Report - www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows

Report Overview

Submitted URL
www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
IP
38.63.8.217
ASN
#54600 PEG-SV
Submitted
2024-05-11 02:02:16
Access
public
Website Title
喀什疤钨食品有限公司
Final URL
www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hm.baidu.com	8254	unknown	No data	No data	2.4 kB	24 kB	14.215.183.79
api.share.baidu.com	44629	unknown	No data	No data	451 B	114 B	14.215.182.161
r9n9ej2gmhde.sisiyy.com	unknown	unknown	No data	No data	1.4 kB	876 kB	143.204.55.33
666bbb333www.com	unknown	unknown	No data	No data	460 B	55 kB	45.58.182.122
api.pandeku.com	unknown	unknown	No data	No data	455 B	605 B	103.194.186.59
push.zhanzhang.baidu.com	57139	unknown	No data	No data	328 B	750 B	182.61.201.94
photos.ecxvl.com	unknown	unknown	No data	No data	432 B	1.1 MB	104.21.14.194
files.catbox.moe	174913	unknown	No data	No data	434 B	466 kB	108.181.20.35
zhibo128x.xyz	unknown	unknown	No data	No data	387 B	246 kB	192.74.228.210
welcome.ask39dka-3j3kds.vip	unknown	unknown	No data	No data	2.9 kB	48 kB	107.148.151.45
sta2.imgclh.com	unknown	unknown	No data	No data	459 B	142 kB	172.67.197.136
shtv3.xyz	unknown	unknown	No data	No data	445 B	120 kB	188.114.97.1
xl.cdn-xxx.com	unknown	unknown	No data	No data	437 B	130 kB	104.27.194.88
img.hgimg01.com	unknown	unknown	No data	No data	39 kB	8.2 MB	89.105.207.51
taiwtp1.com	unknown	unknown	No data	No data	432 B	69 kB	220.128.218.220
imgsrc.baidu.com	78485	unknown	No data	No data	966 B	318 kB	104.193.88.109
www.juniorwatch.com	unknown	unknown	No data	No data	1.7 kB	4.1 kB	38.63.8.217
img.mresou.com	unknown	unknown	No data	No data	438 B	23 kB	104.21.233.160
www.imageoss.com	unknown	unknown	No data	No data	467 B	60 kB	172.67.172.31
777bbb333www.com	unknown	unknown	No data	No data	460 B	276 kB	45.58.182.122
q6h-vza.com	unknown	unknown	No data	No data	432 B	233 kB	198.16.54.19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-11 01:08:14	medium	Client IP	108.181.20.35	ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)
2024-05-11 01:08:14	medium	Client IP	108.181.20.35	ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)
2024-05-11 01:08:14	medium	Client IP	108.181.20.35	ETPRO INFO .moe Domain in TLS SNI
2024-05-11 01:08:14	medium	Client IP	108.181.20.35	ETPRO INFO .moe Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-11	medium	666bbb333www.com	Sinkholed
2024-05-11	medium	777bbb333www.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	www.juniorwatch.com/common.js	2.7 kB	2024-05-07	2024-05-11
Pretty URL www.juniorwatch.com/common.js IP 38.63.8.217 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:31:47 Last Seen2024-05-11 04:02:39 Times Seen4 Hash 27ff88a27fec815e04d384f26a39d9d2 2a8d999548f6ef4ebf511203692b4ee6d4c3a991 e0cc2459b1fe250b311e4069d99ef59d8b32df3464da10e32066230e80a15426 Loading...

	welcome.ask39dka-3j3kds.vip/template/m1938pc/ads/tb.js	2.0 kB	2024-04-29	2024-05-11
Pretty URL welcome.ask39dka-3j3kds.vip/template/m1938pc/ads/tb.js IP 107.148.151.45 ASN #398823 PEG-LA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 12:44:51 Last Seen2024-05-11 04:02:39 Times Seen22 Hash 61431b00daf22e53d6afa46306081186 709e9922fefc425f324c1c5677daece98123878a d109ee25f25c587923f9122c5623930134e473dcd4c1a32d496c53b35b8198cd Loading...

	hm.baidu.com/hm.js?79e9f7e1fcbaf25401c84e3d008280de	30 kB	2024-05-11	2024-05-11
Pretty URL hm.baidu.com/hm.js?79e9f7e1fcbaf25401c84e3d008280de IP 111.45.3.198 ASN #56040 China Mobile communications corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 04:02:38 Last Seen2024-05-11 04:02:39 Times Seen2 Hash d49b640c6709314f4d4e66ca58962ea5 bfa123fd71a6a569bd2451d344ec51669047b301 b61507ba9a28e03ecbbc884bcae750e068d0ae70bdbee7458bbe56078930c9c2 Loading...

	unknown	408 B	2024-05-11	2024-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-11 04:02:38 Last Seen2024-05-11 04:02:38 Times Seen1 Hash 68c57a67864699ed22140cf7741716e8 aab5769088b0ee07af73cfd90a4914e32340b4e0 9d7263c542fe077b08fefd1706be8a03f79bee500de7c9bab9749d26b4ca7439 Loading...

	unknown	37 B	2023-04-11	2024-06-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49:14 Last Seen2024-06-04 01:48:30 Times Seen23540 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	welcome.ask39dka-3j3kds.vip/	254 B	2024-04-29	2024-05-11
Pretty URL welcome.ask39dka-3j3kds.vip/ IP 107.148.151.45 ASN #398823 PEG-LA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-29 12:44:51 Last Seen2024-05-11 04:02:38 Times Seen11 Hash 66411dae8f7497f643d64bb639231fbc 0ed698dbc250cdefc8fdbf893a5cba023b04962a b5d6ed15dfffc3c0b07992fc7b8e686eb4778dbd338efc00be01b80945ff83f6 Loading...

	welcome.ask39dka-3j3kds.vip/	512 B	2023-03-07	2024-06-03
Pretty URL welcome.ask39dka-3j3kds.vip/ IP 107.148.151.45 ASN #398823 PEG-LA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 22:56:18 Last Seen2024-06-03 04:53:40 Times Seen1011 Hash 9a75702db685d9746aa96f4a8a0bb089 ddd2fac201182f178835bc70284771f5e750f382 fc16f6fd6802bfb4c8233e9116eb1df0ca63df6bdee83dab939f14b897c74ec0 Loading...

	unknown	427 B	2024-05-11	2024-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-11 04:02:38 Last Seen2024-05-11 04:02:38 Times Seen1 Hash 42498be951cae5de5d6fb15b1b0fd2df ad64997577e0d380c9079f424a93fdb9b6186f91 9ab06e738cb1a3ab0717d71214712e52947e05b11006291c86971aa4264f79ad Loading...

	www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe	48 B	2024-05-11	2024-05-11
Pretty URL www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe IP 38.63.8.217 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 04:02:38 Last Seen2024-05-11 04:02:38 Times Seen1 Hash 8298e2e353021cef025e2e86e823d8fa c5e9d7bba168028753a211d77fbc84ae138ec397 1a29a5acf5cce06e99f7680fcd2c30f5f93a64a3e03328efadb3242e615d236f Loading...

	www.juniorwatch.com/tj.js	258 B	2024-04-29	2024-05-11
Pretty URL www.juniorwatch.com/tj.js IP 38.63.8.217 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 12:44:51 Last Seen2024-05-11 04:02:39 Times Seen20 Hash 563f08146eefbcdb91af610f03907882 e086c2d9935f945a909996020dd17b066cb44e4b 53a9d8b764e4e32a895986d0dc7ee85444bc67280ac1531cf3b128c572f2c7ce Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-06-03
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.94 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-06-03 22:35:25 Times Seen19967 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	hm.baidu.com/hm.js?569ca73acb40f859d8d11d8f2794cf95	30 kB	2024-05-11	2024-05-11
Pretty URL hm.baidu.com/hm.js?569ca73acb40f859d8d11d8f2794cf95 IP 14.215.183.79 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 04:02:38 Last Seen2024-05-11 04:02:39 Times Seen2 Hash c8ae6f3e427ce6ddd6f5fc320eb33dc7 6f8cb3589babaab0a09b9b819142b96ef6ce6c35 0051f5948b37ea9665ec1072bb2482da83cf3c731113a313504bffd4ec996517 Loading...

		Size	First Seen	Last Seen
	#1 Write - b48ee07609537ab9dccf884ecfc0a640	144 B	2023-03-07	2024-05-13
Pretty Observations First Seen2023-03-07 01:10:47 Last Seen2024-05-13 18:29:36 Times Seen473 Hash b48ee07609537ab9dccf884ecfc0a640 bcdf6985f6cfa9f1c9c42713d99cdb7bc72c0dd0 243d73493011232a8d37fd42faaf490929e3e84dfc758ebd1c0fb987077f9601 Loading...

	#2 Write - 954369ec18b91a50bdadf7c94af373ba	129 B	2024-04-29	2024-05-11
Pretty Observations First Seen2024-04-29 12:44:51 Last Seen2024-05-11 04:02:38 Times Seen11 Hash 954369ec18b91a50bdadf7c94af373ba 0fa5934db511f0fd0f70cda6043df2f162855445 ee73a71c004170b7a62998e07f376162c91cc74571d92ce10c0b1eee116d1ab0 Loading...

	#3 Write - 1bd419580aae80c592165eebc56f4ddc	8 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1358 Hash 1bd419580aae80c592165eebc56f4ddc 4386a418a5a0a485bfc37c3625fdaf6e27c7a02f 15b9a5e2ebf3c6254671e8cd086bcae15c45acd5a142a0635e67b71423af041d Loading...

	#4 Write - 0facf1853f7521620655144829e4ac6b	7 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1353 Hash 0facf1853f7521620655144829e4ac6b 2e368d3dbd9c53ddd9a7a66ec7657fdeb5266727 4680f102d5c7cefdf58e1dbc29e3913225f9b172d90885e2e2938e8b9f0a49f4 Loading...

	#5 Write - cbb184dd8e05c9709e5dcaedaa0495cf	1 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-06-03 13:45:33 Times Seen3641 Hash cbb184dd8e05c9709e5dcaedaa0495cf c2b7df6201fdd3362399091f0a29550df3505b6a d10b36aa74a59bcf4a88185837f658afaf3646eff2bb16c3928d0e9335e945d2 Loading...

	#6 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-06-04
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-06-04 03:29:45 Times Seen38925493 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#7 Write - aea70eed95896953e77791c997a52433	2 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 01:27:49 Last Seen2024-06-03 04:53:40 Times Seen1595 Hash aea70eed95896953e77791c997a52433 f7368006d9eb8da53e381fd4c46a859390d39e4e 15715d5ca91fe9c1de7947083abca074bb304712ebf119996712abf31472579f Loading...

	#8 Write - 78490b99914b10f282753ec35bcc0537	22 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1351 Hash 78490b99914b10f282753ec35bcc0537 555109dd30dc1177008be131b5245ecbf112bc92 a2c7caea1a253dcdf61b38371721c59887f0f252e2efc4f241d49ea0ab4c82db Loading...

	#9 Write - 918db83bc66ec56ae114ffccca935ca7	104 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1375 Hash 918db83bc66ec56ae114ffccca935ca7 69e229c1db246ca2c1f311da0aaf58b33815a373 ac2bb70e79fa7d5a712851a0f096a78411ca9616e9da1bdc3eb65fe337200ab5 Loading...

	#10 Write - 64ebffd925613e0005cd9637b699e212	86 B	2024-04-05	2024-05-13
Pretty Observations First Seen2024-04-05 09:57:16 Last Seen2024-05-13 18:29:36 Times Seen60 Hash 64ebffd925613e0005cd9637b699e212 1dd8d5f5003b9fd67068909a60a2a6493cdbf52e f1428b5269ed443099972607f9cbe6a246052f92722c6fb8a71411e7204bf0dd Loading...

	#11 Write - 4ef8b2705ca82a935b4c2c5a225f3bb0	133 B	2024-04-29	2024-05-11
Pretty Observations First Seen2024-04-29 12:44:51 Last Seen2024-05-11 04:02:38 Times Seen11 Hash 4ef8b2705ca82a935b4c2c5a225f3bb0 cd0bdfc38367a66e3d694fb881aac5fb2f8d10f2 fe0de155be36395f0d3a0c53126b74ffb329d490699904c7191150c0b5121b6e Loading...

	#12 Write - a83b2d157c402fb8af63a7b05036c116	55 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1351 Hash a83b2d157c402fb8af63a7b05036c116 e25a8fb72e28cc68095b23f2110b4184fa92439a 86a0bec6d2774d3e66148531c280b7e56c9b74bb21b8f630e7dbf478d7eadd3f Loading...

	#13 Write - 6bfd1bf8493c0a1ac9cc38db678cc51c	122 B	2024-04-29	2024-05-11
Pretty Observations First Seen2024-04-29 12:44:51 Last Seen2024-05-11 04:02:38 Times Seen11 Hash 6bfd1bf8493c0a1ac9cc38db678cc51c 1a0ab43ca85a6682c90710b2979c2e2cf335c3a7 1c62fd45c0b830315f922c0374e8ebb1fa723a8d3049cd22b1d7b15c789fcf85 Loading...

	#14 Write - fff3155a32d6a79bf2672b8514442e08	16 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1352 Hash fff3155a32d6a79bf2672b8514442e08 181aa0bf914cb3fefbac62e2c7d0ff8b3bf2991f 684d122b0e96378e9fb2d65622caf3614d79742c03e558a5b26205c5260186b8 Loading...

