2025 05:01:06 GMT
File type GIF image data, version 89a, 960 x 120
Size 346 kB (346227 bytes)
Hash 3faaf4d733b02b3ce252ab650ecf0a92
d52eab486d1e947939ff413fccc3e652c5dfec9f
796617008d668e7edc96be14dc251c4198e1f9625d7fe878356b84daf0557d1f
GET /baiban/960x120bai.gif HTTP/1.1
Host: amxpj66.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 May 2024 19:43:46 GMT
Content-Type: image/gif
Content-Length: 346227
Connection: keep-alive
x-oss-request-id: 66368FF29BB9203138FF3C6C
Accept-Ranges: bytes
ETag: "3FAAF4D733B02B3CE252AB650ECF0A92"
Last-Modified: Sat, 27 Apr 2024 07:44:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3650339023916675773
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: P6r01zOwKzziUqtlDs8Kkg==
x-oss-server-time: 3
img2.imgtp.com/2024/04/27/tVh6AVWX.gif
104.21.233.190200 OK 57 kB URL GET HTTP/2 img2.imgtp.com/2024/04/27/tVh6AVWX.gif
IP 104.21.233.190:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectimgtp.com
Fingerprint00:6A:EA:4D:40:52:9B:63:C4:D7:2B:B5:A3:66:B3:8A:70:36:11:E8
ValidityWed, 17 Apr 2024 03:41:22 GMT - Tue, 16 Jul 2024 03:41:21 GMT
File type GIF image data, version 89a, 120 x 120
Hash cd4cdf8e53fbbda42a812c5b6a682685
bc26c0a8d050b45c406f85435fd27c3f064d36c5
f0ba2088927471dd635f684b37f68f03e9ad294398e38de3075e5665a7803b76
GET /2024/04/27/tVh6AVWX.gif HTTP/1.1
Host: img2.imgtp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:47 GMT
content-type: image/gif
content-length: 57449
last-modified: Sat, 27 Apr 2024 09:36:46 GMT
etag: "662cc72e-e069"
expires: Mon, 27 May 2024 09:37:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 641150
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASqwHONXwqIZyh5%2B55Qa8IMILrLoACsNOfdHf89AHz0UEUzA31zoKeJtohmS4ui%2FvxoC%2FxgFssV%2BfvA4TGZGey4WHEHkBPBgcdA9G8%2BwvDvRzRimGjw%2BqO17Uq2XNSUm1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb4f686524d1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
jt.112248.vip/jingtai/szgg/wnsrx2/300X200.gif
156.251.244.228200 OK 32 kB URL GET HTTP/2 jt.112248.vip/jingtai/szgg/wnsrx2/300X200.gif
IP 156.251.244.228:443
Requested by https://107.149.199.61:38689/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectjt.112248.vip
FingerprintD6:BF:E7:D1:42:CD:34:09:BF:54:11:1D:09:83:B6:50:C3:D6:1C:90
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 20 Jan 2025 23:59:59 GMT
File type GIF image data, version 89a, 300 x 200
Hash 5cf3667ef2768065c0bd055b7e275a7a
2e124af60fe8811bb472d8031fc0c6452bc9dae7
096abff376fbc1c1abec82803ed46eda80e96cce19a5eb974390518daa4eb76b
GET /jingtai/szgg/wnsrx2/300X200.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 31870
last-modified: Tue, 30 Apr 2024 04:55:27 GMT
etag: "663079bf-7c7e"
expires: Thu, 30 May 2024 11:40:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jt.112248.vip/jingtai/szgg/xpjcc/300X200.gif
156.251.244.228200 OK 172 kB URL GET HTTP/2 jt.112248.vip/jingtai/szgg/xpjcc/300X200.gif
IP 156.251.244.228:443
Requested by https://107.149.199.61:38689/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectjt.112248.vip
FingerprintD6:BF:E7:D1:42:CD:34:09:BF:54:11:1D:09:83:B6:50:C3:D6:1C:90
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 20 Jan 2025 23:59:59 GMT
File type GIF image data, version 89a, 300 x 200
Size 172 kB (172032 bytes)
Hash 0e7f5d970d8f938983dda145bba1dabc
986772827222b183fb33d778afc32499bf84ecb9
ecd0d40255fe4bd18031c3bde0ec7c2d3e190659a769166297a4482577eb376a
GET /jingtai/szgg/xpjcc/300X200.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 172032
last-modified: Tue, 30 Apr 2024 04:56:06 GMT
etag: "663079e6-2a000"
expires: Thu, 30 May 2024 11:32:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.692881.com/images/663631d775b559972b582f61.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.692881.com/images/663631d775b559972b582f61.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject692881.com
FingerprintF5:02:0B:06:6D:CE:6D:CB:E4:77:05:6A:22:72:6B:57:BD:BD:26:B9
ValiditySat, 02 Mar 2024 16:56:20 GMT - Fri, 31 May 2024 16:56:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/663631d775b559972b582f61.gif HTTP/1.1
Host: www.692881.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg
X-Firefox-Spdy: h2
www.692881.com/images/6636322675b559972b582f65.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.692881.com/images/6636322675b559972b582f65.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject692881.com
FingerprintF5:02:0B:06:6D:CE:6D:CB:E4:77:05:6A:22:72:6B:57:BD:BD:26:B9
ValiditySat, 02 Mar 2024 16:56:20 GMT - Fri, 31 May 2024 16:56:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6636322675b559972b582f65.gif HTTP/1.1
Host: www.692881.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/fcf48fff2ca3a6f4f6902661a9553521.jpg
89.105.195.71200 OK 511 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/fcf48fff2ca3a6f4f6902661a9553521.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type GIF image data, version 89a, 960 x 100
Size 511 kB (511368 bytes)
Hash da885992b1b404804624b297e34bb246
33271ee5d63f595b1587c0936e44675e890601f9
4537758b4bb221faed9430fe007828b9f7ac7aa251d98172a0feb437cfb06b98
GET /upload/vod/20240503-1/fcf48fff2ca3a6f4f6902661a9553521.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 476926
last-modified: Fri, 03 May 2024 05:11:27 GMT
etag: "663471ff-746fe"
expires: Sun, 02 Jun 2024 05:23:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
jt.112248.vip/jingtai/szgg/xpjcc/960X100.gif
156.251.244.228200 OK 667 kB URL GET HTTP/2 jt.112248.vip/jingtai/szgg/xpjcc/960X100.gif
IP 156.251.244.228:443
Requested by https://107.149.199.61:38689/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectjt.112248.vip
FingerprintD6:BF:E7:D1:42:CD:34:09:BF:54:11:1D:09:83:B6:50:C3:D6:1C:90
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 20 Jan 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 100
Size 667 kB (667340 bytes)
Hash 31b4d54aa82f2ab4818c00dda2d0d510
988974ce7e2747925844573683eb865364bd3ea1
0ea03d191c2023e9fffc4f368231d3998cc98e435953470e82969ff3630c0d25
GET /jingtai/szgg/xpjcc/960X100.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 667340
last-modified: Tue, 30 Apr 2024 09:03:54 GMT
etag: "6630b3fa-a2ecc"
expires: Thu, 30 May 2024 11:38:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
634image.vip:3188/960x120.gif
154.84.24.132 580 kB URL GET 634image.vip:3188/960x120.gif
IP 154.84.24.132:0
ASN #211392 Dream Cloud Innovation Limited
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject634image.vip
Fingerprint0E:44:D9:2F:98:5F:C8:32:53:6D:FB:6C:A5:1E:2B:97:41:34:7E:78
ValidityThu, 25 Apr 2024 04:31:19 GMT - Wed, 24 Jul 2024 04:31:18 GMT
File type GIF image data, version 89a, 960 x 120
Size 580 kB (580302 bytes)
Hash ebbfa325109f124bcd954aa9c1278efe
241a718c61a1262b6f5e343bfe07c9fec9a80887
dfaed77b95273394ec51769e8b81cb0a78a0455f461ad4ea74542e45d054e35f
GET /960x120.gif HTTP/1.1
Host: 634image.vip:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 14:20:43 GMT
Vary: Accept-Encoding
ETag: W/"662bb83b-8e359"
Expires: Sun, 02 Jun 2024 07:13:29 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
165image.com:3188/ky960x120.gif
154.84.24.132 591 kB URL GET 165image.com:3188/ky960x120.gif
IP 154.84.24.132:0
ASN #211392 Dream Cloud Innovation Limited
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subject225image.com
Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED
ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT
File type GIF image data, version 89a, 960 x 120
Size 591 kB (590688 bytes)
Hash 31f30a2a0a8b0402780b73aa4407e062
9166c01aa734fe03ae96b80dcd865dd68509f157
987e60a0bf872e844298ed662e3c4b053f18c939e6cf0b4b2a70226e5f268ead
GET /ky960x120.gif HTTP/1.1
Host: 165image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 18 Feb 2024 15:59:33 GMT
Vary: Accept-Encoding
ETag: W/"65d22965-9233d"
Expires: Sun, 02 Jun 2024 08:10:12 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
165tchuang.com:3188/i/2023/02/27/63fc87cf268d4.gif
154.84.24.132 44 kB URL GET 165tchuang.com:3188/i/2023/02/27/63fc87cf268d4.gif
IP 154.84.24.132:0
ASN #211392 Dream Cloud Innovation Limited
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject165tchuang.com
Fingerprint1A:94:8F:FC:C6:4E:0B:6C:90:85:0A:FA:BC:31:E9:C8:9E:41:25:4C
ValidityFri, 12 Apr 2024 11:48:04 GMT - Thu, 11 Jul 2024 11:48:03 GMT
File type GIF image data, version 89a, 960 x 80
Hash 171cb4b4d4d44d09e50293088db12f11
bb1c5a1b46a8224fdd9bb7f932aeb93258ae94a5
cc30da9db7760183489b69ea178454bc7ce2f581c1b4915d388eaa69c0d2376b
GET /i/2023/02/27/63fc87cf268d4.gif HTTP/1.1
Host: 165tchuang.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Feb 2023 10:37:03 GMT
Vary: Accept-Encoding
ETag: W/"63fc87cf-1d0cd"
Expires: Sun, 02 Jun 2024 07:13:22 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
imagecloub.com:1443/c1e6a4a80e0b701937167d91c2b3c27a.gif
5.180.146.180 81 kB URL GET imagecloub.com:1443/c1e6a4a80e0b701937167d91c2b3c27a.gif
IP 5.180.146.180:0
Requested by https://107.149.199.61:38689/
Certificate IssuerZeroSSL
Subjectimagecloub.com
FingerprintA1:E1:02:F5:B7:9C:25:08:17:54:06:BB:1B:5E:96:B7:E1:E8:A2:EA
ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Hash 436afd9bc005f3b7c85b3e67172fd49b
0cad58733ed51033dc631130c364af0e4cdc39ef
20f8f2dc3c678d4d187d22123b7e1fbb4fc20f47050a432c48a503c98cd9d3ea
GET /c1e6a4a80e0b701937167d91c2b3c27a.gif HTTP/1.1
Host: imagecloub.com:1443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 04 May 2024 19:43:46 GMT
Content-Type: image/gif
Last-Modified: Sat, 03 Feb 2024 19:02:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65be8dcd-4c4b40"
Strict-Transport-Security: max-age=86400; includeSubdomains; always
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ggaotu.oss-ap-northeast-1.aliyuncs.com/vs88/Vxin960x80.gif
8.216.114.6200 OK 649 kB URL GET HTTP/1.1 ggaotu.oss-ap-northeast-1.aliyuncs.com/vs88/Vxin960x80.gif
IP 8.216.114.6:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectap-northeast-1.oss.aliyuncs.com
FingerprintC2:20:6D:58:38:4D:C4:77:FF:40:3A:54:C3:BF:38:60:70:26:02:AD
ValidityTue, 21 Nov 2023 02:46:15 GMT - Sun, 22 Dec 2024 02:46:14 GMT
File type GIF image data, version 89a, 960 x 60
Size 649 kB (648716 bytes)
Hash 293e3416b2235e5649d36de2e248dcbc
f7e6742fd1e3bf624e6be1a8a8f7c68c70384393
4881c7305a947afc1e253273dcbcfb4a1db6607f3ddf87641c672dc94e72a298
GET /vs88/Vxin960x80.gif HTTP/1.1
Host: ggaotu.oss-ap-northeast-1.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 May 2024 19:43:45 GMT
Content-Type: image/gif
Content-Length: 648716
Connection: keep-alive
x-oss-request-id: 66368FF1C0B0A53639E8FDE6
Accept-Ranges: bytes
ETag: "293E3416B2235E5649D36DE2E248DCBC"
Last-Modified: Mon, 22 Apr 2024 13:57:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3553786409817960689
x-oss-storage-class: Standard
x-oss-ec: 0048-00000113
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: KT40FrIjXlZJ023i4kjcvA==
x-oss-server-time: 2
www.upr377.com/images/6630f3365d556db1e040233a.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.upr377.com/images/6630f3365d556db1e040233a.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectupr377.com
Fingerprint0D:96:FE:A3:66:17:FE:DB:51:1E:3D:D9:8A:13:E4:79:B5:AE:8F:E6
ValidityTue, 30 Apr 2024 10:07:47 GMT - Mon, 29 Jul 2024 10:07:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f3365d556db1e040233a.gif HTTP/1.1
Host: www.upr377.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/0ff41bd5ad6eddc4fd4e64c77fdbb6fd52663365.jpg
X-Firefox-Spdy: h2
www.eho454.com/images/6630f17c5d556db1e0402327.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.eho454.com/images/6630f17c5d556db1e0402327.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecteho454.com
Fingerprint37:80:08:4D:C6:24:26:4C:E2:AC:A5:7D:69:31:D8:3E:31:A1:D5:18
ValidityTue, 30 Apr 2024 10:01:27 GMT - Mon, 29 Jul 2024 10:01:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f17c5d556db1e0402327.gif HTTP/1.1