	#15 Write - 587c60d4354f54b0c137f22159b8a51f	13 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1363 Hash 587c60d4354f54b0c137f22159b8a51f 5e11b481ea0290f25539357b80d2cb2964eb2160 6131336b8080daa3c23462df07a98a6b916363c92390efcaee7431789c5577d1 Loading...

	#16 Write - da3d3844e105b72effb4345201b5e5ef	18 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1353 Hash da3d3844e105b72effb4345201b5e5ef 274704f931fa665170d893f33fa49721c5c71a08 922f1e4166c395e610f8b3351a9e878b66840f869d091c8a1ec212934f23af90 Loading...

	#17 Write - 7a23e4d0e79d5c374c1dd5cb9235df3e	8 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1354 Hash 7a23e4d0e79d5c374c1dd5cb9235df3e 51b0339fa127b3ba00730d8caf982343d5a129c9 54a3b85646190532634f9d7f6f2cf60d03107b0c58eca3ce510a0ab0cb9ce462 Loading...

	#18 Write - 60dd6c6958de103e3993d42edc03d56e	144 B	2023-03-07	2024-05-13
Pretty Observations First Seen2023-03-07 01:10:47 Last Seen2024-05-13 18:29:36 Times Seen376 Hash 60dd6c6958de103e3993d42edc03d56e a43a57d0cffec3d41b8dd6cc5b8385ace46ab9f4 6dddc8f0240d0b2aa3dbddddd51e66115402132639d5e1e953dbd0200b18c2a1 Loading...

	#19 Write - 004b8b808dc5283e238f5ea13822adda	10 B	2023-03-07	2024-05-13
Pretty Observations First Seen2023-03-07 01:10:47 Last Seen2024-05-13 18:29:36 Times Seen1265 Hash 004b8b808dc5283e238f5ea13822adda e7dbf2542852ba232acff68be0c9841d39966d79 eba9ab62f0ee9d8e21e3a59bb22cf23104e3190bb62ae0e7285914f1065cfef2 Loading...

	#20 Write - 8d9fcacd210ce3feb2fabd89a0569ca0	144 B	2023-03-07	2024-05-13
Pretty Observations First Seen2023-03-07 01:10:47 Last Seen2024-05-13 18:29:36 Times Seen861 Hash 8d9fcacd210ce3feb2fabd89a0569ca0 85e895b0073b4b736b0d6196c6a0cb8fde494f95 a8d037088e92f75dca7d1928cca98c740ae50635d0ef6b6e5a4b391dadf90538 Loading...

	#21 Write - ff0eca196f18e128f9f990b46ec69eb9	144 B	2023-03-07	2024-05-13
Pretty Observations First Seen2023-03-07 01:10:48 Last Seen2024-05-13 18:29:36 Times Seen507 Hash ff0eca196f18e128f9f990b46ec69eb9 b1c1b1348d1a8b4e6de0b73cf6319e3ffff5d413 af013c4b8772f33cfefe33910e34a35c33d528246f5535aeeea339b6fb08db7c Loading...

	#22 Write - ad1d0b305d8b5bcd29325bf6bf925237	140 B	2024-04-29	2024-05-11
Pretty Observations First Seen2024-04-29 12:44:52 Last Seen2024-05-11 04:02:39 Times Seen11 Hash ad1d0b305d8b5bcd29325bf6bf925237 3cc3b91d7de90461f01445a2f20b5ee343cc08c3 a580ec42ba1c11a4ded391ed30242e2edc35fe28eb66fd4019a04dc4bdc4bf09 Loading...

	#23 Write - a5bb880136109a39650cb64f7984d0c3	358 B	2024-05-11	2024-05-11
Pretty Observations First Seen2024-05-11 04:02:39 Last Seen2024-05-11 04:02:39 Times Seen1 Hash a5bb880136109a39650cb64f7984d0c3 efcfb364efc0e1e13bc9359c1365a1919ca77b65 23831055a2d221d9f3d7204699f8ab61290220e467dfcb024ba7cac29fb53a3b Loading...

	#24 Write - 80161c34e716ee0324a705896b2483c6	15 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1353 Hash 80161c34e716ee0324a705896b2483c6 98876ca7002e2a1a80b190a72e1c0bbc5bb61acb 24464f46e7f9ba25eb53bcca6337b1eaa31a6abe3a4b3d25efd0389a738ac59f Loading...

	#25 Write - 878da30bd3816a375cd08511cddfa4f6	34 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1352 Hash 878da30bd3816a375cd08511cddfa4f6 4f82bf819a0877c18af599aadf967833b119d8ff 8b2adf22917933a31bece2e10699f2c4e35b5e7241684b838996eeedd7307d8b Loading...

	#26 Write - 199b6f0e589f557711343c2ea42c860c	12 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 12:05:42 Last Seen2024-06-03 04:53:40 Times Seen1364 Hash 199b6f0e589f557711343c2ea42c860c 69d66e5b2ee461def2d86070503b180ad1c3d972 37ab52c9d67ae001c268e59fc0a6d48715f1d9f4450f11ce68bddedc23bb18f2 Loading...

	#27 Write - 1ef0bca0c8fe511a919ad12472e6c67f	8 B	2023-03-07	2024-06-03
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-06-03 13:45:33 Times Seen5907 Hash 1ef0bca0c8fe511a919ad12472e6c67f 1911560857da79f62a8b26817eeda52fa07cefc7 5e4117ea8905b4866062cf8ae840cc520d1cd0403399e0b7342ea8485ef9a37d Loading...

HTTP Transactions (113)

URL IP Response Size

www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

38.63.8.217

200 OK

564 B

URL User Request GET HTTP/1.1
www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
IP
38.63.8.217:80
ASN
#54600 PEG-SV

File type
HTML document, ISO-8859 text, with very long lines (742), with CRLF line terminators
Size
564 B (564 bytes)
Hash
4e192ea2dc16b3e4533c6b175100f34f
30f27bf166dc3ac2a19398ba3d64a6eeba107a10
ab43c626ae7fde79bd8eaf36a8b4db198d98ad7824ea99bb25cf559b61248ea0

HTTP Headers

GET /assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.juniorwatch.com/common.js

38.63.8.217

200 OK

1.2 kB

URL GET HTTP/1.1
www.juniorwatch.com/common.js
IP
38.63.8.217:80
ASN
#54600 PEG-SV

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

File type
JavaScript source, ASCII text, with very long lines (523), with CRLF line terminators
Size
1.2 kB (1222 bytes)
Hash
27ff88a27fec815e04d384f26a39d9d2
2a8d999548f6ef4ebf511203692b4ee6d4c3a991
e0cc2459b1fe250b311e4069d99ef59d8b32df3464da10e32066230e80a15426

HTTP Headers

GET /common.js HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:10 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.juniorwatch.com/tj.js

38.63.8.217

200 OK

258 B

URL GET HTTP/1.1
www.juniorwatch.com/tj.js
IP
38.63.8.217:80
ASN
#54600 PEG-SV

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
258 B (258 bytes)
Hash
563f08146eefbcdb91af610f03907882
e086c2d9935f945a909996020dd17b066cb44e4b
53a9d8b764e4e32a895986d0dc7ee85444bc67280ac1531cf3b128c572f2c7ce

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:10 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive

www.juniorwatch.com/favicon.ico

38.63.8.217

200 OK

1.2 kB

URL GET HTTP/1.1
www.juniorwatch.com/favicon.ico
IP
38.63.8.217:80
ASN
#54600 PEG-SV

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:11 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 16 May 2024 01:08:11 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

push.zhanzhang.baidu.com/push.js

182.61.201.94

200 OK

227 B

URL GET HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.94:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 11 May 2024 01:08:13 GMT
Etag: "4078521116"
Expires: Sun, 11 May 2025 01:08:13 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AE629B9509792EB38BF9BA1703942BE0:FG=1; max-age=31536000; expires=Sun, 11-May-25 01:08:13 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

welcome.ask39dka-3j3kds.vip/

107.148.151.45

200 OK

14 kB

URL GET HTTP/2
welcome.ask39dka-3j3kds.vip/
IP
107.148.151.45:443
ASN
#398823 PEG-LA

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Certificate
IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
14 kB (14110 bytes)
Hash
480e826676a70d8560a645c4160c8309
476646fff6c0433097135f10a2104d899ea3727c
76f1c4257c29d3878f53e21ddf5656107fff6f63cda4fa92eb91a99f3f7b3fb9

HTTP Headers

GET / HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 14110
content-type: text/html; charset=utf-8
date: Sat, 11 May 2024 01:08:13 GMT
server: Apache
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?569ca73acb40f859d8d11d8f2794cf95

14.215.183.79

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?569ca73acb40f859d8d11d8f2794cf95
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
JavaScript source, ASCII text, with very long lines (615)
Size
11 kB (11253 bytes)
Hash
c8ae6f3e427ce6ddd6f5fc320eb33dc7
6f8cb3589babaab0a09b9b819142b96ef6ce6c35
0051f5948b37ea9665ec1072bb2482da83cf3c731113a313504bffd4ec996517

HTTP Headers

GET /hm.js?569ca73acb40f859d8d11d8f2794cf95 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 11 May 2024 01:08:13 GMT
Etag: f6876ce233e4369eca872e52138499f1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DBEC2A40525997F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif

172.67.197.136

200 OK

141 kB

URL GET HTTP/2
sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
IP
172.67.197.136:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGoogle Trust Services LLC
Subjectimgclh.com
Fingerprint5E:47:41:BD:54:79:7A:E5:8A:08:61:55:D2:A3:F0:19:89:8F:FC:D3
ValidityTue, 26 Mar 2024 05:00:44 GMT - Mon, 24 Jun 2024 05:00:43 GMT

File type
GIF image data, version 89a, 960 x 100
Size
141 kB (140774 bytes)
Hash
f0e441ef3131255acdf935206c0d3635
03e14b2f6c54d3342f389fe5d773ee05e8b809fd
8d23939f6175a7229124ae55c8cd5920f2550138ee3ca273d4c708787d3090af

HTTP Headers

GET /imgs/2023/04/03/8fc08c0346fcc0a4.gif HTTP/1.1
Host: sta2.imgclh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 140774
last-modified: Mon, 03 Apr 2023 09:16:52 GMT
etag: "642a9984-225e6"
expires: Thu, 30 May 2024 18:39:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 887302
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBdmcHWB4MtdrIFR5xf4TBLxrA1zLNwBE1sEf%2ByWlVcYgJmFAYG0hJ2TB9KvRFannGWwcnH%2BdyydpWbs0kV2VSIqKcpkejIf1uHM2Q2HFH3CU4MiW6%2B0TZMk%2BPIerw1JpkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d40b7c0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.ask39dka-3j3kds.vip/template/m1938pc/css/ate.css

107.148.151.45

200 OK

4.5 kB

URL GET HTTP/2
welcome.ask39dka-3j3kds.vip/template/m1938pc/css/ate.css
IP
107.148.151.45:443
ASN
#398823 PEG-LA

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4527 bytes)
Hash
507a51f8b1d147fcf60eb2a898690259
e630900e6a1a0434719c5bdaf655362313e7e33c
9a9afeb3b64f2b7ccce5b842929a2fed579e24450e6c436386e7956b2de8e12a

HTTP Headers

GET /template/m1938pc/css/ate.css HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:10 GMT
etag: "126e5-5e5ddfa188f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4527
content-type: text/css
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2

welcome.ask39dka-3j3kds.vip/template/m1938pc/ads/tb.js

107.148.151.45

200 OK

540 B

URL GET HTTP/2
welcome.ask39dka-3j3kds.vip/template/m1938pc/ads/tb.js
IP
107.148.151.45:443
ASN
#398823 PEG-LA

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
540 B (540 bytes)
Hash
61431b00daf22e53d6afa46306081186
709e9922fefc425f324c1c5677daece98123878a
d109ee25f25c587923f9122c5623930134e473dcd4c1a32d496c53b35b8198cd

HTTP Headers

GET /template/m1938pc/ads/tb.js HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 06:16:17 GMT
etag: "7bc-616d19bbb8e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 540
content-type: text/javascript
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2

shtv3.xyz/template/sihaitv/ads/hf8.gif

188.114.97.1

200 OK

119 kB

URL GET HTTP/2
shtv3.xyz/template/sihaitv/ads/hf8.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGoogle Trust Services LLC
Subjectshtv3.xyz
FingerprintC5:ED:CC:54:2B:B5:51:E3:26:58:A6:01:36:00:C4:FC:0C:91:80:76
ValidityFri, 19 Apr 2024 12:21:31 GMT - Thu, 18 Jul 2024 12:21:30 GMT

File type
GIF image data, version 89a, 980 x 90
Size
119 kB (119225 bytes)
Hash
d0416b3e83f544ca607f76d17cbcad9d
68efaf49a87bc1764c0bcd397297cf3351c0d96e
59c2dcb3a1607dcc0e106cfc52c644e335184eea53d513c17b9c89e897ab4b05

HTTP Headers

GET /template/sihaitv/ads/hf8.gif HTTP/1.1
Host: shtv3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 119225
last-modified: Thu, 07 Mar 2024 15:07:59 GMT
etag: "65e9d84f-1d1b9"
expires: Thu, 30 May 2024 20:23:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 881090
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkGDjGbLEt5BcIt%2B9jJt0AlnteFwp9p3ACSUU%2FnvtYaBuIbV6h8G8k18rzp49hMexop1JO3f5mVuRdvh3gG7tgm4aBm1fiXfuFZUFwuuJz%2FsEOdjpHaclzPyT%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d46aecb4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.share.baidu.com/s.gif?l=http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