Host: www.eho454.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg
X-Firefox-Spdy: h2
666bbb999www.com/71db6ca17e3e4fd8860deaae669fde4d.gif
64.32.19.13200 OK 284 kB URL GET HTTP/1.1 666bbb999www.com/71db6ca17e3e4fd8860deaae669fde4d.gif
IP 64.32.19.13:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 960 x 50
Size 284 kB (283895 bytes)
Hash 9b94540723809d540e574fc64e95bfa5
2e110258e5b72caf1756609870ccc8d9a5ec9ebc
aae9d67375e07de9a35f0eca4567707a1eda1e9078bcc497443a029ec78f3f2d
GET /71db6ca17e3e4fd8860deaae669fde4d.gif HTTP/1.1
Host: 666bbb999www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:46 GMT
Content-Type: image/gif
Content-Length: 283895
Connection: keep-alive
Last-Modified: Sun, 21 Apr 2024 08:05:58 GMT
ETag: "6624c8e6-454f7"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
595image.vip:3188/fu595.gif
154.84.24.132 79 kB URL GET 595image.vip:3188/fu595.gif
IP 154.84.24.132:0
ASN #211392 Dream Cloud Innovation Limited
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subject225image.vip
Fingerprint93:44:22:02:D3:F3:82:F8:5A:BD:22:31:AC:FB:77:40:3D:F0:F2:65
ValiditySat, 20 May 2023 06:07:30 GMT - Tue, 18 Jun 2024 06:07:29 GMT
File type GIF image data, version 89a, 960 x 120
Hash c21efe6023592a1c970948ec080ac1c1
189c2ca682014bceab967ceae8105f14f5529591
9640a0883126a22669d048ee6728019acdd0748245bc5f9d53de472ff9f5a916
GET /fu595.gif HTTP/1.1
Host: 595image.vip:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:47 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 13:55:43 GMT
Vary: Accept-Encoding
ETag: W/"6630f85f-13656"
Expires: Sun, 02 Jun 2024 07:13:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
img.hgimg01.com/upload/vod/20240503-1/2b9466d7b6dea70a7b3f4384b1c1a165.jpg
89.105.195.71200 OK 122 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/2b9466d7b6dea70a7b3f4384b1c1a165.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type GIF image data, version 89a, 960 x 80
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /upload/vod/20240503-1/2b9466d7b6dea70a7b3f4384b1c1a165.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 329807
last-modified: Fri, 03 May 2024 05:11:30 GMT
etag: "66347202-5084f"
expires: Sun, 02 Jun 2024 05:23:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
333bbb666www.com/713725a5c13843dabd4f291aa7e1a3b8.gif
64.32.30.252200 OK 37 kB URL GET HTTP/1.1 333bbb666www.com/713725a5c13843dabd4f291aa7e1a3b8.gif
IP 64.32.30.252:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 320 x 185
Hash 922b2420242f36e3606db520ec3614c1
8c03ea4dbac2cdd6d1d17b54d96b8d2732a5ddf6
815febfd34548b679e01f5ae2f03cf6147628c7f5b534a754bdd8c279e163b6e
GET /713725a5c13843dabd4f291aa7e1a3b8.gif HTTP/1.1
Host: 333bbb666www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: image/gif
Content-Length: 37297
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 15:00:41 GMT
ETag: "66310799-91b1"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
88b.2035syb.com/gif/000-1.gif
122.146.115.182200 OK 296 kB URL GET HTTP/1.1 88b.2035syb.com/gif/000-1.gif
IP 122.146.115.182:443
ASN #9919 New Century InfoComm Tech Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerZeroSSL
Subject88b.2035syb.com
Fingerprint83:2C:F0:BA:30:01:97:4D:EB:3F:54:34:E4:DD:68:C0:98:AB:D5:52
ValidityFri, 03 May 2024 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 296 kB (296186 bytes)
Hash a8bcf39f55252bdce2e3b0499185406c
949cada917e030ecbb624ef05414c0767859e7be
998ed70afc8c94f46d54f7c8bb01684dbf94a132e48c23f8fad3c53629beb956
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /gif/000-1.gif HTTP/1.1
Host: 88b.2035syb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:47 GMT
Content-Type: image/gif
Content-Length: 296186
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 09:51:45 GMT
ETag: "6630bf31-484fa"
Expires: Wed, 15 May 2024 22:06:46 GMT
Cache-Control: max-age=1036800
Strict-Transport-Security: max-age=31536000
Server: 8080
X-Cache-Status: HIT
Accept-Ranges: bytes
666bbb222bbb.com/0daa73bdfb1e4955a40d7bcbde13d326.gif
64.32.30.254200 OK 55 kB URL GET HTTP/1.1 666bbb222bbb.com/0daa73bdfb1e4955a40d7bcbde13d326.gif
IP 64.32.30.254:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject222bbb888bbb.com
Fingerprint70:86:22:F0:75:47:81:37:A1:13:E3:C8:67:01:FE:E3:FB:FA:2D:B5
ValidityTue, 05 Mar 2024 12:26:32 GMT - Mon, 03 Jun 2024 12:26:31 GMT
File type GIF image data, version 89a, 320 x 185
Hash fa01d991776154d954275227253d330b
f37986c10260dfafee5ab569a441529464dbdfc8
ca7c53e90afc32e104fdaad31ef34679a0fe808478261451c10c73ab0f90ed15
GET /0daa73bdfb1e4955a40d7bcbde13d326.gif HTTP/1.1
Host: 666bbb222bbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: image/gif
Content-Length: 54558
Connection: keep-alive
Last-Modified: Sun, 21 Apr 2024 09:59:17 GMT
ETag: "6624e375-d51e"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
777bbb333www.com/7d642213f3904f27b496413365a360e8.gif
64.32.30.254200 OK 58 kB URL GET HTTP/1.1 777bbb333www.com/7d642213f3904f27b496413365a360e8.gif
IP 64.32.30.254:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 320 x 185
Hash 9448d998c21b67458b3251ac1f06d158
45c90c673eee3962bfe1f2d7cf36c5594999f491
36ec765da8cb188864e4f72447375c50c52449a3a1869434cb62dd988a38e08e
GET /7d642213f3904f27b496413365a360e8.gif HTTP/1.1
Host: 777bbb333www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: image/gif
Content-Length: 58514
Connection: keep-alive
Last-Modified: Sun, 21 Apr 2024 07:56:19 GMT
ETag: "6624c6a3-e492"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL GET HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:443
ASN #3462 Data Communication Business Group
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintB0:43:78:32:80:A7:A0:F7:9E:6A:67:05:7A:BC:88:85:19:E6:24:E9
ValidityFri, 08 Mar 2024 08:00:28 GMT - Thu, 06 Jun 2024 08:00:27 GMT
File type GIF image data, version 89a, 960 x 60