14.215.182.161

200 OK

0 B

URL GET HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
IP
14.215.182.161:80
ASN
#4134 Chinanet

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 11 May 2024 01:08:14 GMT

welcome.ask39dka-3j3kds.vip/template/m1938pc/css/zui.css

107.148.151.45

200 OK

25 kB

URL GET HTTP/2
welcome.ask39dka-3j3kds.vip/template/m1938pc/css/zui.css
IP
107.148.151.45:443
ASN
#398823 PEG-LA

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT

File type
assembler source, Unicode text, UTF-8 (with BOM) text
Size
25 kB (25171 bytes)
Hash
5660a22ccd545550e17c4ac22fe72135
a35b2c5e39c20cc8a1f6ded28a7adb521cc49a3f
aff7ebc6015eb363a857aeb10e4f104f2adf868573874d3db2fab2aa93e866c0

HTTP Headers

GET /template/m1938pc/css/zui.css HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 16 Sep 2023 13:41:04 GMT
etag: "1bf31-6057a0f78fc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 25171
content-type: text/css
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2

welcome.ask39dka-3j3kds.vip/template/m1938pc/images/1.gif

107.148.151.45

200 OK

254 B

URL GET HTTP/2
welcome.ask39dka-3j3kds.vip/template/m1938pc/images/1.gif
IP
107.148.151.45:443
ASN
#398823 PEG-LA

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT

File type
GIF image data, version 89a, 16 x 17
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/images/1.gif HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Aug 2023 11:58:22 GMT
etag: "fe-60290500f7380"
accept-ranges: bytes
content-length: 254
content-type: image/gif
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2

xl.cdn-xxx.com/image/ZB-27.gif

104.27.194.88

200 OK

129 kB

URL GET HTTP/2
xl.cdn-xxx.com/image/ZB-27.gif
IP
104.27.194.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGoogle Trust Services LLC
Subjectcdn-xxx.com
Fingerprint3B:63:53:AC:40:B2:C4:4B:37:61:1E:F8:DE:1C:3A:95:C2:AB:8B:DD
ValidityTue, 19 Mar 2024 20:12:51 GMT - Mon, 17 Jun 2024 20:12:50 GMT

File type
GIF image data, version 89a, 100 x 100
Size
129 kB (129448 bytes)
Hash
30f951936925b0f6d91a8f94201c6ada
02c3e8ac0b626534d0110f6b8122f2e9bce3f895
7b7c9fe6c6d0e22d8661be16420e4604daf94337b785213b9f2a67b7f3ce2b60

HTTP Headers

GET /image/ZB-27.gif HTTP/1.1
Host: xl.cdn-xxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 129448
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "6537d617-1f9a8"
expires: Fri, 17 May 2024 19:05:50 GMT
last-modified: Tue, 24 Oct 2023 14:35:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 887296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMzRsogD%2BWuR5S0yhHauPggLYX0ecwpLbirGJywdCHHUAQcLRDwGMbF%2Bpf2gJikdIJ%2FHTtMCFox2G%2Fg4P3yhVrrKtsIOshQCG3hu85vcU5jMsrXXPoG7EVtSyxEHroV9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d5bf45b529-OSL
X-Firefox-Spdy: h2

photos.ecxvl.com/hjll.gif

104.21.14.194

200 OK

1.1 MB

URL GET HTTP/2
photos.ecxvl.com/hjll.gif
IP
104.21.14.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectecxvl.com
FingerprintF6:A7:45:E7:10:2A:94:61:83:82:BB:91:F7:7E:5B:33:7F:C4:2C:A4
ValidityWed, 03 Apr 2024 00:03:55 GMT - Tue, 02 Jul 2024 00:03:54 GMT

File type
GIF image data, version 89a, 150 x 150
Size
1.1 MB (1139163 bytes)
Hash
ae1c8abc72c71312897caea272408ddc
3a4a8479f355c5aa713b41f3ea5ed541fb67cbd6
875bca6650e2e18e7d2871df2bfb0e067e8f0df59e69cd8a9028c93c2e8da82c

HTTP Headers

GET /hjll.gif HTTP/1.1
Host: photos.ecxvl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 1139163
last-modified: Mon, 29 Jan 2024 12:45:57 GMT
etag: "65b79e05-1161db"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtlzwctakQgC7GTJbX%2BEz1a9fB8vG21cJcuiszjBkYOCb66buVd8urinm1YRAQFWVJkiCGkUXq3Yyg5zINn5cjGgZ0U%2BUQP%2FSSQSyVhIe8vj75LTfzL8i%2F3u4xDWwWJWqSuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d699b956be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.ask39dka-3j3kds.vip/template/m1938pc/images/video-play.png

107.148.151.45

200 OK

1.6 kB

URL GET HTTP/2
welcome.ask39dka-3j3kds.vip/template/m1938pc/images/video-play.png
IP
107.148.151.45:443
ASN
#398823 PEG-LA

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:16 GMT
etag: "61f-5e5ddfa741d00"
accept-ranges: bytes
content-length: 1567
content-type: image/png
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2

img.mresou.com/img/23062801.jpg

104.21.233.160

200 OK

22 kB

URL GET HTTP/2
img.mresou.com/img/23062801.jpg
IP
104.21.233.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGoogle Trust Services LLC
Subjectmresou.com
Fingerprint13:28:3B:89:15:85:FA:0C:8F:C8:8A:DD:C5:63:05:02:C3:CD:ED:12
ValidityMon, 29 Apr 2024 20:40:01 GMT - Sun, 28 Jul 2024 20:40:00 GMT

File type
JPEG image data, baseline, precision 8, 150x150, components 3
Size
22 kB (22364 bytes)
Hash
fc0bb56254e0b8f96d0f1d2d8dd201c1
5e8bd71f34e2b7e3118cbc3b59befb0199ae9652
b1fc501c0b4187b1ce60e643322dfd2cee729fe3fa24a55dadb7fb9c0d4645bf

HTTP Headers

GET /img/23062801.jpg HTTP/1.1
Host: img.mresou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 22364
last-modified: Wed, 28 Jun 2023 13:01:19 GMT
etag: "649c2f1f-575c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4247107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlHNgYtYmva%2B1dnqoAfo910nkKmeIo2TXm%2FF9ejAQk5BRncmqP7NDecp7ExsJwbHAs1rk4%2FWCWwKFwJJs46IPIStoWDTbJExltinJrxu04Fcm%2BgAl8QisjKBlbyQZUid0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d77bbc71fe-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/d38326ac6f89352a1e944d37a21a5285.jpg

89.105.207.51

200 OK

54 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/d38326ac6f89352a1e944d37a21a5285.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
54 kB (54030 bytes)
Hash
bef6e44b5aa2c7147ae2132342fddee8
db28a9bc8da0c727484c93c97542fac611fc9726
27536dfc824818ee81aef0165cbf635436689cd7cc627a3b1e8bcd7e14c24956

HTTP Headers

GET /upload/vod/20240510-1/d38326ac6f89352a1e944d37a21a5285.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 54030
last-modified: Fri, 10 May 2024 09:50:20 GMT
etag: "663deddc-d30e"
expires: Sun, 09 Jun 2024 09:55:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/e07da24094075d312ea8ba777212cb85.jpg

89.105.207.51

200 OK

46 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/e07da24094075d312ea8ba777212cb85.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
46 kB (46213 bytes)
Hash
8cb52f3411140abb199c54a09a42fa06
f70bc5e182c592c5b1f17e473d2ba48beb15b0ca
fa928931eba4b82eda58084cd8a6c39e1712b04f23b604b5d4e3109050a9ceee

HTTP Headers

GET /upload/vod/20240510-1/e07da24094075d312ea8ba777212cb85.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 46213
last-modified: Fri, 10 May 2024 09:50:15 GMT
etag: "663dedd7-b485"
expires: Sun, 09 Jun 2024 09:56:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/83b13362a93008789d26fb83be5801c5.jpg

89.105.207.51

200 OK

48 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/83b13362a93008789d26fb83be5801c5.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
48 kB (47751 bytes)
Hash
48a33847a2275ab7b2a8c0ba8bd77a51
003add4a34e6d8c3491cea96ea4c7dca9291d480
bfd44bbecf652bbf97ed95fb2f46bf2ecd7e0fab352b00abcfd903571b8b7116

HTTP Headers

GET /upload/vod/20240510-1/83b13362a93008789d26fb83be5801c5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 47751
last-modified: Fri, 10 May 2024 09:45:04 GMT
etag: "663deca0-ba87"
expires: Sun, 09 Jun 2024 10:07:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/a30ebee212e76c422adaaebe1583712f.jpg

89.105.207.51

200 OK

57 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/a30ebee212e76c422adaaebe1583712f.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
57 kB (56775 bytes)
Hash
9e2fd0ee40c213a0b3e5e6893f3567db
9d7d25af535129b8d73e2fb90fb2c001812b7436
8ede1424bc02b9163d48154fcf342658a21ddc4fbf806308c42aa13b72698d89

HTTP Headers

GET /upload/vod/20240510-1/a30ebee212e76c422adaaebe1583712f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 56775
last-modified: Fri, 10 May 2024 09:45:02 GMT
etag: "663dec9e-ddc7"
expires: Sun, 09 Jun 2024 10:07:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/c9d9e7cc9082559e698dbc090bfa6903.jpg

89.105.207.51

200 OK

50 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/c9d9e7cc9082559e698dbc090bfa6903.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 958x539, components 3
Size
50 kB (50129 bytes)
Hash
1532ab0d122d8ef070cf2eee4c10ebd5
de2e485862abec52830343c50ab6a853fd211ad8
cc39a0090b6e9659517c1f24f6315c554e0db196c87c6da2a7f14cafe914c06e

HTTP Headers

GET /upload/vod/20240509-1/c9d9e7cc9082559e698dbc090bfa6903.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 50129
last-modified: Thu, 09 May 2024 08:31:23 GMT
etag: "663c89db-c3d1"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/42602ebfca3f5f430d45df7016eb1ccd.jpg

89.105.207.51

200 OK

54 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/42602ebfca3f5f430d45df7016eb1ccd.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Size
54 kB (53650 bytes)
Hash
907c2fa9420fb705ae665ca58359129d
e2a6362cff68680065ca9a36d130cc7af62249c8
109d72043a1840d8d090f6ccc75db00b678bb06412634d9478988a1f82c66b42

HTTP Headers

GET /upload/vod/20240510-1/42602ebfca3f5f430d45df7016eb1ccd.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 53650
last-modified: Fri, 10 May 2024 09:45:56 GMT
etag: "663decd4-d192"
expires: Sun, 09 Jun 2024 10:00:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/1fbe8edd27a736a60e28c4501f83fb45.jpg

89.105.207.51

200 OK

52 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/1fbe8edd27a736a60e28c4501f83fb45.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x480, components 3
Size
52 kB (52317 bytes)
Hash
3c4652b930117ecf7ac0b096506df24e
d2d632359462eda70b996dc8c1ce8d31d6f57109
6bf2acf961637349f6274fb3ccbd3a1c23f8609a3eb4d2e7c7022d77e9137137

HTTP Headers

GET /upload/vod/20240510-1/1fbe8edd27a736a60e28c4501f83fb45.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 52317
last-modified: Fri, 10 May 2024 09:45:55 GMT
etag: "663decd3-cc5d"
expires: Sun, 09 Jun 2024 10:00:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/d4dbe9e6e5e778ae8b81028addca1757.jpg

89.105.207.51

200 OK

51 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/d4dbe9e6e5e778ae8b81028addca1757.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
51 kB (50661 bytes)
Hash
3691018a9d11c717cb5e29bc431f9a5a
4410c4bfdbac0b9d326312f6058df69137c023bf
664acd9212724192e227a9cba0e88bba0f0ac19ba9e74f916d56d8083540947c

HTTP Headers

GET /upload/vod/20240510-1/d4dbe9e6e5e778ae8b81028addca1757.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 50661
last-modified: Fri, 10 May 2024 09:45:54 GMT
etag: "663decd2-c5e5"
expires: Sun, 09 Jun 2024 10:00:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/450b1fecb65235990f5e24d44c7385f7.jpg

89.105.207.51

200 OK

39 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/450b1fecb65235990f5e24d44c7385f7.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
39 kB (38887 bytes)
Hash
8abdf73f0a8c9b2c02a3f0425ee6b999
e0bacb274922bfadffd8532a48da7db588ba21af
3a48a4ade73a8a8e1e5078d7500200e3938b789d54d0ebd9df6b3971df43df43

HTTP Headers

GET /upload/vod/20240509-1/450b1fecb65235990f5e24d44c7385f7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38887
last-modified: Thu, 09 May 2024 08:31:56 GMT
etag: "663c89fc-97e7"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/ddc42452ae1ff91e57b1ba0208f38b9c.jpg

89.105.207.51

200 OK

39 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/ddc42452ae1ff91e57b1ba0208f38b9c.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Size
39 kB (38887 bytes)
Hash
8abdf73f0a8c9b2c02a3f0425ee6b999
e0bacb274922bfadffd8532a48da7db588ba21af
3a48a4ade73a8a8e1e5078d7500200e3938b789d54d0ebd9df6b3971df43df43

HTTP Headers

GET /upload/vod/20240509-1/ddc42452ae1ff91e57b1ba0208f38b9c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38887
last-modified: Thu, 09 May 2024 08:31:48 GMT
etag: "663c89f4-97e7"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/c5e491a18f1907ce27e53bc09a286a63.jpg