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Apr 2011 01:01:39 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Tue, 03 May 2011 01:01:39 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ggaotu.oss-ap-northeast-1.aliyuncs.com/vs88/V640X350.gif
8.216.114.6200 OK 236 kB URL GET HTTP/1.1 ggaotu.oss-ap-northeast-1.aliyuncs.com/vs88/V640X350.gif
IP 8.216.114.6:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectap-northeast-1.oss.aliyuncs.com
FingerprintC2:20:6D:58:38:4D:C4:77:FF:40:3A:54:C3:BF:38:60:70:26:02:AD
ValidityTue, 21 Nov 2023 02:46:15 GMT - Sun, 22 Dec 2024 02:46:14 GMT
File type GIF image data, version 89a, 640 x 350
Size 236 kB (235682 bytes)
Hash 1246dc214c7b39868f719fd043c2bc1c
dd0703d4e86f9fff931f9dc91a02bb0a724747c6
6b239efed038f169959166804e2858c9c77a449d106a032d023968f4523625de
GET /vs88/V640X350.gif HTTP/1.1
Host: ggaotu.oss-ap-northeast-1.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 May 2024 19:43:47 GMT
Content-Type: image/gif
Content-Length: 235682
Connection: keep-alive
x-oss-request-id: 66368FF3C0B0A53035AAFEE6
Accept-Ranges: bytes
ETag: "1246DC214C7B39868F719FD043C2BC1C"
Last-Modified: Wed, 08 Nov 2023 09:10:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3121108905973410412
x-oss-storage-class: Standard
x-oss-ec: 0048-00000113
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: EkbcIUx7OYaPcZ/QQ8K8HA==
x-oss-server-time: 3
www.zoonal.cn/images/2024/04/15/661ce2dcc3b954415132d95f.gif
3.34.208.195302 Found 0 B URL GET HTTP/2 www.zoonal.cn/images/2024/04/15/661ce2dcc3b954415132d95f.gif
IP 3.34.208.195:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectzoonal.cn
Fingerprint63:25:C2:B1:CF:C9:22:2A:9C:A1:FE:76:1B:34:C4:A1:28:32:45:36
ValiditySat, 27 Apr 2024 09:36:54 GMT - Fri, 26 Jul 2024 09:36:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2024/04/15/661ce2dcc3b954415132d95f.gif HTTP/1.1
Host: www.zoonal.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg
X-Firefox-Spdy: h2
92n-tkj.com/hs960-120.gif
198.16.54.34200 OK 874 kB URL GET HTTP/2 92n-tkj.com/hs960-120.gif
IP 198.16.54.34:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecttyy-jzx.com
FingerprintBA:E4:2C:3B:2A:FD:7C:6B:A8:D2:4E:07:91:3A:1F:06:0F:C3:B8:F7
ValidityMon, 15 Apr 2024 10:28:55 GMT - Sun, 14 Jul 2024 10:28:54 GMT
File type GIF image data, version 89a, 960 x 120
Size 874 kB (874336 bytes)
Hash 909cd4004370189f50f96a65c730e038
0f776741be1310ff497764d42b0f90c234b068cc
57567b2f343aa58512713e06541dcbe0b0917abbb6714f33c98c5aa87e2fc816
GET /hs960-120.gif HTTP/1.1
Host: 92n-tkj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:47 GMT
content-type: image/gif
content-length: 874336
last-modified: Thu, 02 May 2024 06:22:41 GMT
etag: "d5760-61772a159ee40"
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/c9fcc3cec3fdfc0333d13384923f8794a4c22665.jpg
104.193.88.109200 OK 181 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/c9fcc3cec3fdfc0333d13384923f8794a4c22665.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 150 x 150
Size 181 kB (181142 bytes)
Hash 327212c9b48fd69607efd58641f3cb56
4c0b235b3f59123abcf3eca902abddffc11246aa
9b38a7b2b767b7913fce555253f1567ccb1d45b9c837735b4584bb6201f07541
GET /tieba/pic/item/c9fcc3cec3fdfc0333d13384923f8794a4c22665.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 181142
expires: Fri, 31 May 2024 17:27:21 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 327212c9b48fd69607efd58641f3cb56
age: 267388
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Wed, 01 May 2024 17:27:21 GMT
ohc-cache-hit: sfo01-sys-jorcol07.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
cd5b0z.xyz:2199/640-160.js
172.247.238.74200 OK 223 kB URL GET HTTP/1.1 cd5b0z.xyz:2199/640-160.js
IP 172.247.238.74:2199
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectcd5b0z.xyz
Fingerprint0B:0F:38:86:21:17:5F:BA:91:05:47:D5:6F:D1:4A:1F:D0:CF:18:D5
ValiditySat, 27 Apr 2024 11:25:10 GMT - Fri, 26 Jul 2024 11:25:09 GMT
File type GIF image data, version 89a, 640 x 160
Size 223 kB (222780 bytes)
Hash 7b5a11963bd8180d8133abf707c925f8
08a000bbff775a475f289143b94c9367db70ebec
70957f5ccd61eddcb5a2923cb6bfd14e895e3b15acbc042a033582fa0760690e
GET /640-160.js HTTP/1.1
Host: cd5b0z.xyz:2199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 26 Mar 2024 12:58:55 GMT
Vary: Accept-Encoding
ETag: W/"6602c68f-368ca"
Expires: Sun, 05 May 2024 03:40:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: qq.com
X-Cache-Status: HIT
imgsrc.baidu.com/tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg
104.193.88.109200 OK 613 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 80
Size 613 kB (613021 bytes)
Hash b526595607451c70411a9ff8822df1f4
4f54b38baaf634832fa201c4233de067da341250
44cb7228a182661a88e199d45e87b89eecbd62ed54faf0139536dd1fece8d317
GET /tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 613021
expires: Tue, 21 May 2024 11:40:53 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: b526595607451c70411a9ff8822df1f4
age: 1152176
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Sun, 21 Apr 2024 11:40:53 GMT
ohc-cache-hit: sfo01-sys-jorcol03.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg
104.193.88.109200 OK 182 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 300 x 200
Size 182 kB (181999 bytes)
Hash e9dbba8389160edcb4c9e187692024e0
b41ade383fbc0ebddc64f895f9e0514d132077ca
7e77076850aeeb54cc4ef852a4655947548e9112bc47192ed434976bf62bfcb4
GET /tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 181999
expires: Thu, 23 May 2024 09:41:28 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: e9dbba8389160edcb4c9e187692024e0
age: 986541
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 23 Apr 2024 09:41:28 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg
104.193.88.109200 OK 459 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 280 x 160
Size 459 kB (459424 bytes)
Hash 1a26a178311c25fd278ad5c9f7c4c41a
59182657c0bf7c3bb52b0a8c00796b19765e1b11
9f917363382bd8f7600ce333bd85219e3626ff21e1fc8554e8784673d2a2e2f1
GET /tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 459424
expires: Tue, 21 May 2024 13:06:23 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 1a26a178311c25fd278ad5c9f7c4c41a
age: 1147046
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Sun, 21 Apr 2024 13:06:23 GMT
ohc-cache-hit: sfo01-sys-jorcol07.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/0ff41bd5ad6eddc4fd4e64c77fdbb6fd52663365.jpg
104.193.88.109200 OK 538 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/0ff41bd5ad6eddc4fd4e64c77fdbb6fd52663365.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 750 x 120
Size 538 kB (537645 bytes)
Hash aace042948c1941a96b77ff1e81c1a53
f7aa75c28ad669657754cfd5e1358fe54e11e8bb
3c9d79ebb0e898a72be871432881b726ad2d53e212fb123b900731c81bdad697
GET /tieba/pic/item/0ff41bd5ad6eddc4fd4e64c77fdbb6fd52663365.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 537645
expires: Fri, 31 May 2024 20:50:49 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: aace042948c1941a96b77ff1e81c1a53
age: 255180
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Wed, 01 May 2024 20:50:49 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg
104.193.88.109200 OK 263 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 750 x 120
Size 263 kB (262816 bytes)
Hash bc107c017b50bbb1386d3f0ee5363bdb
7208cae7497e52e7d7bd6ea16ad5ece0321c8551
3093cbe545c08d04ad42ba0b4ceb2f0f56a975fd026925aeac94c828d845400a
GET /tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 262816
expires: Fri, 31 May 2024 07:29:45 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: bc107c017b50bbb1386d3f0ee5363bdb
age: 303244
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Wed, 01 May 2024 07:29:45 GMT
ohc-cache-hit: sfo01-sys-jorcol09.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg
104.193.88.109200 OK 49 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 150 x 150
Hash b744dc30aee60e4e6f31034067658fac
caf34f05db493af2e382f42ba57a0eb9ba3bba22
15b0f7ae509996d48198d613ec5189748daaadef2972cb9da305d55d4d4bbda0
GET /tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 48613
expires: Fri, 31 May 2024 07:39:09 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: b744dc30aee60e4e6f31034067658fac
age: 302680
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Wed, 01 May 2024 07:39:09 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
mrtoss03.com/57fb8bdfd30b4be742c671436a947daf.gif
107.148.40.140 565 kB URL GET mrtoss03.com/57fb8bdfd30b4be742c671436a947daf.gif
IP 107.148.40.140:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
File type gzip compressed data, from Unix
Size 565 kB (565189 bytes)
Hash 9a88d659ca732f0a005247cf282ad242
a5a82713b6b6122378f40f23fb3315de72414f77
510f0aad595bd405997d02375e4e9f321182d202b5dd33b01d208e0d329249e9
GET /57fb8bdfd30b4be742c671436a947daf.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 18:25:08 GMT
etag: W/"660cd8c7-145b3"
expires: Mon, 03 Jun 2024 18:25:08 GMT
last-modified: Sat, 04 May 2024 19:02:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
104.193.88.109200 OK 85 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 200 x 200
Hash 7c7282d06f4d8c18aa9c8d90edefcd29
eb230b66267afe4bf59d4eb27c6bbafa74f59be8
fc8f3ffb381649d5e1739f5246ecbf6608ae3ccd7629bb254a675619f87f6171
GET /forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 84776
access-control-allow-origin: *
etag: 7c7282d06f4d8c18aa9c8d90edefcd29
expires: Mon, 03 Jun 2024 19:43:49 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg
104.193.88.109200 OK 25 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 270 x 163
Hash c96f6a6537ee40eb8cfa47bad3ecffb2
4711c1ab7028d9a7523c14eeb03a1f14c04504f4
967be16d09b900ed0050ee20ab07f373c95479ed462fc3c654b67c7242a4bdaf
GET /tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 24875
expires: Thu, 30 May 2024 09:33:22 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: c96f6a6537ee40eb8cfa47bad3ecffb2
age: 382227
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 30 Apr 2024 09:33:22 GMT
ohc-cache-hit: sfo01-sys-jorcol06.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
165image.vip:3188/400x200.gif
154.84.24.132 1.1 MB URL GET 165image.vip:3188/400x200.gif
IP 154.84.24.132:0
ASN #211392 Dream Cloud Innovation Limited
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subject225image.vip
Fingerprint93:44:22:02:D3:F3:82:F8:5A:BD:22:31:AC:FB:77:40:3D:F0:F2:65
ValiditySat, 20 May 2023 06:07:30 GMT - Tue, 18 Jun 2024 06:07:29 GMT
File type GIF image data, version 89a, 400 x 200
Size 1.1 MB (1072502 bytes)
Hash aa54aa0a7803a5b8532250c8d95785b6
484bd03ab2f0d85f0ada346fa0d6e003881ab2ba
0a11103c880988c42a94a7fd1bc0f4cc03d6a306f62159528f67543306e44b58
GET /400x200.gif HTTP/1.1
Host: 165image.vip:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Apr 2024 05:40:09 GMT
Vary: Accept-Encoding
ETag: W/"660a48b9-106796"
Expires: Sun, 02 Jun 2024 08:04:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
imgsrc.baidu.com/forum/pic/item/0b7b02087bf40ad1317879d4112c11dfa9ecce6d.jpg
104.193.88.109200 OK 244 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/0b7b02087bf40ad1317879d4112c11dfa9ecce6d.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 120
Size 244 kB (244261 bytes)
Hash 3199e7968e74312e91abb43e50e38f23
a01e6dc24f06808288296d01336f5209f89687db
6ecd32dc2a9668ca36d0dccd3bf2019ef9c60954d9195cc364c1a02c9b6ee6b4
GET /forum/pic/item/0b7b02087bf40ad1317879d4112c11dfa9ecce6d.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 244261
access-control-allow-origin: *
etag: 3199e7968e74312e91abb43e50e38f23
expires: Mon, 03 Jun 2024 19:43:49 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
88e.2036syb.com/gif/mfkp.gif
122.146.115.183200 OK 217 kB URL GET HTTP/1.1 88e.2036syb.com/gif/mfkp.gif
IP 122.146.115.183:443
ASN #9919 New Century InfoComm Tech Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerZeroSSL
Subject88e.2036syb.com
FingerprintD1:EA:A2:9A:A5:E0:A9:7B:25:E1:50:99:27:DF:A0:1C:B1:BD:BB:14