89.105.207.51

200 OK

39 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/c5e491a18f1907ce27e53bc09a286a63.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 852x480, components 3
Size
39 kB (38956 bytes)
Hash
d0c5a21cee8706797fcb667fc163acee
169f50f750725aaa03c6b54d3be44454a62d9322
a710dbc363a607c7740a1849bb647967a9bef06272d5afbda29ce6f1f2544876

HTTP Headers

GET /upload/vod/20240504-1/c5e491a18f1907ce27e53bc09a286a63.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38956
last-modified: Sat, 04 May 2024 05:13:24 GMT
etag: "6635c3f4-982c"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/1b6aed82815bd9b1dd646e8239e9c8ff.jpg

89.105.207.51

200 OK

38 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/1b6aed82815bd9b1dd646e8239e9c8ff.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 852x476, components 3
Size
38 kB (38385 bytes)
Hash
9880fa754545e9853d7d835f3a5c2f26
b6c21234149615424e47838247f1f47bbfefc88a
ff0ea524ba28a1d967feccc807b343059efeac705f05a5ff312de0a7d1f64059

HTTP Headers

GET /upload/vod/20240504-1/1b6aed82815bd9b1dd646e8239e9c8ff.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38385
last-modified: Sat, 04 May 2024 05:13:27 GMT
etag: "6635c3f7-95f1"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/76c6b741c5570d1003a686c5153c9a28.jpg

89.105.207.51

200 OK

28 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/76c6b741c5570d1003a686c5153c9a28.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 590x360, components 3
Size
28 kB (27777 bytes)
Hash
0070de996d6149b31ba49e63caa189bc
db4eccaf76653d97e364016356e24b64dda66916
846a8ecc2b8c5b76ad220e95b3fc10c7f453e442da0fdcdbc43923d13f1f6d1a

HTTP Headers

GET /upload/vod/20240504-1/76c6b741c5570d1003a686c5153c9a28.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 27777
last-modified: Sat, 04 May 2024 05:13:28 GMT
etag: "6635c3f8-6c81"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/aa15ab79121a85342bfcf436143515e0.jpg

89.105.207.51

200 OK

65 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/aa15ab79121a85342bfcf436143515e0.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1024x576, components 3
Size
65 kB (64552 bytes)
Hash
69e68eaca9dfa5ba762c7675e1012a5d
c78212287b262ea33d5c56353cd8be95da45c38b
c61f0180a4feb2bbdd4e5065a197baf67a385934958b724dd6650e572c1e6c6d

HTTP Headers

GET /upload/vod/20240504-1/aa15ab79121a85342bfcf436143515e0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 64552
last-modified: Sat, 04 May 2024 05:13:29 GMT
etag: "6635c3f9-fc28"
expires: Mon, 03 Jun 2024 05:30:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/5911686402623e41e9cf0cdfbe5405ed.jpg

89.105.207.51

200 OK

50 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/5911686402623e41e9cf0cdfbe5405ed.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 960x540, components 3
Size
50 kB (49732 bytes)
Hash
8c8fd3e4b4b3b30ac58fb065414493f9
ccc438abe0dff77f336d5b3056331b2fbb7eae77
1f4fd68a070c83c2f4f90f650c5f189e649d738492ca1f3124226aa5e0208564

HTTP Headers

GET /upload/vod/20240504-1/5911686402623e41e9cf0cdfbe5405ed.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 49732
last-modified: Sat, 04 May 2024 05:13:33 GMT
etag: "6635c3fd-c244"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/96c5cc1789997dafa4ee13f268b6f9ff.jpg

89.105.207.51

200 OK

33 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/96c5cc1789997dafa4ee13f268b6f9ff.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 640x360, components 3
Size
33 kB (32614 bytes)
Hash
f3a68e228d24f04489e707e5a67f6714
98cd7d03d9d412a21a46bb95cc8bbe09f3a71291
482edf2ddaf407023c4e0edd84c7de2d8c7c1660eaedd207c2875cd3054b71ce

HTTP Headers

GET /upload/vod/20240504-1/96c5cc1789997dafa4ee13f268b6f9ff.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 32614
last-modified: Sat, 04 May 2024 05:13:34 GMT
etag: "6635c3fe-7f66"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/f01c8e3538a6aba2c83b1fe00b68bb12.jpg

89.105.207.51

200 OK

39 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/f01c8e3538a6aba2c83b1fe00b68bb12.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 852x480, components 3
Size
39 kB (38956 bytes)
Hash
d0c5a21cee8706797fcb667fc163acee
169f50f750725aaa03c6b54d3be44454a62d9322
a710dbc363a607c7740a1849bb647967a9bef06272d5afbda29ce6f1f2544876

HTTP Headers

GET /upload/vod/20240504-1/f01c8e3538a6aba2c83b1fe00b68bb12.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38956
last-modified: Sat, 04 May 2024 05:13:23 GMT
etag: "6635c3f3-982c"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240503-1/51d06cb2eeb05ef983e46e19539ce319.jpg

89.105.207.51

200 OK

32 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240503-1/51d06cb2eeb05ef983e46e19539ce319.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 640x358, components 3
Size
32 kB (31683 bytes)
Hash
d7defdbeba552bea8c7398834ce13b43
23356015a08230b249377ace7430512082f103e9
da7c0f252194514dacde0c4f55afdff9f16a9d8618b79345b6734b67b5e0d22e

HTTP Headers

GET /upload/vod/20240503-1/51d06cb2eeb05ef983e46e19539ce319.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 31683
last-modified: Fri, 03 May 2024 05:09:08 GMT
etag: "66347174-7bc3"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240503-1/a2d294a1f6fd6202cc718f65e7fb8aa7.jpg

89.105.207.51

200 OK

32 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240503-1/a2d294a1f6fd6202cc718f65e7fb8aa7.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 640x358, components 3
Size
32 kB (31683 bytes)
Hash
d7defdbeba552bea8c7398834ce13b43
23356015a08230b249377ace7430512082f103e9
da7c0f252194514dacde0c4f55afdff9f16a9d8618b79345b6734b67b5e0d22e

HTTP Headers

GET /upload/vod/20240503-1/a2d294a1f6fd6202cc718f65e7fb8aa7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 31683
last-modified: Fri, 03 May 2024 05:09:09 GMT
etag: "66347175-7bc3"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240503-1/669cfe6e51a4b71ffcc4a7f9f9515ac5.jpg

89.105.207.51

200 OK

43 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240503-1/669cfe6e51a4b71ffcc4a7f9f9515ac5.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 852x480, components 3
Size
43 kB (42583 bytes)
Hash
9a666d73adadc2433424fda97b7fde0f
d30ed6687215a356ccf1978bc5048977e1956f07
dfa8f7624a9571d49a3476529bdb83196b9e4b041ce39897aa9093f5c57e8a08

HTTP Headers

GET /upload/vod/20240503-1/669cfe6e51a4b71ffcc4a7f9f9515ac5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 42583
last-modified: Fri, 03 May 2024 05:09:12 GMT
etag: "66347178-a657"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240503-1/f7c78107bdd03c24bb7c3152fd9ec895.jpg

89.105.207.51

200 OK

24 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240503-1/f7c78107bdd03c24bb7c3152fd9ec895.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 587x331, components 3
Size
24 kB (23520 bytes)
Hash
2ebb32178aa57d96052957bffceec50d
06749f59fa86ca3765980d9484a3cac76134cd15
49bd8ef095042239dfbdaa4e9ab6fd11012c47ca9b2e77bad63c3d66adc564ce

HTTP Headers

GET /upload/vod/20240503-1/f7c78107bdd03c24bb7c3152fd9ec895.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 23520
last-modified: Fri, 03 May 2024 05:09:13 GMT
etag: "66347179-5be0"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/aee333f6833c475b2ab6fa10e190ded6.jpg

89.105.207.51

200 OK

110 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/aee333f6833c475b2ab6fa10e190ded6.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
110 kB (109728 bytes)
Hash
2d25875f97bf794d60069d5c9ebdf9cd
78ae6023d7351b6134e88cc877cd4f5d22900672
d6b65e33245d47bc8cab9705d8f7bdda3ec2e971a17537c7c61ef962c281b73f

HTTP Headers

GET /upload/vod/20240510-1/aee333f6833c475b2ab6fa10e190ded6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 109728
last-modified: Fri, 10 May 2024 09:44:32 GMT
etag: "663dec80-1aca0"
expires: Sun, 09 Jun 2024 10:06:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240503-1/f3563863f342536f970c4b35235f3477.jpg

89.105.207.51

200 OK

55 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240503-1/f3563863f342536f970c4b35235f3477.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1004x565, components 3
Size
55 kB (55009 bytes)
Hash
33d1e02b591816b4894716dc67a84c8b
e910064abbd9acb9e51f805216091405f1b3d502
5f2aa67f028349801605685ed7f6a810b6e688e5a40517c3b89f36675a61040f

HTTP Headers

GET /upload/vod/20240503-1/f3563863f342536f970c4b35235f3477.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 55009
last-modified: Fri, 03 May 2024 05:09:15 GMT
etag: "6634717b-d6e1"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/00d57589b78778afdfc4b6010825fc22.jpg

89.105.207.51

200 OK

62 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/00d57589b78778afdfc4b6010825fc22.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x358, components 3
Size
62 kB (61792 bytes)
Hash
36ee970043013c2d4b0883085ee50a2c
5be0a41537de6213823fc354ab5b081cd3228171
7fa8ffd95ac56b11285c18f390cb308c7769be79777fc4a19ca1b6d6d64c6f90

HTTP Headers

GET /upload/vod/20240510-1/00d57589b78778afdfc4b6010825fc22.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 61792
last-modified: Fri, 10 May 2024 09:45:49 GMT
etag: "663deccd-f160"
expires: Sun, 09 Jun 2024 10:01:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/4973c0844d7ddaa696832611b4e851a6.jpg

89.105.207.51

200 OK

63 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/4973c0844d7ddaa696832611b4e851a6.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3
Size
63 kB (62602 bytes)
Hash
9de3a1ea9953f00db2c2f12075e644fb
a73cd166980204dfcd9c0d616901bfe96c8998af
6f41f08bffc1dacd1af24f71cdd0928a62a7cfe7516eb99fb23965cddda9883a

HTTP Headers

GET /upload/vod/20240510-1/4973c0844d7ddaa696832611b4e851a6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 62602
last-modified: Fri, 10 May 2024 09:45:47 GMT
etag: "663deccb-f48a"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/61b4cc48fb9f6faa90b52c64378a4d6d.jpg

89.105.207.51

200 OK

23 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/61b4cc48fb9f6faa90b52c64378a4d6d.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x223, components 3
Size
23 kB (22910 bytes)
Hash
7010dfb49021534a1812d41ee1072342
384868063041db5d1ab2c0d7089cd942f4cbbf1e
af94b0cd57765d405beb3bbf36ef1be6aa72a4c0a8649df0f46466b3e7d09446

HTTP Headers

GET /upload/vod/20240510-1/61b4cc48fb9f6faa90b52c64378a4d6d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 22910
last-modified: Fri, 10 May 2024 09:45:46 GMT
etag: "663decca-597e"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/3753c2ca7c43f883ed645b4b8a8835df.jpg

89.105.207.51

200 OK

111 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/3753c2ca7c43f883ed645b4b8a8835df.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
111 kB (111312 bytes)
Hash
5d653c1f11b1fc917a5e5bc74b17f616
97c05f09862904015ae18f5fe02e9631004a0b9f
791e3ce6eee9916929d25baa9665b67bad6c45bdc1e854d530f87ab723bd6bac

HTTP Headers

GET /upload/vod/20240510-1/3753c2ca7c43f883ed645b4b8a8835df.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 111312
last-modified: Fri, 10 May 2024 09:44:32 GMT
etag: "663dec80-1b2d0"
expires: Sun, 09 Jun 2024 09:55:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/7123503d330173447f236d2384654451.jpg

89.105.207.51

200 OK

102 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/7123503d330173447f236d2384654451.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
102 kB (101936 bytes)
Hash
6d840f4b659dcbedd6f58f88142cf908
f6ea4163fdc047eca91407b5d0065fa893878cc0
7d636fc53258dbae192ced883916b04ca38c04c0390be3db8aeb5b521ca731fa

HTTP Headers

GET /upload/vod/20240510-1/7123503d330173447f236d2384654451.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 101936
last-modified: Fri, 10 May 2024 09:44:30 GMT
etag: "663dec7e-18e30"
expires: Sun, 09 Jun 2024 10:05:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/b6eed186cc258011f2554e3d8d58e3b6.jpg

89.105.207.51

200 OK

18 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/b6eed186cc258011f2554e3d8d58e3b6.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3
Size
18 kB (18026 bytes)
Hash
c78906f4958f1bc4bf0a416c2a1fb556
bba6b403e0b273aa046c06f82d1fc0506ec81e72
eaf9dc62cc22fa61be9b532815a18f77305b1080e3ab610f1be049388321e497

HTTP Headers

GET /upload/vod/20240510-1/b6eed186cc258011f2554e3d8d58e3b6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 18026
last-modified: Fri, 10 May 2024 09:45:43 GMT
etag: "663decc7-466a"
expires: Sun, 09 Jun 2024 10:04:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/8457ce42348468c0c94d552b92a7aedc.jpg

89.105.207.51

200 OK

61 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/8457ce42348468c0c94d552b92a7aedc.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x359, components 3
Size
61 kB (60799 bytes)
Hash
5a7692df6c575fb773f1761c30639571
9e31a6b86d96f1f7ae1ab61bdbd57fcbc6d60f02
a24f01578f68aeb1cc341b270c20d91174c0f09709e0bc974da12391090d52fd