ValidityFri, 03 May 2024 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 469 x 264
Size 217 kB (216712 bytes)
Hash 7ebf860b0b56d6212d6b73937169c5a7
ceef02c3bc040e84f50d59de2d436ded495b4edc
57b4531734ac2271bb5bad7d0ccbe0077848bcd5e1fefaa6e7b98a2aba5e853b
GET /gif/mfkp.gif HTTP/1.1
Host: 88e.2036syb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: image/gif
Content-Length: 216712
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 09:51:52 GMT
ETag: "6630bf38-34e88"
Expires: Wed, 15 May 2024 21:54:50 GMT
Cache-Control: max-age=1036800
Strict-Transport-Security: max-age=31536000
Server: 8080
X-Cache-Status: HIT
Accept-Ranges: bytes
634image.com:3188/400.gif
154.84.24.132 643 kB URL GET 634image.com:3188/400.gif
IP 154.84.24.132:0
ASN #211392 Dream Cloud Innovation Limited
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject634image.com
FingerprintC4:27:8E:FC:40:0D:18:77:2F:32:06:9C:6F:86:24:A3:6E:6E:C8:96
ValidityThu, 25 Apr 2024 04:31:19 GMT - Wed, 24 Jul 2024 04:31:18 GMT
File type GIF image data, version 89a, 500 x 250
Size 643 kB (643350 bytes)
Hash 094f0eeb82073b55495ad297a14047da
0a65eb6dbc9f0bb77781ee4e1756d9bbd3f4b8c6
bc44a5366a65bc6d517879e729796a39e002f0cc562c23d0ff805d246939320a
GET /400.gif HTTP/1.1
Host: 634image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:43:49 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 09:53:50 GMT
Vary: Accept-Encoding
ETag: W/"662b79ae-9df74"
Expires: Sun, 02 Jun 2024 07:13:30 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
104.193.88.109200 OK 233 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 120
Size 233 kB (232650 bytes)
Hash 4b27d41a2128600fde62fbb7f6d4f8ed
0612d8918617330bc746f5846dfaf04f81c8465a
39ccf13d8ffed481f1075b1a896c3750815f6a3bb8044ec876493659d91bd941
GET /forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 232650
access-control-allow-origin: *
etag: 4b27d41a2128600fde62fbb7f6d4f8ed
expires: Mon, 03 Jun 2024 19:43:49 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
d3e8vopdubg91v.cloudfront.net/gif/962.gif
54.230.241.49200 OK 100 kB URL GET HTTP/2 d3e8vopdubg91v.cloudfront.net/gif/962.gif
IP 54.230.241.49:443
Requested by https://107.149.199.61:38689/
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type GIF image data, version 89a, 980 x 80
Size 100 kB (100110 bytes)
Hash 9e66b5a346498dc242e950d6faa9d198
07bea83e6fee40bbfd4b3eba06b27a94ca67a427
71e44c0d7cbe03a36a634293b79ba958f7e27628ea552f5494003a237bc51215
GET /gif/962.gif HTTP/1.1
Host: d3e8vopdubg91v.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 100110
last-modified: Thu, 02 May 2024 15:24:21 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 May 2024 14:35:03 GMT
etag: "9e66b5a346498dc242e950d6faa9d198"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8K4eCsRoIg0ejgQ6RzLz0C4OMyb1CKRsN14g8s5GD7aqsw_S-bRlpg==
age: 18529
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/42166d224f4a20a47a36b1fbd6529822720ed0e6.jpg
104.193.88.109200 OK 133 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/42166d224f4a20a47a36b1fbd6529822720ed0e6.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 1280x720, components 3
Size 133 kB (133214 bytes)
Hash eb63aec9fcc01f433116756742a7b1f3
d7ae804e24ffec85a198bc8cea61c01ad96cee3e
e587128d30b808d0b6ab7d60b6b7c2cf42c070a028f8532c7c051f7f46f1709b
GET /forum/pic/item/42166d224f4a20a47a36b1fbd6529822720ed0e6.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/jpeg
content-length: 133214
access-control-allow-origin: *
etag: eb63aec9fcc01f433116756742a7b1f3
expires: Mon, 03 Jun 2024 19:43:49 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
normandy.cdn.mozilla.net/api/v1/
35.201.103.21 598 B URL normandy.cdn.mozilla.net/api/v1/
IP 35.201.103.21:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 3076f9a5cb273105528b893ff7111e41
b8990c145fe71b9a2410eea41a60a712b43b82bf
69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: form-action 'self'; object-src 'none'; worker-src 'none'; block-all-mixed-content; frame-src 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; base-uri 'none'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Fri, 03 May 2024 23:22:35 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 73293
alt-svc: clear
X-Firefox-Spdy: h2
classify-client.services.mozilla.com/api/v1/classify_client/
34.98.75.36 64 B URL classify-client.services.mozilla.com/api/v1/classify_client/
IP 34.98.75.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 08464131f80e6077b4542c6aea105863
9409b331f6c66d1e7ad53b279e1ca001becd786a
1832fde928f80733b5d6b5308447f3245d25226cc178cebe2b73ca6399fc8699
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:44:08 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sutusw869.top/c1b63913ca51e1dca32fc7807a646eb1.gif
0.0.0.0 0 B URL GET sutusw869.top/c1b63913ca51e1dca32fc7807a646eb1.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectsimp712.top
Fingerprint30:7B:55:4D:55:A0:87:1C:13:86:47:A7:19:7D:E8:83:95:1E:C7:EE
ValidityTue, 30 Apr 2024 12:27:42 GMT - Mon, 29 Jul 2024 12:27:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c1b63913ca51e1dca32fc7807a646eb1.gif HTTP/1.1
Host: sutusw869.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Fri, 03 May 2024 18:28:21 GMT
etag: W/"64e9adaf-c0c2"
expires: Sun, 02 Jun 2024 18:28:21 GMT
last-modified: Sat, 04 May 2024 19:13:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 122 kB URL GET HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:443
ASN #3462 Data Communication Business Group
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintB0:43:78:32:80:A7:A0:F7:9E:6A:67:05:7A:BC:88:85:19:E6:24:E9
ValidityFri, 08 Mar 2024 08:00:28 GMT - Thu, 06 Jun 2024 08:00:27 GMT
File type GIF image data, version 89a, 960 x 80
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Apr 2011 01:01:39 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Tue, 03 May 2011 01:01:39 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