HTTP Headers

GET /upload/vod/20240510-1/8457ce42348468c0c94d552b92a7aedc.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 60799
last-modified: Fri, 10 May 2024 09:45:33 GMT
etag: "663decbd-ed7f"
expires: Sun, 09 Jun 2024 10:04:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/356d962da6ce09f3f4e42f96d49ad846.jpg

89.105.207.51

200 OK

15 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/356d962da6ce09f3f4e42f96d49ad846.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 299x168, components 3
Size
15 kB (14672 bytes)
Hash
7d12918621495e3715e7eea82927abd5
fb1678b34a3bdc8b6df6bf3cef9773dcff326a13
d3592b84fbbb6a3223724a1bdb361e096af34010975abfbfa874a8f37d8e9c30

HTTP Headers

GET /upload/vod/20240510-1/356d962da6ce09f3f4e42f96d49ad846.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 14672
last-modified: Fri, 10 May 2024 09:45:30 GMT
etag: "663decba-3950"
expires: Sun, 09 Jun 2024 10:13:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/9a7df84c4365ee621e4ea985e21b27ef.jpg

89.105.207.51

200 OK

40 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/9a7df84c4365ee621e4ea985e21b27ef.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 534x348, components 3
Size
40 kB (40418 bytes)
Hash
770409caf09aee1e6fa81201eb791fde
522b4b9bf64a165238bf7e2b545295731db65913
eaa747518f941bc4d5913e33806dee8010f2b7d72d60d97fee4d0e9819c53f2d

HTTP Headers

GET /upload/vod/20240510-1/9a7df84c4365ee621e4ea985e21b27ef.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 40418
last-modified: Fri, 10 May 2024 09:45:30 GMT
etag: "663decba-9de2"
expires: Sun, 09 Jun 2024 10:10:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/cb82482706dd1f09d0e14ec105f249aa.jpg

89.105.207.51

200 OK

95 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/cb82482706dd1f09d0e14ec105f249aa.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
95 kB (95152 bytes)
Hash
ed3d2c12bad0b3d94b03100bccaba710
61b94221fe4ee9856a03bb4e447a0e5b53058897
3b4d8f91cbb0f46844632f72fc06b188e522b19a5877db455a1f8bfd8bbe243b

HTTP Headers

GET /upload/vod/20240510-1/cb82482706dd1f09d0e14ec105f249aa.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 95152
last-modified: Fri, 10 May 2024 09:44:25 GMT
etag: "663dec79-173b0"
expires: Sun, 09 Jun 2024 10:05:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/c4bee9ab0224817e603f0e48b067dace.jpg

89.105.207.51

200 OK

107 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/c4bee9ab0224817e603f0e48b067dace.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
107 kB (107072 bytes)
Hash
387a7f64cd1d01d8b09f59c2afc5b8c2
e65d81f0f0e6c9412496f8dc065308befc2fcdf3
87571c5c45ba4c60f1f07f5542ca19045443b8cab07eee8f2ede58c9d095cdc7

HTTP Headers

GET /upload/vod/20240510-1/c4bee9ab0224817e603f0e48b067dace.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 107072
last-modified: Fri, 10 May 2024 09:44:24 GMT
etag: "663dec78-1a240"
expires: Sun, 09 Jun 2024 10:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/39061b04478615f1d2d34178051e0511.jpg

89.105.207.51

200 OK

74 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/39061b04478615f1d2d34178051e0511.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1365x768, components 3
Size
74 kB (74194 bytes)
Hash
f9f4dc431c3942a3b2b9ef4da6c44cbe
ca179433aefb17d30f2cc2474fba708243f7dc54
bd0a3b6ef0c662d9fb86d719cdae755efb7e5bf45b72593078495574432fc4a5

HTTP Headers

GET /upload/vod/20240509-1/39061b04478615f1d2d34178051e0511.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74194
last-modified: Thu, 09 May 2024 08:32:32 GMT
etag: "663c8a20-121d2"
expires: Sat, 08 Jun 2024 08:58:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/27cda9d4e46f5904c5ac1f42ff953e35.jpg

89.105.207.51

200 OK

72 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/27cda9d4e46f5904c5ac1f42ff953e35.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Size
72 kB (71786 bytes)
Hash
b064ec381e52ae8ca5848cbcb5b21444
4fde71dba9f8afd383a7c1c4bbf8c3da28cb182e
aac1c217132de7be18cfd1bd4bc5c8995c119285ec23b662af4686ea051b18d0

HTTP Headers

GET /upload/vod/20240510-1/27cda9d4e46f5904c5ac1f42ff953e35.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 71786
last-modified: Fri, 10 May 2024 09:45:08 GMT
etag: "663deca4-1186a"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/e56f398dcd6dcb8369daee90ec1dbb90.jpg

89.105.207.51

200 OK

72 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/e56f398dcd6dcb8369daee90ec1dbb90.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Size
72 kB (71786 bytes)
Hash
b064ec381e52ae8ca5848cbcb5b21444
4fde71dba9f8afd383a7c1c4bbf8c3da28cb182e
aac1c217132de7be18cfd1bd4bc5c8995c119285ec23b662af4686ea051b18d0

HTTP Headers

GET /upload/vod/20240510-1/e56f398dcd6dcb8369daee90ec1dbb90.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 71786
last-modified: Fri, 10 May 2024 09:45:06 GMT
etag: "663deca2-1186a"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/8c7645cc669d033a317442fe86a89ffc.jpg

89.105.207.51

200 OK

110 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/8c7645cc669d033a317442fe86a89ffc.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
110 kB (110336 bytes)
Hash
4d63a23f6e90c2feed24758b79b016f0
375ce7a8eca791d821ebb891b35e087f9e27cc5e
cd32c04b6d874320e8c8e5b5a6fffd736dc9db51d528fc01ccb2f440b88db559

HTTP Headers

GET /upload/vod/20240510-1/8c7645cc669d033a317442fe86a89ffc.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 110336
last-modified: Fri, 10 May 2024 09:45:06 GMT
etag: "663deca2-1af00"
expires: Sun, 09 Jun 2024 09:57:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/df21256892245e19fd887f29b718ce86.jpg

89.105.207.51

200 OK

104 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/df21256892245e19fd887f29b718ce86.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
104 kB (104496 bytes)
Hash
7d4bc6ec44c76bd08c1ed64382c0233a
58a9c86e264964c38c87af0d7215de263affd32c
bc1070e092e09f26a0df011629695fd23d49ad031ae16ae76f452c31466f0417

HTTP Headers

GET /upload/vod/20240510-1/df21256892245e19fd887f29b718ce86.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 104496
last-modified: Fri, 10 May 2024 09:45:05 GMT
etag: "663deca1-19830"
expires: Sun, 09 Jun 2024 10:07:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/a4a783a3ed1441efd88a5eed3017b735.jpg

89.105.207.51

200 OK

106 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/a4a783a3ed1441efd88a5eed3017b735.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size
106 kB (106143 bytes)
Hash
1bf97297683a326e7937d76ecfa4a029
214f4661b545be253141f9dc168dc2517c665f62
ab0e890cb87fff546c3f23da01412f546c870d2723b234405216b0d1ed9994aa

HTTP Headers

GET /upload/vod/20240509-1/a4a783a3ed1441efd88a5eed3017b735.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 106143
last-modified: Thu, 09 May 2024 08:31:26 GMT
etag: "663c89de-19e9f"
expires: Sat, 08 Jun 2024 08:34:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/38a8e4b22d2104b42270118c5fa98a30.jpg

89.105.207.51

200 OK

124 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/38a8e4b22d2104b42270118c5fa98a30.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size
124 kB (123836 bytes)
Hash
933bfd9ec84d8a9896bcb70cf2d88d9f
050f973c37bdbb9df2e193297b02aab1ce8bd0f5
e15155794301e4bfa652121560291bc37fe706d937700d1534539667295fa250

HTTP Headers

GET /upload/vod/20240509-1/38a8e4b22d2104b42270118c5fa98a30.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 123836
last-modified: Thu, 09 May 2024 08:31:25 GMT
etag: "663c89dd-1e3bc"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/5e5571402157ce74aba1f22713a7f9ce.jpg

89.105.207.51

200 OK

74 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/5e5571402157ce74aba1f22713a7f9ce.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Size
74 kB (74079 bytes)
Hash
af3b16b947681245e5489a8fbe20fd24
23d657711af6246040bbcc0abfe0f58000f56551
88bf3a923c266bf24e940fbe7757878ed3ef52c46f2b5c3f178aca1ffe546b36

HTTP Headers

GET /upload/vod/20240510-1/5e5571402157ce74aba1f22713a7f9ce.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74079
last-modified: Fri, 10 May 2024 09:45:55 GMT
etag: "663decd3-1215f"
expires: Sun, 09 Jun 2024 09:57:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/0dcf4ebc436129efd4db46205f7b46d9.jpg

89.105.207.51

200 OK

95 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/0dcf4ebc436129efd4db46205f7b46d9.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x680, components 3
Size
95 kB (94597 bytes)
Hash
26f680d0d08e1781d4872b9b76bf7c28
98fbef9e110fe07ffde46d804fd638f19a00f473
c288cf12e6dfdbd861934bfa0e9841d9e489a2f75b06b68b418465599a08973b

HTTP Headers

GET /upload/vod/20240510-1/0dcf4ebc436129efd4db46205f7b46d9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 94597
last-modified: Fri, 10 May 2024 09:45:53 GMT
etag: "663decd1-17185"
expires: Sun, 09 Jun 2024 10:01:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/e06bf6441b169d43dd64980ee281626b.jpg

89.105.207.51

200 OK

74 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/e06bf6441b169d43dd64980ee281626b.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Size
74 kB (73498 bytes)
Hash
9da05117711a9933841ec39654df0a11
02584984fc8fc85a9b9504fe34f17a05daa1f9b0
bb6a038f9c29fbe122c3bfb4576c8df7859ad9c1f07a048662d4e33fb84a9b1f

HTTP Headers

GET /upload/vod/20240510-1/e06bf6441b169d43dd64980ee281626b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 73498
last-modified: Fri, 10 May 2024 09:44:20 GMT
etag: "663dec74-11f1a"
expires: Sun, 09 Jun 2024 10:01:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/9642f4d5a644aceb2541e00cee0f0ecf.jpg

89.105.207.51

200 OK

92 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/9642f4d5a644aceb2541e00cee0f0ecf.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1396x772, components 3
Size
92 kB (91682 bytes)
Hash
5c549e4bb2682b3d1c604dabb8f5fcbe
99f9a27e8fc4c69c4bdcc949c39f3394a2203cd5
5db67d7876211c2949e9a1bc6f073b63543f045180d495d5a88faceed5e409ff

HTTP Headers

GET /upload/vod/20240509-1/9642f4d5a644aceb2541e00cee0f0ecf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 91682
last-modified: Thu, 09 May 2024 08:31:59 GMT
etag: "663c89ff-16622"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/54d0472bc9e21ee4b1752f6a5806427f.jpg

89.105.207.51

200 OK

111 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/54d0472bc9e21ee4b1752f6a5806427f.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1704x952, components 3
Size
111 kB (110745 bytes)
Hash
fe1d0c8adc72fac165aef27f1350bcf3
152dee7e3fc0dcbafafe78ceed80e252c1efd630
9ee5ecc5fa75373fd83543f3cab3d81262236b260719e00c2e6bcda925403bfe

HTTP Headers

GET /upload/vod/20240509-1/54d0472bc9e21ee4b1752f6a5806427f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 110745
last-modified: Thu, 09 May 2024 08:31:46 GMT
etag: "663c89f2-1b099"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/9358072cdd0826fcfa9ff1c584903e5e.jpg

89.105.207.51

200 OK

125 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/9358072cdd0826fcfa9ff1c584903e5e.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1240x832, components 3
Size
125 kB (124706 bytes)
Hash
4ba1770945283a0f31b7b56a254b2c34
e67bee871aa27207f0d251caa6c0ef0b400accb1
7d4a9426b7c44a4d127a20f44e63fef3aee4e3382494d0400456dc39bba37c51

HTTP Headers

GET /upload/vod/20240509-1/9358072cdd0826fcfa9ff1c584903e5e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 124706
last-modified: Thu, 09 May 2024 08:31:45 GMT
etag: "663c89f1-1e722"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/7f8ef28d7a5775328d6b7decbccce14b.jpg

89.105.207.51

200 OK

107 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/7f8ef28d7a5775328d6b7decbccce14b.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1436x672, components 3
Size
107 kB (107352 bytes)
Hash
1808ce7854ae83a2def757ad9077f06a
310d39861a535e1c67d4d6a6d31c1c795e9162b7
2f3216a2e50a0d6ea8a7bde68aa80402a3e264d097f83b99f98ef82723edcaad

HTTP Headers

GET /upload/vod/20240509-1/7f8ef28d7a5775328d6b7decbccce14b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 107352
last-modified: Thu, 09 May 2024 08:31:44 GMT
etag: "663c89f0-1a358"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/09eb51f0b8869972a0f623b34050737c.jpg

89.105.207.51

200 OK

68 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/09eb51f0b8869972a0f623b34050737c.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
68 kB (67511 bytes)
Hash
c1340da9373371e7d43ab7d0486049f5
0a52172f115b80458266d2e51ddae8236e87957f
48ddefc32466b809d2c3f5333b511c2a508edfe4afec8c5b75a5ec64ae542a8d

HTTP Headers

GET /upload/vod/20240504-1/09eb51f0b8869972a0f623b34050737c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 67511
last-modified: Sat, 04 May 2024 05:13:35 GMT
etag: "6635c3ff-107b7"
expires: Mon, 03 Jun 2024 05:30:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/2ce0c97ee153a433a05a4421dd5d617f.jpg

89.105.207.51

200 OK

74 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/2ce0c97ee153a433a05a4421dd5d617f.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1000x780, components 3
Size
74 kB (74306 bytes)
Hash
35a87fed5f99a3caeddf22fe3b4df0a7
598b52980df784da9cd2f1e9750bf8e2cab909f8
a8ab13c4e66c0f96ace5a80b4898ba1723652a7a96ce42322f47468c057e1683

HTTP Headers

GET /upload/vod/20240504-1/2ce0c97ee153a433a05a4421dd5d617f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74306
last-modified: Sat, 04 May 2024 05:13:19 GMT
etag: "6635c3ef-12242"
expires: Mon, 03 Jun 2024 05:30:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/0d7206c47f47fd1999c8688572f597a8.jpg

89.105.207.51

200 OK

67 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/0d7206c47f47fd1999c8688572f597a8.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 854x481, components 3
Size
67 kB (66658 bytes)
Hash
fb969dec57c4992b28fe8ad21b2ecba0
a3d2ba81e77b6e25d426dba740f98e4464cccda9
4a6808bfd1c29bb11255c5d9d3af4adf999d6b35fc783c4b1e39ade5725a5a3a

HTTP Headers

GET /upload/vod/20240510-1/0d7206c47f47fd1999c8688572f597a8.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 66658
last-modified: Fri, 10 May 2024 09:45:48 GMT
etag: "663deccc-10462"
expires: Sun, 09 Jun 2024 10:01:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/61a310f2e66d459654286826f6b6d04b.jpg

89.105.207.51

200 OK

98 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/61a310f2e66d459654286826f6b6d04b.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 854x481, components 3
Size
98 kB (97495 bytes)
Hash
850b10ec76a2c8f77d25d70ea0d0e9f1
4a6715788f4b4660e8421d665c1cf9f7065ff483
63fe1a1f50491942ee5bce32d0c0b1ebda084b97d65af376d689d2ecfbf9e98c

HTTP Headers

GET /upload/vod/20240510-1/61a310f2e66d459654286826f6b6d04b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 97495
last-modified: Fri, 10 May 2024 09:45:45 GMT
etag: "663decc9-17cd7"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/4bf5e6de6f8cad4802f8ff805ffe36c7.jpg

89.105.207.51

200 OK

66 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/4bf5e6de6f8cad4802f8ff805ffe36c7.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 846x478, components 3
Size
66 kB (66254 bytes)
Hash
a938c93cbe50d3a6f3750c3a9d06a3e0
1ea9144ed35dfeb1aa2f54281063a94705e5be50
913958fdab07a02c90d0315a1610ceb9c4d1242ef4a9275c460b9edd2dfa9dc4

HTTP Headers

GET /upload/vod/20240510-1/4bf5e6de6f8cad4802f8ff805ffe36c7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 66254
last-modified: Fri, 10 May 2024 09:45:45 GMT
etag: "663decc9-102ce"
expires: Sun, 09 Jun 2024 10:04:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/099f8c61c11e743fdf7b4b513b2e42a4.jpg

89.105.207.51

200 OK

91 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/099f8c61c11e743fdf7b4b513b2e42a4.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 853x480, components 3
Size
91 kB (91407 bytes)
Hash
7474491fd6ad3a6e44ebd4ee47df5c77
6504e513576d912b6832a65ecaef751c757d8255
08f9c8ee3d464b60e80baede4a1224d584e97d89b3e33d1e088a816d3b98fafb

HTTP Headers

GET /upload/vod/20240510-1/099f8c61c11e743fdf7b4b513b2e42a4.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 91407
last-modified: Fri, 10 May 2024 09:45:44 GMT
etag: "663decc8-1650f"
expires: Sun, 09 Jun 2024 10:04:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/104791da59f56a8075f8bf79bdc1f22e.jpg

89.105.207.51

200 OK

87 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/104791da59f56a8075f8bf79bdc1f22e.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x474, components 3
Size
87 kB (87140 bytes)
Hash
0ceaa0153801a07c44a06f1014aa53c2
1140765f3c6188588bad6a302b3b8e1fc84fe43b
800b57eb85220417f1454a886822cf7e985ce00eeef5882d92d1b66345b45bce

HTTP Headers

GET /upload/vod/20240510-1/104791da59f56a8075f8bf79bdc1f22e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 87140
last-modified: Fri, 10 May 2024 09:45:42 GMT
etag: "663decc6-15464"
expires: Sun, 09 Jun 2024 10:04:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/44a35d38860aceb11099c23c4d0657cf.jpg

89.105.207.51

200 OK

75 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/44a35d38860aceb11099c23c4d0657cf.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x394, components 3
Size
75 kB (74857 bytes)
Hash
6471f076e3cda20d01d7d3ecfbaf277c
cb4c08e32cf7ffe7afcd9dbac8338e55fcc2f70b
20af3d3a0357fefd7a7eb6a906445658a4ec2fb9e0da2c29a798e0ac61f46e3d

HTTP Headers

GET /upload/vod/20240510-1/44a35d38860aceb11099c23c4d0657cf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74857
last-modified: Fri, 10 May 2024 09:45:41 GMT
etag: "663decc5-12469"
expires: Sun, 09 Jun 2024 10:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/2e97a41de28572a4848410c3c45b46e6.jpg

89.105.207.51

200 OK

74 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/2e97a41de28572a4848410c3c45b46e6.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 855x478, components 3
Size
74 kB (73870 bytes)
Hash
cf49fe733648c0d9e34b8586b2cbbade
ebd6938da6ada1f63f3bc9e96e5de3f9c54d3405
73bfccf9e3c52ca5dc5528f1ee621af680f7b0671f2ff119edcc2a5b1c7c1a25

HTTP Headers

GET /upload/vod/20240510-1/2e97a41de28572a4848410c3c45b46e6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 73870
last-modified: Fri, 10 May 2024 09:45:29 GMT
etag: "663decb9-1208e"
expires: Sun, 09 Jun 2024 10:13:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/cdc2376b2a4fe2ad74e4d6c0acfc6291.jpg

89.105.207.51

200 OK

102 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/cdc2376b2a4fe2ad74e4d6c0acfc6291.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
102 kB (101872 bytes)
Hash
ec20b4ac4ed3dce88377b2530e8c0ae1
a1e08998b2af404388d6101be1c2d7b8fca2b501
73fc46da27c7cd0e63043f956f86bcac019c8c439b7765f0bdbbfdc091db8b07

HTTP Headers

GET /upload/vod/20240510-1/cdc2376b2a4fe2ad74e4d6c0acfc6291.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 101872
last-modified: Fri, 10 May 2024 09:44:38 GMT
etag: "663dec86-18df0"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/714aa86e2076f868c137abdd08f2d75d.jpg

89.105.207.51

200 OK

188 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/714aa86e2076f868c137abdd08f2d75d.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3
Size
188 kB (188543 bytes)
Hash
f03273ef401d835764097d67aaa2d09d
7f26dbf1b7002c59a4b87b7b5c1fe2f35e5578e3
56450ce35ca32cfad5228a2f0ba1c4539bd3de3ef299cf60c1d140fd5a31119d

HTTP Headers

GET /upload/vod/20240509-1/714aa86e2076f868c137abdd08f2d75d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 188543
last-modified: Thu, 09 May 2024 08:32:34 GMT
etag: "663c8a22-2e07f"
expires: Sat, 08 Jun 2024 09:29:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/eaea012eb63c4fdd7192a118cbd63360.jpg

89.105.207.51

200 OK

188 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/eaea012eb63c4fdd7192a118cbd63360.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3
Size
188 kB (188543 bytes)
Hash
f03273ef401d835764097d67aaa2d09d
7f26dbf1b7002c59a4b87b7b5c1fe2f35e5578e3
56450ce35ca32cfad5228a2f0ba1c4539bd3de3ef299cf60c1d140fd5a31119d

HTTP Headers

GET /upload/vod/20240509-1/eaea012eb63c4fdd7192a118cbd63360.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 188543
last-modified: Thu, 09 May 2024 08:32:33 GMT
etag: "663c8a21-2e07f"
expires: Sat, 08 Jun 2024 09:29:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/ea31bbd3aa58525529e7d546db45685e.jpg

89.105.207.51

200 OK

194 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/ea31bbd3aa58525529e7d546db45685e.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 2534x1424, components 3
Size
194 kB (193571 bytes)
Hash
25784019593ed5698cd711cce9f89978
7320382fef848c58baf6441d7a11ec2f88767118
02b93d62f075756202ed64954a9ff8d07166d99cf65ac77eb40dd4efff5b2516

HTTP Headers

GET /upload/vod/20240509-1/ea31bbd3aa58525529e7d546db45685e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 193571
last-modified: Thu, 09 May 2024 08:32:31 GMT
etag: "663c8a1f-2f423"
expires: Sat, 08 Jun 2024 09:29:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/71bd48ca518b23e02f44d336b7b0905e.jpg

89.105.207.51

200 OK

239 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/71bd48ca518b23e02f44d336b7b0905e.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3
Size
239 kB (239289 bytes)
Hash
2d0a68231999410d6e4d5369f27ca2b0
d56e6eec6d5cd56a754700a906ff89e7c6b2ae44
f41eab958771652b2406e2c96cc94483b6d4424c78f9da2d90e5e433fcdbc3a8

HTTP Headers

GET /upload/vod/20240509-1/71bd48ca518b23e02f44d336b7b0905e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 239289
last-modified: Thu, 09 May 2024 08:31:37 GMT
etag: "663c89e9-3a6b9"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=620886861&si=569ca73acb40f859d8d11d8f2794cf95&v=1.3.0&lv=1&sn=11069&r=0&ww=1280&u=http%3A%2F%2Fwww.juniorwatch.com%2Fassets%2Fproduction%2Fagents%2FWindows%2F3.5.1.4016%2FJuniorWatch_Windows_3.5.1.4016.exe&tt=%E5%96%80%E4%BB%80%E7%96%A4%E9%92%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

14.215.183.79

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=620886861&si=569ca73acb40f859d8d11d8f2794cf95&v=1.3.0&lv=1&sn=11069&r=0&ww=1280&u=http%3A%2F%2Fwww.juniorwatch.com%2Fassets%2Fproduction%2Fagents%2FWindows%2F3.5.1.4016%2FJuniorWatch_Windows_3.5.1.4016.exe&tt=%E5%96%80%E4%BB%80%E7%96%A4%E9%92%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=620886861&si=569ca73acb40f859d8d11d8f2794cf95&v=1.3.0&lv=1&sn=11069&r=0&ww=1280&u=http%3A%2F%2Fwww.juniorwatch.com%2Fassets%2Fproduction%2Fagents%2FWindows%2F3.5.1.4016%2FJuniorWatch_Windows_3.5.1.4016.exe&tt=%E5%96%80%E4%BB%80%E7%96%A4%E9%92%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 11 May 2024 01:08:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8022D416F5CFA7C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.js?79e9f7e1fcbaf25401c84e3d008280de

111.45.3.198

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?79e9f7e1fcbaf25401c84e3d008280de
IP
111.45.3.198:443
ASN
#56040 China Mobile communications corporation

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
JavaScript source, ASCII text, with very long lines (615)
Size
11 kB (11253 bytes)
Hash
d49b640c6709314f4d4e66ca58962ea5
bfa123fd71a6a569bd2451d344ec51669047b301
b61507ba9a28e03ecbbc884bcae750e068d0ae70bdbee7458bbe56078930c9c2

HTTP Headers

GET /hm.js?79e9f7e1fcbaf25401c84e3d008280de HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 11 May 2024 01:08:14 GMT
Etag: 185e71fe9f86ab743287f169833f40d6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=214A316D6264BCC9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

img.hgimg01.com/upload/vod/20240510-1/22400c1390cad8bf6d2fc80e9a7b6892.jpg

89.105.207.51

200 OK

100 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/22400c1390cad8bf6d2fc80e9a7b6892.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
100 kB (100000 bytes)
Hash
260f1591e005dac35b5998b631073ee9
b7fa81cf951213d1b380462f4389423269190594
3cd1db0f2e7aeebf053a4b51feb486a69f1ba3f6a78121f2fe0fc9d29ce959fa

HTTP Headers

GET /upload/vod/20240510-1/22400c1390cad8bf6d2fc80e9a7b6892.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 100000
last-modified: Fri, 10 May 2024 09:44:33 GMT
etag: "663dec81-186a0"
expires: Sun, 09 Jun 2024 10:06:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/6719fada570b9054c2cca40df6298b22.jpg

89.105.207.51

200 OK

151 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/6719fada570b9054c2cca40df6298b22.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
151 kB (151072 bytes)
Hash
f15a64b5b4573ddc8d3f708e44112705
576ec502099ba847abb811f492871f72863d0ee6
58da7fc9d1b66762c01619f120e128f5dc9eb868cf6993b0ac330eb466e4c92e

HTTP Headers

GET /upload/vod/20240509-1/6719fada570b9054c2cca40df6298b22.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 151072
last-modified: Thu, 09 May 2024 08:31:35 GMT
etag: "663c89e7-24e20"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/426e6ff91fdbe72d3c7a64c72d655ab0.jpg

89.105.207.51

200 OK

135 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/426e6ff91fdbe72d3c7a64c72d655ab0.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1892x1060, components 3
Size
135 kB (134821 bytes)
Hash
7d1ac409badc46e9ef3818b78a7422f9
9e97092929c8a24bcaee3b84bbaeba351ca26de4
10c95420fd89208bcfdc44a7af8da7e61d8b715259f7d436d3995369c71ca424