mmo3188.top/22e44ef501f06ae1a25ee77b135a895a.gif
0.0.0.0 0 B URL GET mmo3188.top/22e44ef501f06ae1a25ee77b135a895a.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmmo3188.top
FingerprintB2:6C:64:D7:7F:F3:ED:55:84:AC:7C:9E:CC:FD:D2:85:1E:54:4B:8D
ValidityThu, 21 Mar 2024 15:10:00 GMT - Wed, 19 Jun 2024 15:09:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /22e44ef501f06ae1a25ee77b135a895a.gif HTTP/1.1
Host: mmo3188.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 13:28:29 GMT
etag: W/"652e2bd1-854bb"
expires: Mon, 03 Jun 2024 13:28:29 GMT
last-modified: Sat, 04 May 2024 13:28:30 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
m1170.top/0e9f55a4618ee7c0c581873af31b4162.gif
0.0.0.0 0 B URL GET m1170.top/0e9f55a4618ee7c0c581873af31b4162.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm1170.top
Fingerprint5C:AE:EA:6E:22:90:AF:20:2D:0A:72:D3:46:BD:EB:86:77:47:02:6D
ValidityMon, 25 Mar 2024 18:09:57 GMT - Sun, 23 Jun 2024 18:09:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0e9f55a4618ee7c0c581873af31b4162.gif HTTP/1.1
Host: m1170.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 19:24:21 GMT
etag: W/"662ccb11-1e3ef"
expires: Mon, 03 Jun 2024 19:24:21 GMT
last-modified: Sat, 04 May 2024 19:39:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
jt.112248.vip/jingtai/szgg/wnsrx2/960X100.gif
156.251.244.228200 OK 511 kB URL GET HTTP/2 jt.112248.vip/jingtai/szgg/wnsrx2/960X100.gif
IP 156.251.244.228:443
Requested by https://107.149.199.61:38689/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectjt.112248.vip
FingerprintD6:BF:E7:D1:42:CD:34:09:BF:54:11:1D:09:83:B6:50:C3:D6:1C:90
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 20 Jan 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 100
Size 511 kB (511368 bytes)
Hash da885992b1b404804624b297e34bb246
33271ee5d63f595b1587c0936e44675e890601f9
4537758b4bb221faed9430fe007828b9f7ac7aa251d98172a0feb437cfb06b98
GET /jingtai/szgg/wnsrx2/960X100.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:46 GMT
content-type: image/gif
content-length: 511368
last-modified: Tue, 30 Apr 2024 08:45:59 GMT
etag: "6630afc7-7cd88"
expires: Thu, 30 May 2024 11:35:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
rsnn51.top/08c829dda518c9ef6f53a74de90b4fc8.gif
0.0.0.0 0 B URL GET rsnn51.top/08c829dda518c9ef6f53a74de90b4fc8.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectrsnn51.top
FingerprintF5:E2:FD:F5:AE:8A:88:C0:7B:8A:58:C7:D9:C7:FD:27:CD:CA:73:E9
ValidityFri, 12 Apr 2024 08:49:15 GMT - Thu, 11 Jul 2024 08:49:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /08c829dda518c9ef6f53a74de90b4fc8.gif HTTP/1.1
Host: rsnn51.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 16:31:06 GMT
etag: W/"661ab865-552ca"
expires: Mon, 03 Jun 2024 16:31:06 GMT
last-modified: Sat, 04 May 2024 16:31:07 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/5984a08dd5ad98dd1d63bc91b74dcaca.jpg
89.105.195.71200 OK 272 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/5984a08dd5ad98dd1d63bc91b74dcaca.jpg
IP 89.105.195.71:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 854x480, components 3
Size 272 kB (271508 bytes)
Hash ff7ebecf9bd71555e8268e1fd6956d47
6023f67cd0e5ec9bccaf85c3f93e7d0e403d995d
6aabfa479092e93b5fd0ff2858b399c4c429b64f1550362f4cb75ab43aa6a05b
GET /upload/vod/20240503-1/5984a08dd5ad98dd1d63bc91b74dcaca.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:43:42 GMT
content-type: image/jpeg
content-length: 271508
last-modified: Fri, 03 May 2024 05:11:15 GMT
etag: "663471f3-42494"
expires: Sun, 02 Jun 2024 05:23:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
mrtoss03.com/be0ba627e78d598446af353f3fa29066.gif
0.0.0.0 0 B URL GET mrtoss03.com/be0ba627e78d598446af353f3fa29066.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /be0ba627e78d598446af353f3fa29066.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 18:49:08 GMT
etag: W/"66160edd-649d2"
expires: Mon, 03 Jun 2024 18:49:08 GMT
last-modified: Sat, 04 May 2024 18:51:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
kky0707.vip/960-120-vip.gif
104.21.74.222200 OK 702 kB URL GET HTTP/2 kky0707.vip/960-120-vip.gif
IP 104.21.74.222:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectkky0707.vip
FingerprintF1:B4:D5:60:C6:81:D1:39:2A:14:2E:80:7A:2E:3B:44:63:BF:CA:8D
ValiditySun, 28 Apr 2024 08:32:33 GMT - Sat, 27 Jul 2024 08:32:32 GMT
File type GIF image data, version 89a, 960 x 120
Size 702 kB (702350 bytes)
Hash 4c6835ffb9ab8df7a8251b9d90518873
390b81a607a4b81928b2524d49e986101dfba022
9c66a9c4ef49648974f64bfda50f3159dbbead287cca4b41228418745a40bc33
GET /960-120-vip.gif HTTP/1.1
Host: kky0707.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:43:47 GMT
content-type: image/gif
last-modified: Wed, 10 Apr 2024 07:06:15 GMT
etag: "66163a67-ab78e"
expires: Tue, 28 May 2024 09:30:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 326271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLB6eHiRRKiGq7h5fk%2BQqyC7DA7kwTX3kPoJ7JxbRvYzE%2F1Y0a9iDqVCSR5rLIxKJCpkF0GYtjGFd1Y0hcBG7kNBWr8w3nx3cJwKI5A%2BgKzhDs0d5%2BUky5QXDu08LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eafb4f1c0556b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg
104.193.88.109200 OK 482 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 100
Size 482 kB (482280 bytes)
Hash 056e690d5847294c55407f36636c5944
2762e33939b5422f8adab2470645e28ec871e196
0a17b71731daa6c3141ab43719e828a37992c02e2efc69e4bfa1eb967cd3e44f
GET /tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 May 2024 19:43:49 GMT
content-type: image/gif
content-length: 482280
expires: Thu, 23 May 2024 13:09:52 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 056e690d5847294c55407f36636c5944
age: 974037
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 23 Apr 2024 13:09:52 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
simp229.com/8640c212ed4b8873323ab3a1034d64f9.gif
0.0.0.0 0 B URL GET simp229.com/8640c212ed4b8873323ab3a1034d64f9.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectsimp712.top
Fingerprint30:7B:55:4D:55:A0:87:1C:13:86:47:A7:19:7D:E8:83:95:1E:C7:EE
ValidityTue, 30 Apr 2024 12:27:42 GMT - Mon, 29 Jul 2024 12:27:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8640c212ed4b8873323ab3a1034d64f9.gif HTTP/1.1
Host: simp229.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Wed, 01 May 2024 13:21:51 GMT
etag: W/"6542906c-f585"
expires: Fri, 31 May 2024 13:21:51 GMT
last-modified: Thu, 02 May 2024 08:31:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
mmn734.top/8992edc78009baa534827c5271e40b71.gif
0.0.0.0 0 B URL GET mmn734.top/8992edc78009baa534827c5271e40b71.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmmn734.top
FingerprintD7:16:7D:E5:27:7B:CC:B5:5B:84:82:76:A2:34:AB:53:3C:04:16:AD
ValidityTue, 19 Mar 2024 16:11:36 GMT - Mon, 17 Jun 2024 16:11:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8992edc78009baa534827c5271e40b71.gif HTTP/1.1
Host: mmn734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 12:46:27 GMT
etag: W/"66128373-33682"
expires: Mon, 03 Jun 2024 12:46:27 GMT
last-modified: Sat, 04 May 2024 12:46:28 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
mrtoss03.com/dd11214b04687433483a414863e52fe2.gif
0.0.0.0 0 B URL GET mrtoss03.com/dd11214b04687433483a414863e52fe2.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dd11214b04687433483a414863e52fe2.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 19:00:09 GMT
etag: W/"65193a07-3f99a"
expires: Mon, 03 Jun 2024 19:00:09 GMT
last-modified: Sat, 04 May 2024 19:34:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
cooann.top/6fff83b64f59a954e828d2a57bce06d9.gif
0.0.0.0 0 B URL GET cooann.top/6fff83b64f59a954e828d2a57bce06d9.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectcooann.top
FingerprintA9:B2:45:84:BB:96:EB:00:F0:1B:11:ED:EF:99:AB:CF:29:06:42:BC
ValidityWed, 24 Apr 2024 23:39:14 GMT - Tue, 23 Jul 2024 23:39:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /6fff83b64f59a954e828d2a57bce06d9.gif HTTP/1.1
Host: cooann.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 18:50:21 GMT
etag: W/"66250775-dcad"
expires: Mon, 03 Jun 2024 18:50:21 GMT
last-modified: Sat, 04 May 2024 18:59:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
mrtoss03.com/37f80e45c1f5127bd46f0e7a48cd1424.gif
0.0.0.0 0 B URL GET mrtoss03.com/37f80e45c1f5127bd46f0e7a48cd1424.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /37f80e45c1f5127bd46f0e7a48cd1424.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 19:12:08 GMT
etag: W/"646610db-dfc1"
expires: Mon, 03 Jun 2024 19:12:08 GMT
last-modified: Sat, 04 May 2024 19:36:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
cooann.top/107f3bebdf35e2795dbadf8c5f5d6a41.gif
0.0.0.0 0 B URL GET cooann.top/107f3bebdf35e2795dbadf8c5f5d6a41.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectcooann.top
FingerprintA9:B2:45:84:BB:96:EB:00:F0:1B:11:ED:EF:99:AB:CF:29:06:42:BC
ValidityWed, 24 Apr 2024 23:39:14 GMT - Tue, 23 Jul 2024 23:39:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /107f3bebdf35e2795dbadf8c5f5d6a41.gif HTTP/1.1
Host: cooann.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 19:00:21 GMT
etag: W/"66250797-af6a"
expires: Mon, 03 Jun 2024 19:00:21 GMT
last-modified: Sat, 04 May 2024 19:07:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
kzepp.com/de58699b19835fa95055edda02bd9dff.gif
0.0.0.0 0 B URL GET kzepp.com/de58699b19835fa95055edda02bd9dff.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectkzepp.com
FingerprintC9:67:1A:16:95:85:5B:A9:C9:55:49:94:0D:6B:C6:C3:A8:72:E0:C3
ValidityMon, 15 Apr 2024 15:27:56 GMT - Sun, 14 Jul 2024 15:27:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de58699b19835fa95055edda02bd9dff.gif HTTP/1.1
Host: kzepp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 17:49:08 GMT
etag: W/"65b4d07c-f122"
expires: Mon, 03 Jun 2024 17:49:08 GMT
last-modified: Sat, 04 May 2024 17:49:09 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
m6690.top/b84adb28cdaa7647308a4a6e1a1db3b0.gif
0.0.0.0 0 B URL GET m6690.top/b84adb28cdaa7647308a4a6e1a1db3b0.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm6690.top
FingerprintC6:88:6E:CB:CD:69:E0:E7:F6:6D:3E:8F:A4:EA:F3:1D:E0:A2:F9:F7
ValidityThu, 21 Mar 2024 10:15:10 GMT - Wed, 19 Jun 2024 10:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b84adb28cdaa7647308a4a6e1a1db3b0.gif HTTP/1.1
Host: m6690.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 18:51:21 GMT
etag: W/"66362078-803f"
expires: Mon, 03 Jun 2024 18:51:21 GMT
last-modified: Sat, 04 May 2024 19:25:26 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
m6690.top/9e89f97538513af8d10754a279e95972.gif
0.0.0.0 0 B URL GET m6690.top/9e89f97538513af8d10754a279e95972.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm6690.top
FingerprintC6:88:6E:CB:CD:69:E0:E7:F6:6D:3E:8F:A4:EA:F3:1D:E0:A2:F9:F7
ValidityThu, 21 Mar 2024 10:15:10 GMT - Wed, 19 Jun 2024 10:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9e89f97538513af8d10754a279e95972.gif HTTP/1.1
Host: m6690.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 17:16:24 GMT
etag: W/"66362074-b3f07"
expires: Mon, 03 Jun 2024 17:16:24 GMT
last-modified: Sat, 04 May 2024 17:34:26 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
migo011.top/c4e2fb784c20e73148a221bbc4d12350.gif
0.0.0.0 0 B URL GET migo011.top/c4e2fb784c20e73148a221bbc4d12350.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmigo011.top
FingerprintBC:83:43:DF:5A:8B:D3:49:90:A8:D7:73:5B:46:A6:5B:E2:B2:0F:BF
ValidityTue, 23 Apr 2024 08:31:39 GMT - Mon, 22 Jul 2024 08:31:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4e2fb784c20e73148a221bbc4d12350.gif HTTP/1.1
Host: migo011.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 30 Apr 2024 12:14:25 GMT
etag: W/"6617da5d-12d14"
expires: Thu, 30 May 2024 12:14:25 GMT
last-modified: Tue, 30 Apr 2024 12:14:31 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2