HTTP Headers

GET /upload/vod/20240510-1/426e6ff91fdbe72d3c7a64c72d655ab0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 134821
last-modified: Fri, 10 May 2024 09:45:59 GMT
etag: "663decd7-20ea5"
expires: Sun, 09 Jun 2024 10:00:51 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/5ec7cc890b584a70532346d6c94169f0.jpg

89.105.207.51

200 OK

141 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/5ec7cc890b584a70532346d6c94169f0.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1180x732, components 3
Size
141 kB (140580 bytes)
Hash
0d3c027b338167a066fcc3c24bd4a9d0
6775ea0cfbf925f43454e1408317048351363286
052608871a8bbbe56b931fccc55a5380e439c3f0acfd19c7d6f8c51de96ef67c

HTTP Headers

GET /upload/vod/20240510-1/5ec7cc890b584a70532346d6c94169f0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 140580
last-modified: Fri, 10 May 2024 09:44:15 GMT
etag: "663dec6f-22524"
expires: Sun, 09 Jun 2024 10:00:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/0c0fb18dbe973b596e01f56099197bbf.jpg

89.105.207.51

200 OK

141 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/0c0fb18dbe973b596e01f56099197bbf.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1180x732, components 3
Size
141 kB (140580 bytes)
Hash
0d3c027b338167a066fcc3c24bd4a9d0
6775ea0cfbf925f43454e1408317048351363286
052608871a8bbbe56b931fccc55a5380e439c3f0acfd19c7d6f8c51de96ef67c

HTTP Headers

GET /upload/vod/20240510-1/0c0fb18dbe973b596e01f56099197bbf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 140580
last-modified: Fri, 10 May 2024 09:44:14 GMT
etag: "663dec6e-22524"
expires: Sun, 09 Jun 2024 10:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240503-1/6356ad085e1b6d36be389a88d98dc64d.jpg

89.105.207.51

200 OK

180 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240503-1/6356ad085e1b6d36be389a88d98dc64d.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 2534x1424, components 3
Size
180 kB (180257 bytes)
Hash
fab25901cbaf1b32ac519bf93fb8df0f
311486a50d010ba9ace4a5672ce7645fa085458a
9bcd427775f2ff4721e396d5aa9e226af4bd900596f96c846c88003d3548a34c

HTTP Headers

GET /upload/vod/20240503-1/6356ad085e1b6d36be389a88d98dc64d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 180257
last-modified: Fri, 03 May 2024 05:09:14 GMT
etag: "6634717a-2c021"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/987eafa8930ac3a43756f632d8012625.jpg

89.105.207.51

200 OK

174 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/987eafa8930ac3a43756f632d8012625.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1011x567, components 3
Size
174 kB (174384 bytes)
Hash
940ef8efbad247df2dc131daa26fe15e
bc8e3c8caffd06bd968d5294f92d1dca4d6a561b
b1eff2c6fd2dc687aad2993b1565cb2689d02bda7ef265a6a73137b0c60c29a8

HTTP Headers

GET /upload/vod/20240510-1/987eafa8930ac3a43756f632d8012625.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 174384
last-modified: Fri, 10 May 2024 09:45:34 GMT
etag: "663decbe-2a930"
expires: Sun, 09 Jun 2024 10:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/24fca9c7cfcbbe3e2662dc1965c184a3.jpg

89.105.207.51

200 OK

148 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/24fca9c7cfcbbe3e2662dc1965c184a3.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size
148 kB (147561 bytes)
Hash
826dada2a95c119438a15bed01f4c6f1
979883e7eaebe949723ebbd3b8cf04d0267463c2
7f9a7c84d50ad59a856ad5c7f18181bedd1652fb54ce911aafc28a3c9a26fecb

HTTP Headers

GET /upload/vod/20240510-1/24fca9c7cfcbbe3e2662dc1965c184a3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 147561
last-modified: Fri, 10 May 2024 09:45:32 GMT
etag: "663decbc-24069"
expires: Sun, 09 Jun 2024 10:13:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/fdff6db8e66100d9ec4fea55bc10dbf7.jpg

89.105.207.51

200 OK

140 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/fdff6db8e66100d9ec4fea55bc10dbf7.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
140 kB (139808 bytes)
Hash
ba7337e2e6ef054a7809875571b44fdd
6de5e1b483edba49ce55f297b03af9f0796e409f
172a9f8fad580c91be948209e9b2d30481a2a819cc021dc98ea7c35c18db0614

HTTP Headers

GET /upload/vod/20240510-1/fdff6db8e66100d9ec4fea55bc10dbf7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 139808
last-modified: Fri, 10 May 2024 09:44:35 GMT
etag: "663dec83-22220"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/63845acbb61945c8436d784779728985.jpg

89.105.207.51

200 OK

225 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/63845acbb61945c8436d784779728985.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2561x1440, components 3
Size
225 kB (224683 bytes)
Hash
1e9f985a802ff167a9ad3a78dcd4a753
d800416ecf7500d77f1b640f7fbf3beea0092375
59e18f8fea0d2fa27c1316872ae81f5efa6440e9dd72f3a83ad1122bbfa3aeb4

HTTP Headers

GET /upload/vod/20240510-1/63845acbb61945c8436d784779728985.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 224683
last-modified: Fri, 10 May 2024 09:45:03 GMT
etag: "663dec9f-36dab"
expires: Sun, 09 Jun 2024 10:07:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/5fc3a324c05b39e1444f8aaee1a646f9.jpg

89.105.207.51

200 OK

247 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/5fc3a324c05b39e1444f8aaee1a646f9.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
247 kB (246880 bytes)
Hash
c1eed2e96d81ec2ed36cf785e866d515
6a85849e2f3ee2b5bfe52387672373555f7b1fb7
ee6e13889ef431548e728e72d4dcb10b2711e086aa6ce1c570928730d20a12f3

HTTP Headers

GET /upload/vod/20240510-1/5fc3a324c05b39e1444f8aaee1a646f9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 246880
last-modified: Fri, 10 May 2024 09:44:34 GMT
etag: "663dec82-3c460"
expires: Sun, 09 Jun 2024 10:06:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240509-1/cd779fc119a284b9468f6e2085a0d1cf.jpg

89.105.207.51

200 OK

633 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240509-1/cd779fc119a284b9468f6e2085a0d1cf.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3840x2160, components 3
Size
633 kB (632751 bytes)
Hash
4a37bbfe8baba233b38a13bd1e510186
85a17e22829416b5fbe5ae00c137f1f4554db0af
27be32a2b24b409215e159f486bf05a1ab744cbe1bf195e3611d4e13a6ddd09c

HTTP Headers

GET /upload/vod/20240509-1/cd779fc119a284b9468f6e2085a0d1cf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 632751
last-modified: Thu, 09 May 2024 08:31:24 GMT
etag: "663c89dc-9a7af"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1903307212&si=79e9f7e1fcbaf25401c84e3d008280de&su=http%3A%2F%2Fwww.juniorwatch.com%2F&v=1.3.0&lv=1&sn=11071&r=0&ww=1280&u=https%3A%2F%2Fwelcome.ask39dka-3j3kds.vip%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4-%E6%A8%B1%E8%8A%B1%E8%A7%86%E9%A2%91-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86

14.215.183.79

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1903307212&si=79e9f7e1fcbaf25401c84e3d008280de&su=http%3A%2F%2Fwww.juniorwatch.com%2F&v=1.3.0&lv=1&sn=11071&r=0&ww=1280&u=https%3A%2F%2Fwelcome.ask39dka-3j3kds.vip%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4-%E6%A8%B1%E8%8A%B1%E8%A7%86%E9%A2%91-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1903307212&si=79e9f7e1fcbaf25401c84e3d008280de&su=http%3A%2F%2Fwww.juniorwatch.com%2F&v=1.3.0&lv=1&sn=11071&r=0&ww=1280&u=https%3A%2F%2Fwelcome.ask39dka-3j3kds.vip%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4-%E6%A8%B1%E8%8A%B1%E8%A7%86%E9%A2%91-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 11 May 2024 01:08:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=50C6555B138AB0A1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img.hgimg01.com/upload/vod/20240510-1/87533d4e8b9ec953298b5435121a0bd1.jpg

89.105.207.51

200 OK

293 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/87533d4e8b9ec953298b5435121a0bd1.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2872x1616, components 3
Size
293 kB (292765 bytes)
Hash
44ab780dbf545d3047abce520948f596
602df047d12889f07dfb68fd8ce58da6f00785f5
7cba1fa164beae35f0d4edcdff6b9f4c9f2dd044ef4616a8baadcc54b3a7a0f4

HTTP Headers

GET /upload/vod/20240510-1/87533d4e8b9ec953298b5435121a0bd1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 292765
last-modified: Fri, 10 May 2024 09:44:13 GMT
etag: "663dec6d-4779d"
expires: Sun, 09 Jun 2024 10:01:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240504-1/d8374e8715fb7da04b9f12100ddd9c01.jpg

89.105.207.51

200 OK

244 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240504-1/d8374e8715fb7da04b9f12100ddd9c01.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 3424x1920, components 3
Size
244 kB (243933 bytes)
Hash
e1b56f2ef322dc919e9e513b5ffa3ee2
d2aef0312acf6c9a4f77864ed1ea927b1c3ea2dc
c8f99f83e31bc06726e240f72b6d9ce9228d52d3a5ecacf77da5849aa5825d82

HTTP Headers

GET /upload/vod/20240504-1/d8374e8715fb7da04b9f12100ddd9c01.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 243933
last-modified: Sat, 04 May 2024 05:13:22 GMT
etag: "6635c3f2-3b8dd"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/7981c191b83f29e63e62cfd3d8a8e7af.jpg

89.105.207.51

200 OK

320 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/7981c191b83f29e63e62cfd3d8a8e7af.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2561x1440, components 3
Size
320 kB (319775 bytes)
Hash
ca2461c8cec78f48642cffa12692d567
00e1a32ae95c6cfa6a750aa47c7a0283bbd309db
51849bb6cf9a44450cf937c4cd189baae9cc94b98abfe03caf41d9b8d8108f0f

HTTP Headers

GET /upload/vod/20240510-1/7981c191b83f29e63e62cfd3d8a8e7af.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 319775
last-modified: Fri, 10 May 2024 09:50:17 GMT
etag: "663dedd9-4e11f"
expires: Sun, 09 Jun 2024 09:56:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/a03574ffa20c067a3c40c89e6af12837.jpg

89.105.207.51

200 OK

94 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/a03574ffa20c067a3c40c89e6af12837.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
94 kB (93888 bytes)
Hash
73408b8b9068678657671f29adcfc7c0
40ba5d28a92df08403d2bee2b93f2c592bed300a
07d38a28b4496c80136523eb700eb72d36a1e6841cc789510390add35c9ecf08

HTTP Headers

GET /upload/vod/20240510-1/a03574ffa20c067a3c40c89e6af12837.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 93888
last-modified: Fri, 10 May 2024 09:44:37 GMT
etag: "663dec85-16ec0"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.hgimg01.com/upload/vod/20240510-1/508893282bfe933ccbbc3d494dc99bcd.jpg

89.105.207.51

200 OK

132 kB

URL GET HTTP/2
img.hgimg01.com/upload/vod/20240510-1/508893282bfe933ccbbc3d494dc99bcd.jpg
IP
89.105.207.51:443
ASN
#24875 NovoServe B.V.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
132 kB (132528 bytes)
Hash
4fd64adc6c4b996b489d0839ec01ecdb
50649ff6ddd7ef2f1712932716b898d3149028a3
2f5e852db31a31383414cddffce12960a42c7cc626cfc82be19f96d0ff640db2

HTTP Headers

GET /upload/vod/20240510-1/508893282bfe933ccbbc3d494dc99bcd.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:15 GMT
content-type: image/jpeg
content-length: 132528
last-modified: Fri, 10 May 2024 09:44:36 GMT
etag: "663dec84-205b0"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.imageoss.com/images/2024/05/07/150-17e009a74d7d764f2.gif

172.67.172.31

200 OK

59 kB

URL GET HTTP/2
www.imageoss.com/images/2024/05/07/150-17e009a74d7d764f2.gif
IP
172.67.172.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT

File type
GIF image data, version 89a, 150 x 150
Size
59 kB (59002 bytes)
Hash
cb7ed2cddfd87e48f2ac30b32ab91049
fee39c6733e42d547294d01efe849389798ea744
68800044a7d96856376fa6f4557a86178b68f1454e66da29503edce2fe941594

HTTP Headers

GET /images/2024/05/07/150-17e009a74d7d764f2.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:16 GMT
content-type: image/gif
content-length: 59002
last-modified: Tue, 07 May 2024 06:16:15 GMT
etag: "6639c72f-e67a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 324118
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpoUtg2DzreLl5a4Uln1Q%2BNkUSVK%2BtGh%2F25XYwhPP5B7Jmy%2B6z4pQeFQHby1l1rP2jjhhCj%2BX6rO%2B1bVRaStBKs5lvbS02FmZgkWbhlX7ZIL6qIqalRWobngwmT1Ejk7bGRp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46e2ba7c0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r9n9ej2gmhde.sisiyy.com/2024/6117/960-120.webp

143.204.55.33

200 OK

311 kB

URL GET HTTP/2
r9n9ej2gmhde.sisiyy.com/2024/6117/960-120.webp
IP
143.204.55.33:443
ASN
#16509 AMAZON-02

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectr9n9ej2gmhde.sisiyy.com
FingerprintA2:DD:60:24:90:77:5C:0D:20:0C:AE:36:DA:66:83:14:B9:7F:8C:61
ValidityTue, 19 Mar 2024 06:47:03 GMT - Fri, 18 Apr 2025 06:47:02 GMT

File type
RIFF (little-endian) data, Web/P image
Size
311 kB (311022 bytes)
Hash
7f7a16586f254cae9cacdb909f04a356
60a2fb5297cb85b5b33db030cbefe44e6cfc9bb5
d860295b4550a848afd917d6bfa658013094df9f49837673046045cd74a77bf1

HTTP Headers

GET /2024/6117/960-120.webp HTTP/1.1
Host: r9n9ej2gmhde.sisiyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 311022
server: openresty
date: Mon, 29 Apr 2024 09:15:57 GMT
accept-ranges: bytes
etag: "6613e62b-4beee"
last-modified: Mon, 08 Apr 2024 12:42:19 GMT
x-m-log: QNM:dal125;QNM3
x-m-reqid: 40kAAOQZxEt9tcoX
x-qnm-cache: Hit
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
age: 1875215
access-control-max-age: 129600
cache-control: Max-Age=129600
x-az-kvs-duration: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FXnLAtWPOnDn3vf_jDP4HhMfg5vGKjdIwjgBTyuaCYghmx9O9UdqhQ==
X-Firefox-Spdy: h2

taiwtp1.com/xin/96060.gif

220.128.218.220

200 OK

69 kB

URL GET HTTP/2
taiwtp1.com/xin/96060.gif
IP
220.128.218.220:443
ASN
#3462 Data Communication Business Group

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintB0:43:78:32:80:A7:A0:F7:9E:6A:67:05:7A:BC:88:85:19:E6:24:E9
ValidityFri, 08 Mar 2024 08:00:28 GMT - Thu, 06 Jun 2024 08:00:27 GMT

File type
GIF image data, version 89a, 960 x 60
Size
69 kB (68564 bytes)
Hash
1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2

HTTP Headers

GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 09 Apr 2011 06:25:49 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Mon, 09 May 2011 06:25:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

666bbb333www.com/eef93f954ba840d0994b763a1fc78c04.gif

45.58.182.122

200 OK

55 kB

URL GET HTTP/1.1
666bbb333www.com/eef93f954ba840d0994b763a1fc78c04.gif
IP
45.58.182.122:443
ASN
#46844 SHARKTECH

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT

File type
GIF image data, version 89a, 300 x 200
Size
55 kB (54826 bytes)
Hash
6a74268586745b61539e595a16e9fdc2
aa50489929b670f3d27c0d6a145123daeb26c122
3ecfab23f2f85af5e9d301cbc3b132706b2af6e3fb13a9d3a60d1bcec64bb5af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /eef93f954ba840d0994b763a1fc78c04.gif HTTP/1.1
Host: 666bbb333www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:08:16 GMT
Content-Type: image/gif
Content-Length: 54826
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 07:57:14 GMT
ETag: "6633475a-d62a"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

r9n9ej2gmhde.sisiyy.com/2024/9666/960-120.webp

143.204.55.33

200 OK

251 kB

URL GET HTTP/2
r9n9ej2gmhde.sisiyy.com/2024/9666/960-120.webp
IP
143.204.55.33:443
ASN
#16509 AMAZON-02

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectr9n9ej2gmhde.sisiyy.com
FingerprintA2:DD:60:24:90:77:5C:0D:20:0C:AE:36:DA:66:83:14:B9:7F:8C:61
ValidityTue, 19 Mar 2024 06:47:03 GMT - Fri, 18 Apr 2025 06:47:02 GMT

File type
RIFF (little-endian) data, Web/P image
Size
251 kB (251160 bytes)
Hash
03ddb2504bdbddd6bb6f1c86220ba393
d270d799d5a352fa1dbc28498cceacf98dbadc02
e0100aa0e1be2544d644e0f44198a680e9c0d1ef62af7cb5ac35cc2db9f73ddc

HTTP Headers

GET /2024/9666/960-120.webp HTTP/1.1
Host: r9n9ej2gmhde.sisiyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 251160
server: openresty
date: Mon, 29 Apr 2024 09:16:13 GMT
accept-ranges: bytes
etag: "661d3370-3d518"
last-modified: Mon, 15 Apr 2024 14:02:24 GMT
x-m-log: QNM:dal125;QNM3
x-m-reqid: 40kAAIM079GAtcoX
x-qnm-cache: Hit
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
age: 1875200
access-control-max-age: 129600
cache-control: Max-Age=129600
x-az-kvs-duration: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K1MUzmjHx9vaJDXpC_zPkHlVmSX_0964uzXGwkE1ZNHCAhOYPm4bnA==
X-Firefox-Spdy: h2

r9n9ej2gmhde.sisiyy.com/2024/8878/960-120.webp

143.204.55.33

200 OK

312 kB

URL GET HTTP/2
r9n9ej2gmhde.sisiyy.com/2024/8878/960-120.webp
IP
143.204.55.33:443
ASN
#16509 AMAZON-02

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerUnizeto Technologies S.A.
Subjectr9n9ej2gmhde.sisiyy.com
FingerprintA2:DD:60:24:90:77:5C:0D:20:0C:AE:36:DA:66:83:14:B9:7F:8C:61
ValidityTue, 19 Mar 2024 06:47:03 GMT - Fri, 18 Apr 2025 06:47:02 GMT

File type
RIFF (little-endian) data, Web/P image
Size
312 kB (311578 bytes)
Hash
4e5927ed835b806fa5c31debb2cfdf34
2c862aa1eb52a11bd1445dedb2530a429ab94dbd
0187a8bbe5684d521a68ab0ecabd2c54b6ee7800e0f62da62287275ce8ca28b6

HTTP Headers

GET /2024/8878/960-120.webp HTTP/1.1
Host: r9n9ej2gmhde.sisiyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 311578
server: openresty
date: Mon, 29 Apr 2024 09:15:57 GMT
accept-ranges: bytes
etag: "6613e650-4c11a"
last-modified: Mon, 08 Apr 2024 12:42:56 GMT
x-m-log: QNM:dal129;QNM3
x-m-reqid: agwAACApSUt9tcoX
x-qnm-cache: Hit
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
age: 1875209
access-control-max-age: 129600
cache-control: Max-Age=129600
x-az-kvs-duration: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZZC-zg17u6Ltj6Ey7fUyAmQGHexXfjaUzZUjahaXflymssidPaojJg==
X-Firefox-Spdy: h2

777bbb333www.com/b81d01c2191d4544a7af79a021eb9839.gif

45.58.182.122

200 OK

276 kB

URL GET HTTP/1.1
777bbb333www.com/b81d01c2191d4544a7af79a021eb9839.gif
IP
45.58.182.122:443
ASN
#46844 SHARKTECH

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT

File type
GIF image data, version 89a, 960 x 120
Size
276 kB (275557 bytes)
Hash
11860f404faba7f60bb234c85667399a
4fe02c13af45dd4cabbb1a382ad822b0552cbf02
da719a94a6242190011b6b84f65cb5ddd9a7c378a3769a0fa1579816f806656d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b81d01c2191d4544a7af79a021eb9839.gif HTTP/1.1
Host: 777bbb333www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:08:16 GMT
Content-Type: image/gif
Content-Length: 275557
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 08:46:09 GMT
ETag: "663352d1-43465"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

q6h-vza.com/sq960-120.gif

198.16.54.19

200 OK

233 kB

URL GET HTTP/2
q6h-vza.com/sq960-120.gif
IP
198.16.54.19:443
ASN
#40065 CNSERVERS

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subject2we-y3h.com
FingerprintDC:38:36:01:99:05:32:6D:C0:9E:06:87:8C:AC:4D:1B:88:D6:B4:26
ValidityWed, 24 Apr 2024 12:04:52 GMT - Tue, 23 Jul 2024 12:04:51 GMT

File type
GIF image data, version 89a, 960 x 120
Size
233 kB (232959 bytes)
Hash
326cce373c636a893a98174893a1d356
d9e61854af6bf6b2eb07db4cbade6d23c5518a77
251f437d5789b5d5647e5c8c59ff3abd2f6b2ebac80a30f02b3f8821e88a3a22

HTTP Headers

GET /sq960-120.gif HTTP/1.1
Host: q6h-vza.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:16 GMT
content-type: image/gif
content-length: 232959
last-modified: Wed, 24 Apr 2024 12:15:23 GMT
etag: "38dff-616d69ff96cc0"
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

files.catbox.moe/txctsq.gif

108.181.20.35

200 OK

466 kB

URL GET HTTP/2
files.catbox.moe/txctsq.gif
IP
108.181.20.35:443
ASN
#40676 AS40676

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectcatbox.moe
Fingerprint39:D9:8F:B6:28:27:0B:83:FF:34:5D:CD:EF:B7:DC:17:C4:51:98:5B
ValidityThu, 29 Feb 2024 08:26:47 GMT - Wed, 29 May 2024 08:26:46 GMT

File type
GIF image data, version 89a, 120 x 120
Size
466 kB (465779 bytes)
Hash
c5dff16d1a18c3fe89bd8a29c128bb3d
26fe4a2634295930c232b485ccccf4fee7e8a5ff
2c9db7af23cd0f1293de474531c89c44c2f0cc89ab5d0d0ac4060abed17bef2d

HTTP Headers

GET /txctsq.gif HTTP/1.1
Host: files.catbox.moe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:16 GMT
content-type: image/gif
content-length: 465779
last-modified: Wed, 20 Dec 2023 08:48:48 GMT
etag: "6582aa70-71b73"
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
X-Firefox-Spdy: h2

zhibo128x.xyz/18/180180.gif

192.74.228.210

200 OK

246 kB

URL GET HTTP/1.1
zhibo128x.xyz/18/180180.gif
IP
192.74.228.210:443
ASN
#54600 PEG-SV

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectzhibo128x.xyz
Fingerprint67:A6:C6:63:35:88:F1:1A:13:2E:04:66:4B:FD:55:0A:1E:E1:37:79
ValidityMon, 04 Mar 2024 15:14:07 GMT - Sun, 02 Jun 2024 15:14:06 GMT

File type
GIF image data, version 89a, 100 x 100
Size
246 kB (245681 bytes)
Hash
8410d45b2bc678e3d3f6bace277f0194
a34fdab4212014ce03f99c3e15a7a29575e17015
ade534d1d48ad181eb469060240e069ed836e853d47a9c7ff49fb7c32eaf315c

HTTP Headers

GET /18/180180.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 11 May 2024 01:08:16 GMT
Content-Type: image/gif
Content-Length: 245681
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 18:14:43 GMT
ETag: "64a5b313-3bfb1"
Expires: Sat, 08 Jun 2024 08:08:41 GMT
Cache-Control: max-age=2592000
Via: mycdn
CDN-Cache: HIT
Accept-Ranges: bytes

api.pandeku.com/Public/uploads/650aeeb8ce29b.gif

103.194.186.59

403 Forbidden

420 B

URL GET HTTP/2
api.pandeku.com/Public/uploads/650aeeb8ce29b.gif
IP
103.194.186.59:443
ASN
#45753 Netsec Limited

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerLet's Encrypt
Subjectapi.pandeku.com
Fingerprint5F:56:F3:2A:68:D2:47:29:F6:94:D6:D4:21:6E:89:35:28:81:F3:CC
ValidityMon, 06 May 2024 15:57:25 GMT - Sun, 04 Aug 2024 15:57:24 GMT

File type
HTML document, ASCII text
Size
420 B (420 bytes)
Hash
3e14dea24b37bc6f23fcd11f590d5fa9
79c3dd74b184b6a85a0f23360a1c8820ea93c9d0
56b9a17f12a27c33950ebbf3a5d1aa5249173f57586da6bcc6faa7783447e431

HTTP Headers

GET /Public/uploads/650aeeb8ce29b.gif HTTP/1.1
Host: api.pandeku.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
content-length: 420
date: Sat, 11 May 2024 01:08:17 GMT
X-Firefox-Spdy: h2

imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg

104.193.88.109

200 OK

85 kB

URL GET HTTP/2
imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
IP
104.193.88.109:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 200 x 200
Size
85 kB (84776 bytes)
Hash
7c7282d06f4d8c18aa9c8d90edefcd29
eb230b66267afe4bf59d4eb27c6bbafa74f59be8
fc8f3ffb381649d5e1739f5246ecbf6608ae3ccd7629bb254a675619f87f6171

HTTP Headers

GET /forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 11 May 2024 01:08:17 GMT
content-type: image/gif
content-length: 84776
access-control-allow-origin: *
etag: 7c7282d06f4d8c18aa9c8d90edefcd29
expires: Mon, 10 Jun 2024 01:08:17 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2

imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg

104.193.88.109

200 OK

233 kB

URL GET HTTP/2
imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
IP
104.193.88.109:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://welcome.ask39dka-3j3kds.vip/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 960 x 120
Size
233 kB (232650 bytes)
Hash
4b27d41a2128600fde62fbb7f6d4f8ed
0612d8918617330bc746f5846dfaf04f81c8465a
39ccf13d8ffed481f1075b1a896c3750815f6a3bb8044ec876493659d91bd941

HTTP Headers

GET /forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 11 May 2024 01:08:17 GMT
content-type: image/gif
content-length: 232650
access-control-allow-origin: *
etag: 4b27d41a2128600fde62fbb7f6d4f8ed
expires: Mon, 10 Jun 2024 01:08:17 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash