www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
38.63.8.217200 OK 564 B URL User Request GET HTTP/1.1 www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
IP 38.63.8.217:80
File type HTML document, ISO-8859 text, with very long lines (742), with CRLF line terminators
Hash 4e192ea2dc16b3e4533c6b175100f34f
30f27bf166dc3ac2a19398ba3d64a6eeba107a10
ab43c626ae7fde79bd8eaf36a8b4db198d98ad7824ea99bb25cf559b61248ea0
GET /assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.juniorwatch.com/common.js
38.63.8.217200 OK 1.2 kB URL GET HTTP/1.1 www.juniorwatch.com/common.js
IP 38.63.8.217:80
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
File type JavaScript source, ASCII text, with very long lines (523), with CRLF line terminators
Hash 27ff88a27fec815e04d384f26a39d9d2
2a8d999548f6ef4ebf511203692b4ee6d4c3a991
e0cc2459b1fe250b311e4069d99ef59d8b32df3464da10e32066230e80a15426
GET /common.js HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:10 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.juniorwatch.com/tj.js
38.63.8.217200 OK 258 B URL GET HTTP/1.1 www.juniorwatch.com/tj.js
IP 38.63.8.217:80
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 563f08146eefbcdb91af610f03907882
e086c2d9935f945a909996020dd17b066cb44e4b
53a9d8b764e4e32a895986d0dc7ee85444bc67280ac1531cf3b128c572f2c7ce
GET /tj.js HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:10 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.juniorwatch.com/favicon.ico
38.63.8.217200 OK 1.2 kB URL GET HTTP/1.1 www.juniorwatch.com/favicon.ico
IP 38.63.8.217:80
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.juniorwatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 May 2024 01:08:11 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 16 May 2024 01:08:11 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 11 May 2024 01:08:13 GMT
Etag: "4078521116"
Expires: Sun, 11 May 2025 01:08:13 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AE629B9509792EB38BF9BA1703942BE0:FG=1; max-age=31536000; expires=Sun, 11-May-25 01:08:13 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
welcome.ask39dka-3j3kds.vip/
107.148.151.45200 OK 14 kB URL GET HTTP/2 welcome.ask39dka-3j3kds.vip/
IP 107.148.151.45:443
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Certificate IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 480e826676a70d8560a645c4160c8309
476646fff6c0433097135f10a2104d899ea3727c
76f1c4257c29d3878f53e21ddf5656107fff6f63cda4fa92eb91a99f3f7b3fb9
GET / HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 14110
content-type: text/html; charset=utf-8
date: Sat, 11 May 2024 01:08:13 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?569ca73acb40f859d8d11d8f2794cf95
14.215.183.79200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?569ca73acb40f859d8d11d8f2794cf95
IP 14.215.183.79:443
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (615)
Hash c8ae6f3e427ce6ddd6f5fc320eb33dc7
6f8cb3589babaab0a09b9b819142b96ef6ce6c35
0051f5948b37ea9665ec1072bb2482da83cf3c731113a313504bffd4ec996517
GET /hm.js?569ca73acb40f859d8d11d8f2794cf95 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 11 May 2024 01:08:13 GMT
Etag: f6876ce233e4369eca872e52138499f1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DBEC2A40525997F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
172.67.197.136200 OK 141 kB URL GET HTTP/2 sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
IP 172.67.197.136:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGoogle Trust Services LLC
Subjectimgclh.com
Fingerprint5E:47:41:BD:54:79:7A:E5:8A:08:61:55:D2:A3:F0:19:89:8F:FC:D3
ValidityTue, 26 Mar 2024 05:00:44 GMT - Mon, 24 Jun 2024 05:00:43 GMT
File type GIF image data, version 89a, 960 x 100
Size 141 kB (140774 bytes)
Hash f0e441ef3131255acdf935206c0d3635
03e14b2f6c54d3342f389fe5d773ee05e8b809fd
8d23939f6175a7229124ae55c8cd5920f2550138ee3ca273d4c708787d3090af
GET /imgs/2023/04/03/8fc08c0346fcc0a4.gif HTTP/1.1
Host: sta2.imgclh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 140774
last-modified: Mon, 03 Apr 2023 09:16:52 GMT
etag: "642a9984-225e6"
expires: Thu, 30 May 2024 18:39:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 887302
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBdmcHWB4MtdrIFR5xf4TBLxrA1zLNwBE1sEf%2ByWlVcYgJmFAYG0hJ2TB9KvRFannGWwcnH%2BdyydpWbs0kV2VSIqKcpkejIf1uHM2Q2HFH3CU4MiW6%2B0TZMk%2BPIerw1JpkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d40b7c0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.ask39dka-3j3kds.vip/template/m1938pc/css/ate.css
107.148.151.45200 OK 4.5 kB URL GET HTTP/2 welcome.ask39dka-3j3kds.vip/template/m1938pc/css/ate.css
IP 107.148.151.45:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT
File type ASCII text, with CRLF line terminators
Hash 507a51f8b1d147fcf60eb2a898690259
e630900e6a1a0434719c5bdaf655362313e7e33c
9a9afeb3b64f2b7ccce5b842929a2fed579e24450e6c436386e7956b2de8e12a
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:10 GMT
etag: "126e5-5e5ddfa188f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4527
content-type: text/css
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2
welcome.ask39dka-3j3kds.vip/template/m1938pc/ads/tb.js
107.148.151.45200 OK 540 B URL GET HTTP/2 welcome.ask39dka-3j3kds.vip/template/m1938pc/ads/tb.js
IP 107.148.151.45:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 61431b00daf22e53d6afa46306081186
709e9922fefc425f324c1c5677daece98123878a
d109ee25f25c587923f9122c5623930134e473dcd4c1a32d496c53b35b8198cd
GET /template/m1938pc/ads/tb.js HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 06:16:17 GMT
etag: "7bc-616d19bbb8e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 540
content-type: text/javascript
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2
shtv3.xyz/template/sihaitv/ads/hf8.gif
188.114.97.1200 OK 119 kB URL GET HTTP/2 shtv3.xyz/template/sihaitv/ads/hf8.gif
IP 188.114.97.1:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGoogle Trust Services LLC
Subjectshtv3.xyz
FingerprintC5:ED:CC:54:2B:B5:51:E3:26:58:A6:01:36:00:C4:FC:0C:91:80:76
ValidityFri, 19 Apr 2024 12:21:31 GMT - Thu, 18 Jul 2024 12:21:30 GMT
File type GIF image data, version 89a, 980 x 90
Size 119 kB (119225 bytes)
Hash d0416b3e83f544ca607f76d17cbcad9d
68efaf49a87bc1764c0bcd397297cf3351c0d96e
59c2dcb3a1607dcc0e106cfc52c644e335184eea53d513c17b9c89e897ab4b05
GET /template/sihaitv/ads/hf8.gif HTTP/1.1
Host: shtv3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 119225
last-modified: Thu, 07 Mar 2024 15:07:59 GMT
etag: "65e9d84f-1d1b9"
expires: Thu, 30 May 2024 20:23:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 881090
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkGDjGbLEt5BcIt%2B9jJt0AlnteFwp9p3ACSUU%2FnvtYaBuIbV6h8G8k18rzp49hMexop1JO3f5mVuRdvh3gG7tgm4aBm1fiXfuFZUFwuuJz%2FsEOdjpHaclzPyT%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d46aecb4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
14.215.182.161200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
IP 14.215.182.161:80
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 11 May 2024 01:08:14 GMT
welcome.ask39dka-3j3kds.vip/template/m1938pc/css/zui.css
107.148.151.45200 OK 25 kB URL GET HTTP/2 welcome.ask39dka-3j3kds.vip/template/m1938pc/css/zui.css
IP 107.148.151.45:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT
File type assembler source, Unicode text, UTF-8 (with BOM) text
Hash 5660a22ccd545550e17c4ac22fe72135
a35b2c5e39c20cc8a1f6ded28a7adb521cc49a3f
aff7ebc6015eb363a857aeb10e4f104f2adf868573874d3db2fab2aa93e866c0
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 16 Sep 2023 13:41:04 GMT
etag: "1bf31-6057a0f78fc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 25171
content-type: text/css
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2
welcome.ask39dka-3j3kds.vip/template/m1938pc/images/1.gif
107.148.151.45200 OK 254 B URL GET HTTP/2 welcome.ask39dka-3j3kds.vip/template/m1938pc/images/1.gif
IP 107.148.151.45:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT
File type GIF image data, version 89a, 16 x 17
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Aug 2023 11:58:22 GMT
etag: "fe-60290500f7380"
accept-ranges: bytes
content-length: 254
content-type: image/gif
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2
xl.cdn-xxx.com/image/ZB-27.gif
104.27.194.88200 OK 129 kB URL GET HTTP/2 xl.cdn-xxx.com/image/ZB-27.gif
IP 104.27.194.88:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-xxx.com
Fingerprint3B:63:53:AC:40:B2:C4:4B:37:61:1E:F8:DE:1C:3A:95:C2:AB:8B:DD
ValidityTue, 19 Mar 2024 20:12:51 GMT - Mon, 17 Jun 2024 20:12:50 GMT
File type GIF image data, version 89a, 100 x 100
Size 129 kB (129448 bytes)
Hash 30f951936925b0f6d91a8f94201c6ada
02c3e8ac0b626534d0110f6b8122f2e9bce3f895
7b7c9fe6c6d0e22d8661be16420e4604daf94337b785213b9f2a67b7f3ce2b60
GET /image/ZB-27.gif HTTP/1.1
Host: xl.cdn-xxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 129448
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "6537d617-1f9a8"
expires: Fri, 17 May 2024 19:05:50 GMT
last-modified: Tue, 24 Oct 2023 14:35:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 887296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMzRsogD%2BWuR5S0yhHauPggLYX0ecwpLbirGJywdCHHUAQcLRDwGMbF%2Bpf2gJikdIJ%2FHTtMCFox2G%2Fg4P3yhVrrKtsIOshQCG3hu85vcU5jMsrXXPoG7EVtSyxEHroV9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d5bf45b529-OSL
X-Firefox-Spdy: h2
photos.ecxvl.com/hjll.gif
104.21.14.194200 OK 1.1 MB URL GET HTTP/2 photos.ecxvl.com/hjll.gif
IP 104.21.14.194:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectecxvl.com
FingerprintF6:A7:45:E7:10:2A:94:61:83:82:BB:91:F7:7E:5B:33:7F:C4:2C:A4
ValidityWed, 03 Apr 2024 00:03:55 GMT - Tue, 02 Jul 2024 00:03:54 GMT
File type GIF image data, version 89a, 150 x 150
Size 1.1 MB (1139163 bytes)
Hash ae1c8abc72c71312897caea272408ddc
3a4a8479f355c5aa713b41f3ea5ed541fb67cbd6
875bca6650e2e18e7d2871df2bfb0e067e8f0df59e69cd8a9028c93c2e8da82c
GET /hjll.gif HTTP/1.1
Host: photos.ecxvl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/gif
content-length: 1139163
last-modified: Mon, 29 Jan 2024 12:45:57 GMT
etag: "65b79e05-1161db"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtlzwctakQgC7GTJbX%2BEz1a9fB8vG21cJcuiszjBkYOCb66buVd8urinm1YRAQFWVJkiCGkUXq3Yyg5zINn5cjGgZ0U%2BUQP%2FSSQSyVhIe8vj75LTfzL8i%2F3u4xDWwWJWqSuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d699b956be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.ask39dka-3j3kds.vip/template/m1938pc/images/video-play.png
107.148.151.45200 OK 1.6 kB URL GET HTTP/2 welcome.ask39dka-3j3kds.vip/template/m1938pc/images/video-play.png
IP 107.148.151.45:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectwelcome.ask39dka-3j3kds.vip
Fingerprint73:66:FC:AB:75:10:94:25:33:2B:B8:66:07:56:45:BD:BF:5D:31:28
ValiditySun, 05 May 2024 07:52:42 GMT - Sat, 03 Aug 2024 07:52:41 GMT
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: welcome.ask39dka-3j3kds.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:16 GMT
etag: "61f-5e5ddfa741d00"
accept-ranges: bytes
content-length: 1567
content-type: image/png
date: Sat, 11 May 2024 01:08:14 GMT
server: Apache
X-Firefox-Spdy: h2
img.mresou.com/img/23062801.jpg
104.21.233.160200 OK 22 kB URL GET HTTP/2 img.mresou.com/img/23062801.jpg
IP 104.21.233.160:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGoogle Trust Services LLC
Subjectmresou.com
Fingerprint13:28:3B:89:15:85:FA:0C:8F:C8:8A:DD:C5:63:05:02:C3:CD:ED:12
ValidityMon, 29 Apr 2024 20:40:01 GMT - Sun, 28 Jul 2024 20:40:00 GMT
File type JPEG image data, baseline, precision 8, 150x150, components 3
Hash fc0bb56254e0b8f96d0f1d2d8dd201c1
5e8bd71f34e2b7e3118cbc3b59befb0199ae9652
b1fc501c0b4187b1ce60e643322dfd2cee729fe3fa24a55dadb7fb9c0d4645bf
GET /img/23062801.jpg HTTP/1.1
Host: img.mresou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 22364
last-modified: Wed, 28 Jun 2023 13:01:19 GMT
etag: "649c2f1f-575c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4247107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlHNgYtYmva%2B1dnqoAfo910nkKmeIo2TXm%2FF9ejAQk5BRncmqP7NDecp7ExsJwbHAs1rk4%2FWCWwKFwJJs46IPIStoWDTbJExltinJrxu04Fcm%2BgAl8QisjKBlbyQZUid0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46d77bbc71fe-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/d38326ac6f89352a1e944d37a21a5285.jpg
89.105.207.51200 OK 54 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/d38326ac6f89352a1e944d37a21a5285.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash bef6e44b5aa2c7147ae2132342fddee8
db28a9bc8da0c727484c93c97542fac611fc9726
27536dfc824818ee81aef0165cbf635436689cd7cc627a3b1e8bcd7e14c24956
GET /upload/vod/20240510-1/d38326ac6f89352a1e944d37a21a5285.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 54030
last-modified: Fri, 10 May 2024 09:50:20 GMT
etag: "663deddc-d30e"
expires: Sun, 09 Jun 2024 09:55:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/e07da24094075d312ea8ba777212cb85.jpg
89.105.207.51200 OK 46 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/e07da24094075d312ea8ba777212cb85.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash 8cb52f3411140abb199c54a09a42fa06
f70bc5e182c592c5b1f17e473d2ba48beb15b0ca
fa928931eba4b82eda58084cd8a6c39e1712b04f23b604b5d4e3109050a9ceee
GET /upload/vod/20240510-1/e07da24094075d312ea8ba777212cb85.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 46213
last-modified: Fri, 10 May 2024 09:50:15 GMT
etag: "663dedd7-b485"
expires: Sun, 09 Jun 2024 09:56:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/83b13362a93008789d26fb83be5801c5.jpg
89.105.207.51200 OK 48 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/83b13362a93008789d26fb83be5801c5.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash 48a33847a2275ab7b2a8c0ba8bd77a51
003add4a34e6d8c3491cea96ea4c7dca9291d480
bfd44bbecf652bbf97ed95fb2f46bf2ecd7e0fab352b00abcfd903571b8b7116
GET /upload/vod/20240510-1/83b13362a93008789d26fb83be5801c5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 47751
last-modified: Fri, 10 May 2024 09:45:04 GMT
etag: "663deca0-ba87"
expires: Sun, 09 Jun 2024 10:07:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/a30ebee212e76c422adaaebe1583712f.jpg
89.105.207.51200 OK 57 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/a30ebee212e76c422adaaebe1583712f.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash 9e2fd0ee40c213a0b3e5e6893f3567db
9d7d25af535129b8d73e2fb90fb2c001812b7436
8ede1424bc02b9163d48154fcf342658a21ddc4fbf806308c42aa13b72698d89
GET /upload/vod/20240510-1/a30ebee212e76c422adaaebe1583712f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 56775
last-modified: Fri, 10 May 2024 09:45:02 GMT
etag: "663dec9e-ddc7"
expires: Sun, 09 Jun 2024 10:07:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/c9d9e7cc9082559e698dbc090bfa6903.jpg
89.105.207.51200 OK 50 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/c9d9e7cc9082559e698dbc090bfa6903.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 958x539, components 3
Hash 1532ab0d122d8ef070cf2eee4c10ebd5
de2e485862abec52830343c50ab6a853fd211ad8
cc39a0090b6e9659517c1f24f6315c554e0db196c87c6da2a7f14cafe914c06e
GET /upload/vod/20240509-1/c9d9e7cc9082559e698dbc090bfa6903.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 50129
last-modified: Thu, 09 May 2024 08:31:23 GMT
etag: "663c89db-c3d1"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/42602ebfca3f5f430d45df7016eb1ccd.jpg
89.105.207.51200 OK 54 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/42602ebfca3f5f430d45df7016eb1ccd.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Hash 907c2fa9420fb705ae665ca58359129d
e2a6362cff68680065ca9a36d130cc7af62249c8
109d72043a1840d8d090f6ccc75db00b678bb06412634d9478988a1f82c66b42
GET /upload/vod/20240510-1/42602ebfca3f5f430d45df7016eb1ccd.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 53650
last-modified: Fri, 10 May 2024 09:45:56 GMT
etag: "663decd4-d192"
expires: Sun, 09 Jun 2024 10:00:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/1fbe8edd27a736a60e28c4501f83fb45.jpg
89.105.207.51200 OK 52 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/1fbe8edd27a736a60e28c4501f83fb45.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x480, components 3
Hash 3c4652b930117ecf7ac0b096506df24e
d2d632359462eda70b996dc8c1ce8d31d6f57109
6bf2acf961637349f6274fb3ccbd3a1c23f8609a3eb4d2e7c7022d77e9137137
GET /upload/vod/20240510-1/1fbe8edd27a736a60e28c4501f83fb45.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 52317
last-modified: Fri, 10 May 2024 09:45:55 GMT
etag: "663decd3-cc5d"
expires: Sun, 09 Jun 2024 10:00:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/d4dbe9e6e5e778ae8b81028addca1757.jpg
89.105.207.51200 OK 51 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/d4dbe9e6e5e778ae8b81028addca1757.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash 3691018a9d11c717cb5e29bc431f9a5a
4410c4bfdbac0b9d326312f6058df69137c023bf
664acd9212724192e227a9cba0e88bba0f0ac19ba9e74f916d56d8083540947c
GET /upload/vod/20240510-1/d4dbe9e6e5e778ae8b81028addca1757.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 50661
last-modified: Fri, 10 May 2024 09:45:54 GMT
etag: "663decd2-c5e5"
expires: Sun, 09 Jun 2024 10:00:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/450b1fecb65235990f5e24d44c7385f7.jpg
89.105.207.51200 OK 39 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/450b1fecb65235990f5e24d44c7385f7.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash 8abdf73f0a8c9b2c02a3f0425ee6b999
e0bacb274922bfadffd8532a48da7db588ba21af
3a48a4ade73a8a8e1e5078d7500200e3938b789d54d0ebd9df6b3971df43df43
GET /upload/vod/20240509-1/450b1fecb65235990f5e24d44c7385f7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38887
last-modified: Thu, 09 May 2024 08:31:56 GMT
etag: "663c89fc-97e7"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/ddc42452ae1ff91e57b1ba0208f38b9c.jpg
89.105.207.51200 OK 39 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/ddc42452ae1ff91e57b1ba0208f38b9c.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
Hash 8abdf73f0a8c9b2c02a3f0425ee6b999
e0bacb274922bfadffd8532a48da7db588ba21af
3a48a4ade73a8a8e1e5078d7500200e3938b789d54d0ebd9df6b3971df43df43
GET /upload/vod/20240509-1/ddc42452ae1ff91e57b1ba0208f38b9c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38887
last-modified: Thu, 09 May 2024 08:31:48 GMT
etag: "663c89f4-97e7"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/c5e491a18f1907ce27e53bc09a286a63.jpg
89.105.207.51200 OK 39 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/c5e491a18f1907ce27e53bc09a286a63.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash d0c5a21cee8706797fcb667fc163acee
169f50f750725aaa03c6b54d3be44454a62d9322
a710dbc363a607c7740a1849bb647967a9bef06272d5afbda29ce6f1f2544876
GET /upload/vod/20240504-1/c5e491a18f1907ce27e53bc09a286a63.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38956
last-modified: Sat, 04 May 2024 05:13:24 GMT
etag: "6635c3f4-982c"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/1b6aed82815bd9b1dd646e8239e9c8ff.jpg
89.105.207.51200 OK 38 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/1b6aed82815bd9b1dd646e8239e9c8ff.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x476, components 3
Hash 9880fa754545e9853d7d835f3a5c2f26
b6c21234149615424e47838247f1f47bbfefc88a
ff0ea524ba28a1d967feccc807b343059efeac705f05a5ff312de0a7d1f64059
GET /upload/vod/20240504-1/1b6aed82815bd9b1dd646e8239e9c8ff.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38385
last-modified: Sat, 04 May 2024 05:13:27 GMT
etag: "6635c3f7-95f1"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/76c6b741c5570d1003a686c5153c9a28.jpg
89.105.207.51200 OK 28 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/76c6b741c5570d1003a686c5153c9a28.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 590x360, components 3
Hash 0070de996d6149b31ba49e63caa189bc
db4eccaf76653d97e364016356e24b64dda66916
846a8ecc2b8c5b76ad220e95b3fc10c7f453e442da0fdcdbc43923d13f1f6d1a
GET /upload/vod/20240504-1/76c6b741c5570d1003a686c5153c9a28.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 27777
last-modified: Sat, 04 May 2024 05:13:28 GMT
etag: "6635c3f8-6c81"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/aa15ab79121a85342bfcf436143515e0.jpg
89.105.207.51200 OK 65 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/aa15ab79121a85342bfcf436143515e0.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1024x576, components 3
Hash 69e68eaca9dfa5ba762c7675e1012a5d
c78212287b262ea33d5c56353cd8be95da45c38b
c61f0180a4feb2bbdd4e5065a197baf67a385934958b724dd6650e572c1e6c6d
GET /upload/vod/20240504-1/aa15ab79121a85342bfcf436143515e0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 64552
last-modified: Sat, 04 May 2024 05:13:29 GMT
etag: "6635c3f9-fc28"
expires: Mon, 03 Jun 2024 05:30:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/5911686402623e41e9cf0cdfbe5405ed.jpg
89.105.207.51200 OK 50 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/5911686402623e41e9cf0cdfbe5405ed.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 960x540, components 3
Hash 8c8fd3e4b4b3b30ac58fb065414493f9
ccc438abe0dff77f336d5b3056331b2fbb7eae77
1f4fd68a070c83c2f4f90f650c5f189e649d738492ca1f3124226aa5e0208564
GET /upload/vod/20240504-1/5911686402623e41e9cf0cdfbe5405ed.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 49732
last-modified: Sat, 04 May 2024 05:13:33 GMT
etag: "6635c3fd-c244"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/96c5cc1789997dafa4ee13f268b6f9ff.jpg
89.105.207.51200 OK 33 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/96c5cc1789997dafa4ee13f268b6f9ff.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 640x360, components 3
Hash f3a68e228d24f04489e707e5a67f6714
98cd7d03d9d412a21a46bb95cc8bbe09f3a71291
482edf2ddaf407023c4e0edd84c7de2d8c7c1660eaedd207c2875cd3054b71ce
GET /upload/vod/20240504-1/96c5cc1789997dafa4ee13f268b6f9ff.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 32614
last-modified: Sat, 04 May 2024 05:13:34 GMT
etag: "6635c3fe-7f66"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/f01c8e3538a6aba2c83b1fe00b68bb12.jpg
89.105.207.51200 OK 39 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/f01c8e3538a6aba2c83b1fe00b68bb12.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash d0c5a21cee8706797fcb667fc163acee
169f50f750725aaa03c6b54d3be44454a62d9322
a710dbc363a607c7740a1849bb647967a9bef06272d5afbda29ce6f1f2544876
GET /upload/vod/20240504-1/f01c8e3538a6aba2c83b1fe00b68bb12.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 38956
last-modified: Sat, 04 May 2024 05:13:23 GMT
etag: "6635c3f3-982c"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/51d06cb2eeb05ef983e46e19539ce319.jpg
89.105.207.51200 OK 32 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/51d06cb2eeb05ef983e46e19539ce319.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 640x358, components 3
Hash d7defdbeba552bea8c7398834ce13b43
23356015a08230b249377ace7430512082f103e9
da7c0f252194514dacde0c4f55afdff9f16a9d8618b79345b6734b67b5e0d22e
GET /upload/vod/20240503-1/51d06cb2eeb05ef983e46e19539ce319.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 31683
last-modified: Fri, 03 May 2024 05:09:08 GMT
etag: "66347174-7bc3"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/a2d294a1f6fd6202cc718f65e7fb8aa7.jpg
89.105.207.51200 OK 32 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/a2d294a1f6fd6202cc718f65e7fb8aa7.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 640x358, components 3
Hash d7defdbeba552bea8c7398834ce13b43
23356015a08230b249377ace7430512082f103e9
da7c0f252194514dacde0c4f55afdff9f16a9d8618b79345b6734b67b5e0d22e
GET /upload/vod/20240503-1/a2d294a1f6fd6202cc718f65e7fb8aa7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 31683
last-modified: Fri, 03 May 2024 05:09:09 GMT
etag: "66347175-7bc3"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/669cfe6e51a4b71ffcc4a7f9f9515ac5.jpg
89.105.207.51200 OK 43 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/669cfe6e51a4b71ffcc4a7f9f9515ac5.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash 9a666d73adadc2433424fda97b7fde0f
d30ed6687215a356ccf1978bc5048977e1956f07
dfa8f7624a9571d49a3476529bdb83196b9e4b041ce39897aa9093f5c57e8a08
GET /upload/vod/20240503-1/669cfe6e51a4b71ffcc4a7f9f9515ac5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 42583
last-modified: Fri, 03 May 2024 05:09:12 GMT
etag: "66347178-a657"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/f7c78107bdd03c24bb7c3152fd9ec895.jpg
89.105.207.51200 OK 24 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/f7c78107bdd03c24bb7c3152fd9ec895.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 587x331, components 3
Hash 2ebb32178aa57d96052957bffceec50d
06749f59fa86ca3765980d9484a3cac76134cd15
49bd8ef095042239dfbdaa4e9ab6fd11012c47ca9b2e77bad63c3d66adc564ce
GET /upload/vod/20240503-1/f7c78107bdd03c24bb7c3152fd9ec895.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 23520
last-modified: Fri, 03 May 2024 05:09:13 GMT
etag: "66347179-5be0"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/aee333f6833c475b2ab6fa10e190ded6.jpg
89.105.207.51200 OK 110 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/aee333f6833c475b2ab6fa10e190ded6.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 110 kB (109728 bytes)
Hash 2d25875f97bf794d60069d5c9ebdf9cd
78ae6023d7351b6134e88cc877cd4f5d22900672
d6b65e33245d47bc8cab9705d8f7bdda3ec2e971a17537c7c61ef962c281b73f
GET /upload/vod/20240510-1/aee333f6833c475b2ab6fa10e190ded6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 109728
last-modified: Fri, 10 May 2024 09:44:32 GMT
etag: "663dec80-1aca0"
expires: Sun, 09 Jun 2024 10:06:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/f3563863f342536f970c4b35235f3477.jpg
89.105.207.51200 OK 55 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/f3563863f342536f970c4b35235f3477.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1004x565, components 3
Hash 33d1e02b591816b4894716dc67a84c8b
e910064abbd9acb9e51f805216091405f1b3d502
5f2aa67f028349801605685ed7f6a810b6e688e5a40517c3b89f36675a61040f
GET /upload/vod/20240503-1/f3563863f342536f970c4b35235f3477.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 55009
last-modified: Fri, 03 May 2024 05:09:15 GMT
etag: "6634717b-d6e1"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/00d57589b78778afdfc4b6010825fc22.jpg
89.105.207.51200 OK 62 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/00d57589b78778afdfc4b6010825fc22.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x358, components 3
Hash 36ee970043013c2d4b0883085ee50a2c
5be0a41537de6213823fc354ab5b081cd3228171
7fa8ffd95ac56b11285c18f390cb308c7769be79777fc4a19ca1b6d6d64c6f90
GET /upload/vod/20240510-1/00d57589b78778afdfc4b6010825fc22.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 61792
last-modified: Fri, 10 May 2024 09:45:49 GMT
etag: "663deccd-f160"
expires: Sun, 09 Jun 2024 10:01:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/4973c0844d7ddaa696832611b4e851a6.jpg
89.105.207.51200 OK 63 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/4973c0844d7ddaa696832611b4e851a6.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3
Hash 9de3a1ea9953f00db2c2f12075e644fb
a73cd166980204dfcd9c0d616901bfe96c8998af
6f41f08bffc1dacd1af24f71cdd0928a62a7cfe7516eb99fb23965cddda9883a
GET /upload/vod/20240510-1/4973c0844d7ddaa696832611b4e851a6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 62602
last-modified: Fri, 10 May 2024 09:45:47 GMT
etag: "663deccb-f48a"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/61b4cc48fb9f6faa90b52c64378a4d6d.jpg
89.105.207.51200 OK 23 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/61b4cc48fb9f6faa90b52c64378a4d6d.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x223, components 3
Hash 7010dfb49021534a1812d41ee1072342
384868063041db5d1ab2c0d7089cd942f4cbbf1e
af94b0cd57765d405beb3bbf36ef1be6aa72a4c0a8649df0f46466b3e7d09446
GET /upload/vod/20240510-1/61b4cc48fb9f6faa90b52c64378a4d6d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 22910
last-modified: Fri, 10 May 2024 09:45:46 GMT
etag: "663decca-597e"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/3753c2ca7c43f883ed645b4b8a8835df.jpg
89.105.207.51200 OK 111 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/3753c2ca7c43f883ed645b4b8a8835df.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 111 kB (111312 bytes)
Hash 5d653c1f11b1fc917a5e5bc74b17f616
97c05f09862904015ae18f5fe02e9631004a0b9f
791e3ce6eee9916929d25baa9665b67bad6c45bdc1e854d530f87ab723bd6bac
GET /upload/vod/20240510-1/3753c2ca7c43f883ed645b4b8a8835df.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 111312
last-modified: Fri, 10 May 2024 09:44:32 GMT
etag: "663dec80-1b2d0"
expires: Sun, 09 Jun 2024 09:55:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/7123503d330173447f236d2384654451.jpg
89.105.207.51200 OK 102 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/7123503d330173447f236d2384654451.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 102 kB (101936 bytes)
Hash 6d840f4b659dcbedd6f58f88142cf908
f6ea4163fdc047eca91407b5d0065fa893878cc0
7d636fc53258dbae192ced883916b04ca38c04c0390be3db8aeb5b521ca731fa
GET /upload/vod/20240510-1/7123503d330173447f236d2384654451.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 101936
last-modified: Fri, 10 May 2024 09:44:30 GMT
etag: "663dec7e-18e30"
expires: Sun, 09 Jun 2024 10:05:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/b6eed186cc258011f2554e3d8d58e3b6.jpg
89.105.207.51200 OK 18 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/b6eed186cc258011f2554e3d8d58e3b6.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3
Hash c78906f4958f1bc4bf0a416c2a1fb556
bba6b403e0b273aa046c06f82d1fc0506ec81e72
eaf9dc62cc22fa61be9b532815a18f77305b1080e3ab610f1be049388321e497
GET /upload/vod/20240510-1/b6eed186cc258011f2554e3d8d58e3b6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 18026
last-modified: Fri, 10 May 2024 09:45:43 GMT
etag: "663decc7-466a"
expires: Sun, 09 Jun 2024 10:04:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/8457ce42348468c0c94d552b92a7aedc.jpg
89.105.207.51200 OK 61 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/8457ce42348468c0c94d552b92a7aedc.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x359, components 3
Hash 5a7692df6c575fb773f1761c30639571
9e31a6b86d96f1f7ae1ab61bdbd57fcbc6d60f02
a24f01578f68aeb1cc341b270c20d91174c0f09709e0bc974da12391090d52fd
GET /upload/vod/20240510-1/8457ce42348468c0c94d552b92a7aedc.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 60799
last-modified: Fri, 10 May 2024 09:45:33 GMT
etag: "663decbd-ed7f"
expires: Sun, 09 Jun 2024 10:04:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/356d962da6ce09f3f4e42f96d49ad846.jpg
89.105.207.51200 OK 15 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/356d962da6ce09f3f4e42f96d49ad846.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 299x168, components 3
Hash 7d12918621495e3715e7eea82927abd5
fb1678b34a3bdc8b6df6bf3cef9773dcff326a13
d3592b84fbbb6a3223724a1bdb361e096af34010975abfbfa874a8f37d8e9c30
GET /upload/vod/20240510-1/356d962da6ce09f3f4e42f96d49ad846.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 14672
last-modified: Fri, 10 May 2024 09:45:30 GMT
etag: "663decba-3950"
expires: Sun, 09 Jun 2024 10:13:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/9a7df84c4365ee621e4ea985e21b27ef.jpg
89.105.207.51200 OK 40 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/9a7df84c4365ee621e4ea985e21b27ef.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 534x348, components 3
Hash 770409caf09aee1e6fa81201eb791fde
522b4b9bf64a165238bf7e2b545295731db65913
eaa747518f941bc4d5913e33806dee8010f2b7d72d60d97fee4d0e9819c53f2d
GET /upload/vod/20240510-1/9a7df84c4365ee621e4ea985e21b27ef.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 40418
last-modified: Fri, 10 May 2024 09:45:30 GMT
etag: "663decba-9de2"
expires: Sun, 09 Jun 2024 10:10:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/cb82482706dd1f09d0e14ec105f249aa.jpg
89.105.207.51200 OK 95 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/cb82482706dd1f09d0e14ec105f249aa.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash ed3d2c12bad0b3d94b03100bccaba710
61b94221fe4ee9856a03bb4e447a0e5b53058897
3b4d8f91cbb0f46844632f72fc06b188e522b19a5877db455a1f8bfd8bbe243b
GET /upload/vod/20240510-1/cb82482706dd1f09d0e14ec105f249aa.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 95152
last-modified: Fri, 10 May 2024 09:44:25 GMT
etag: "663dec79-173b0"
expires: Sun, 09 Jun 2024 10:05:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/c4bee9ab0224817e603f0e48b067dace.jpg
89.105.207.51200 OK 107 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/c4bee9ab0224817e603f0e48b067dace.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 107 kB (107072 bytes)
Hash 387a7f64cd1d01d8b09f59c2afc5b8c2
e65d81f0f0e6c9412496f8dc065308befc2fcdf3
87571c5c45ba4c60f1f07f5542ca19045443b8cab07eee8f2ede58c9d095cdc7
GET /upload/vod/20240510-1/c4bee9ab0224817e603f0e48b067dace.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 107072
last-modified: Fri, 10 May 2024 09:44:24 GMT
etag: "663dec78-1a240"
expires: Sun, 09 Jun 2024 10:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/39061b04478615f1d2d34178051e0511.jpg
89.105.207.51200 OK 74 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/39061b04478615f1d2d34178051e0511.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1365x768, components 3
Hash f9f4dc431c3942a3b2b9ef4da6c44cbe
ca179433aefb17d30f2cc2474fba708243f7dc54
bd0a3b6ef0c662d9fb86d719cdae755efb7e5bf45b72593078495574432fc4a5
GET /upload/vod/20240509-1/39061b04478615f1d2d34178051e0511.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74194
last-modified: Thu, 09 May 2024 08:32:32 GMT
etag: "663c8a20-121d2"
expires: Sat, 08 Jun 2024 08:58:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/27cda9d4e46f5904c5ac1f42ff953e35.jpg
89.105.207.51200 OK 72 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/27cda9d4e46f5904c5ac1f42ff953e35.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Hash b064ec381e52ae8ca5848cbcb5b21444
4fde71dba9f8afd383a7c1c4bbf8c3da28cb182e
aac1c217132de7be18cfd1bd4bc5c8995c119285ec23b662af4686ea051b18d0
GET /upload/vod/20240510-1/27cda9d4e46f5904c5ac1f42ff953e35.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 71786
last-modified: Fri, 10 May 2024 09:45:08 GMT
etag: "663deca4-1186a"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/e56f398dcd6dcb8369daee90ec1dbb90.jpg
89.105.207.51200 OK 72 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/e56f398dcd6dcb8369daee90ec1dbb90.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Hash b064ec381e52ae8ca5848cbcb5b21444
4fde71dba9f8afd383a7c1c4bbf8c3da28cb182e
aac1c217132de7be18cfd1bd4bc5c8995c119285ec23b662af4686ea051b18d0
GET /upload/vod/20240510-1/e56f398dcd6dcb8369daee90ec1dbb90.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 71786
last-modified: Fri, 10 May 2024 09:45:06 GMT
etag: "663deca2-1186a"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/8c7645cc669d033a317442fe86a89ffc.jpg
89.105.207.51200 OK 110 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/8c7645cc669d033a317442fe86a89ffc.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 110 kB (110336 bytes)
Hash 4d63a23f6e90c2feed24758b79b016f0
375ce7a8eca791d821ebb891b35e087f9e27cc5e
cd32c04b6d874320e8c8e5b5a6fffd736dc9db51d528fc01ccb2f440b88db559
GET /upload/vod/20240510-1/8c7645cc669d033a317442fe86a89ffc.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 110336
last-modified: Fri, 10 May 2024 09:45:06 GMT
etag: "663deca2-1af00"
expires: Sun, 09 Jun 2024 09:57:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/df21256892245e19fd887f29b718ce86.jpg
89.105.207.51200 OK 104 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/df21256892245e19fd887f29b718ce86.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 104 kB (104496 bytes)
Hash 7d4bc6ec44c76bd08c1ed64382c0233a
58a9c86e264964c38c87af0d7215de263affd32c
bc1070e092e09f26a0df011629695fd23d49ad031ae16ae76f452c31466f0417
GET /upload/vod/20240510-1/df21256892245e19fd887f29b718ce86.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 104496
last-modified: Fri, 10 May 2024 09:45:05 GMT
etag: "663deca1-19830"
expires: Sun, 09 Jun 2024 10:07:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/a4a783a3ed1441efd88a5eed3017b735.jpg
89.105.207.51200 OK 106 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/a4a783a3ed1441efd88a5eed3017b735.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size 106 kB (106143 bytes)
Hash 1bf97297683a326e7937d76ecfa4a029
214f4661b545be253141f9dc168dc2517c665f62
ab0e890cb87fff546c3f23da01412f546c870d2723b234405216b0d1ed9994aa
GET /upload/vod/20240509-1/a4a783a3ed1441efd88a5eed3017b735.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 106143
last-modified: Thu, 09 May 2024 08:31:26 GMT
etag: "663c89de-19e9f"
expires: Sat, 08 Jun 2024 08:34:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/38a8e4b22d2104b42270118c5fa98a30.jpg
89.105.207.51200 OK 124 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/38a8e4b22d2104b42270118c5fa98a30.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size 124 kB (123836 bytes)
Hash 933bfd9ec84d8a9896bcb70cf2d88d9f
050f973c37bdbb9df2e193297b02aab1ce8bd0f5
e15155794301e4bfa652121560291bc37fe706d937700d1534539667295fa250
GET /upload/vod/20240509-1/38a8e4b22d2104b42270118c5fa98a30.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 123836
last-modified: Thu, 09 May 2024 08:31:25 GMT
etag: "663c89dd-1e3bc"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/5e5571402157ce74aba1f22713a7f9ce.jpg
89.105.207.51200 OK 74 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/5e5571402157ce74aba1f22713a7f9ce.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Hash af3b16b947681245e5489a8fbe20fd24
23d657711af6246040bbcc0abfe0f58000f56551
88bf3a923c266bf24e940fbe7757878ed3ef52c46f2b5c3f178aca1ffe546b36
GET /upload/vod/20240510-1/5e5571402157ce74aba1f22713a7f9ce.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74079
last-modified: Fri, 10 May 2024 09:45:55 GMT
etag: "663decd3-1215f"
expires: Sun, 09 Jun 2024 09:57:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/0dcf4ebc436129efd4db46205f7b46d9.jpg
89.105.207.51200 OK 95 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/0dcf4ebc436129efd4db46205f7b46d9.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x680, components 3
Hash 26f680d0d08e1781d4872b9b76bf7c28
98fbef9e110fe07ffde46d804fd638f19a00f473
c288cf12e6dfdbd861934bfa0e9841d9e489a2f75b06b68b418465599a08973b
GET /upload/vod/20240510-1/0dcf4ebc436129efd4db46205f7b46d9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 94597
last-modified: Fri, 10 May 2024 09:45:53 GMT
etag: "663decd1-17185"
expires: Sun, 09 Jun 2024 10:01:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/e06bf6441b169d43dd64980ee281626b.jpg
89.105.207.51200 OK 74 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/e06bf6441b169d43dd64980ee281626b.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 852x476, components 3
Hash 9da05117711a9933841ec39654df0a11
02584984fc8fc85a9b9504fe34f17a05daa1f9b0
bb6a038f9c29fbe122c3bfb4576c8df7859ad9c1f07a048662d4e33fb84a9b1f
GET /upload/vod/20240510-1/e06bf6441b169d43dd64980ee281626b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 73498
last-modified: Fri, 10 May 2024 09:44:20 GMT
etag: "663dec74-11f1a"
expires: Sun, 09 Jun 2024 10:01:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/9642f4d5a644aceb2541e00cee0f0ecf.jpg
89.105.207.51200 OK 92 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/9642f4d5a644aceb2541e00cee0f0ecf.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1396x772, components 3
Hash 5c549e4bb2682b3d1c604dabb8f5fcbe
99f9a27e8fc4c69c4bdcc949c39f3394a2203cd5
5db67d7876211c2949e9a1bc6f073b63543f045180d495d5a88faceed5e409ff
GET /upload/vod/20240509-1/9642f4d5a644aceb2541e00cee0f0ecf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 91682
last-modified: Thu, 09 May 2024 08:31:59 GMT
etag: "663c89ff-16622"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/54d0472bc9e21ee4b1752f6a5806427f.jpg
89.105.207.51200 OK 111 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/54d0472bc9e21ee4b1752f6a5806427f.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1704x952, components 3
Size 111 kB (110745 bytes)
Hash fe1d0c8adc72fac165aef27f1350bcf3
152dee7e3fc0dcbafafe78ceed80e252c1efd630
9ee5ecc5fa75373fd83543f3cab3d81262236b260719e00c2e6bcda925403bfe
GET /upload/vod/20240509-1/54d0472bc9e21ee4b1752f6a5806427f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 110745
last-modified: Thu, 09 May 2024 08:31:46 GMT
etag: "663c89f2-1b099"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/9358072cdd0826fcfa9ff1c584903e5e.jpg
89.105.207.51200 OK 125 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/9358072cdd0826fcfa9ff1c584903e5e.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1240x832, components 3
Size 125 kB (124706 bytes)
Hash 4ba1770945283a0f31b7b56a254b2c34
e67bee871aa27207f0d251caa6c0ef0b400accb1
7d4a9426b7c44a4d127a20f44e63fef3aee4e3382494d0400456dc39bba37c51
GET /upload/vod/20240509-1/9358072cdd0826fcfa9ff1c584903e5e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 124706
last-modified: Thu, 09 May 2024 08:31:45 GMT
etag: "663c89f1-1e722"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/7f8ef28d7a5775328d6b7decbccce14b.jpg
89.105.207.51200 OK 107 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/7f8ef28d7a5775328d6b7decbccce14b.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1436x672, components 3
Size 107 kB (107352 bytes)
Hash 1808ce7854ae83a2def757ad9077f06a
310d39861a535e1c67d4d6a6d31c1c795e9162b7
2f3216a2e50a0d6ea8a7bde68aa80402a3e264d097f83b99f98ef82723edcaad
GET /upload/vod/20240509-1/7f8ef28d7a5775328d6b7decbccce14b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 107352
last-modified: Thu, 09 May 2024 08:31:44 GMT
etag: "663c89f0-1a358"
expires: Sat, 08 Jun 2024 08:34:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/09eb51f0b8869972a0f623b34050737c.jpg
89.105.207.51200 OK 68 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/09eb51f0b8869972a0f623b34050737c.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash c1340da9373371e7d43ab7d0486049f5
0a52172f115b80458266d2e51ddae8236e87957f
48ddefc32466b809d2c3f5333b511c2a508edfe4afec8c5b75a5ec64ae542a8d
GET /upload/vod/20240504-1/09eb51f0b8869972a0f623b34050737c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 67511
last-modified: Sat, 04 May 2024 05:13:35 GMT
etag: "6635c3ff-107b7"
expires: Mon, 03 Jun 2024 05:30:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/2ce0c97ee153a433a05a4421dd5d617f.jpg
89.105.207.51200 OK 74 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/2ce0c97ee153a433a05a4421dd5d617f.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1000x780, components 3
Hash 35a87fed5f99a3caeddf22fe3b4df0a7
598b52980df784da9cd2f1e9750bf8e2cab909f8
a8ab13c4e66c0f96ace5a80b4898ba1723652a7a96ce42322f47468c057e1683
GET /upload/vod/20240504-1/2ce0c97ee153a433a05a4421dd5d617f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74306
last-modified: Sat, 04 May 2024 05:13:19 GMT
etag: "6635c3ef-12242"
expires: Mon, 03 Jun 2024 05:30:13 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/0d7206c47f47fd1999c8688572f597a8.jpg
89.105.207.51200 OK 67 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/0d7206c47f47fd1999c8688572f597a8.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 854x481, components 3
Hash fb969dec57c4992b28fe8ad21b2ecba0
a3d2ba81e77b6e25d426dba740f98e4464cccda9
4a6808bfd1c29bb11255c5d9d3af4adf999d6b35fc783c4b1e39ade5725a5a3a
GET /upload/vod/20240510-1/0d7206c47f47fd1999c8688572f597a8.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 66658
last-modified: Fri, 10 May 2024 09:45:48 GMT
etag: "663deccc-10462"
expires: Sun, 09 Jun 2024 10:01:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/61a310f2e66d459654286826f6b6d04b.jpg
89.105.207.51200 OK 98 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/61a310f2e66d459654286826f6b6d04b.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 854x481, components 3
Hash 850b10ec76a2c8f77d25d70ea0d0e9f1
4a6715788f4b4660e8421d665c1cf9f7065ff483
63fe1a1f50491942ee5bce32d0c0b1ebda084b97d65af376d689d2ecfbf9e98c
GET /upload/vod/20240510-1/61a310f2e66d459654286826f6b6d04b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 97495
last-modified: Fri, 10 May 2024 09:45:45 GMT
etag: "663decc9-17cd7"
expires: Sun, 09 Jun 2024 10:01:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/4bf5e6de6f8cad4802f8ff805ffe36c7.jpg
89.105.207.51200 OK 66 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/4bf5e6de6f8cad4802f8ff805ffe36c7.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 846x478, components 3
Hash a938c93cbe50d3a6f3750c3a9d06a3e0
1ea9144ed35dfeb1aa2f54281063a94705e5be50
913958fdab07a02c90d0315a1610ceb9c4d1242ef4a9275c460b9edd2dfa9dc4
GET /upload/vod/20240510-1/4bf5e6de6f8cad4802f8ff805ffe36c7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 66254
last-modified: Fri, 10 May 2024 09:45:45 GMT
etag: "663decc9-102ce"
expires: Sun, 09 Jun 2024 10:04:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/099f8c61c11e743fdf7b4b513b2e42a4.jpg
89.105.207.51200 OK 91 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/099f8c61c11e743fdf7b4b513b2e42a4.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 853x480, components 3
Hash 7474491fd6ad3a6e44ebd4ee47df5c77
6504e513576d912b6832a65ecaef751c757d8255
08f9c8ee3d464b60e80baede4a1224d584e97d89b3e33d1e088a816d3b98fafb
GET /upload/vod/20240510-1/099f8c61c11e743fdf7b4b513b2e42a4.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 91407
last-modified: Fri, 10 May 2024 09:45:44 GMT
etag: "663decc8-1650f"
expires: Sun, 09 Jun 2024 10:04:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/104791da59f56a8075f8bf79bdc1f22e.jpg
89.105.207.51200 OK 87 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/104791da59f56a8075f8bf79bdc1f22e.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x474, components 3
Hash 0ceaa0153801a07c44a06f1014aa53c2
1140765f3c6188588bad6a302b3b8e1fc84fe43b
800b57eb85220417f1454a886822cf7e985ce00eeef5882d92d1b66345b45bce
GET /upload/vod/20240510-1/104791da59f56a8075f8bf79bdc1f22e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 87140
last-modified: Fri, 10 May 2024 09:45:42 GMT
etag: "663decc6-15464"
expires: Sun, 09 Jun 2024 10:04:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/44a35d38860aceb11099c23c4d0657cf.jpg
89.105.207.51200 OK 75 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/44a35d38860aceb11099c23c4d0657cf.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x394, components 3
Hash 6471f076e3cda20d01d7d3ecfbaf277c
cb4c08e32cf7ffe7afcd9dbac8338e55fcc2f70b
20af3d3a0357fefd7a7eb6a906445658a4ec2fb9e0da2c29a798e0ac61f46e3d
GET /upload/vod/20240510-1/44a35d38860aceb11099c23c4d0657cf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 74857
last-modified: Fri, 10 May 2024 09:45:41 GMT
etag: "663decc5-12469"
expires: Sun, 09 Jun 2024 10:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/2e97a41de28572a4848410c3c45b46e6.jpg
89.105.207.51200 OK 74 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/2e97a41de28572a4848410c3c45b46e6.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 855x478, components 3
Hash cf49fe733648c0d9e34b8586b2cbbade
ebd6938da6ada1f63f3bc9e96e5de3f9c54d3405
73bfccf9e3c52ca5dc5528f1ee621af680f7b0671f2ff119edcc2a5b1c7c1a25
GET /upload/vod/20240510-1/2e97a41de28572a4848410c3c45b46e6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 73870
last-modified: Fri, 10 May 2024 09:45:29 GMT
etag: "663decb9-1208e"
expires: Sun, 09 Jun 2024 10:13:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/cdc2376b2a4fe2ad74e4d6c0acfc6291.jpg
89.105.207.51200 OK 102 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/cdc2376b2a4fe2ad74e4d6c0acfc6291.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 102 kB (101872 bytes)
Hash ec20b4ac4ed3dce88377b2530e8c0ae1
a1e08998b2af404388d6101be1c2d7b8fca2b501
73fc46da27c7cd0e63043f956f86bcac019c8c439b7765f0bdbbfdc091db8b07
GET /upload/vod/20240510-1/cdc2376b2a4fe2ad74e4d6c0acfc6291.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 101872
last-modified: Fri, 10 May 2024 09:44:38 GMT
etag: "663dec86-18df0"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/714aa86e2076f868c137abdd08f2d75d.jpg
89.105.207.51200 OK 188 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/714aa86e2076f868c137abdd08f2d75d.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3
Size 188 kB (188543 bytes)
Hash f03273ef401d835764097d67aaa2d09d
7f26dbf1b7002c59a4b87b7b5c1fe2f35e5578e3
56450ce35ca32cfad5228a2f0ba1c4539bd3de3ef299cf60c1d140fd5a31119d
GET /upload/vod/20240509-1/714aa86e2076f868c137abdd08f2d75d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 188543
last-modified: Thu, 09 May 2024 08:32:34 GMT
etag: "663c8a22-2e07f"
expires: Sat, 08 Jun 2024 09:29:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/eaea012eb63c4fdd7192a118cbd63360.jpg
89.105.207.51200 OK 188 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/eaea012eb63c4fdd7192a118cbd63360.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3
Size 188 kB (188543 bytes)
Hash f03273ef401d835764097d67aaa2d09d
7f26dbf1b7002c59a4b87b7b5c1fe2f35e5578e3
56450ce35ca32cfad5228a2f0ba1c4539bd3de3ef299cf60c1d140fd5a31119d
GET /upload/vod/20240509-1/eaea012eb63c4fdd7192a118cbd63360.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 188543
last-modified: Thu, 09 May 2024 08:32:33 GMT
etag: "663c8a21-2e07f"
expires: Sat, 08 Jun 2024 09:29:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/ea31bbd3aa58525529e7d546db45685e.jpg
89.105.207.51200 OK 194 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/ea31bbd3aa58525529e7d546db45685e.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2534x1424, components 3
Size 194 kB (193571 bytes)
Hash 25784019593ed5698cd711cce9f89978
7320382fef848c58baf6441d7a11ec2f88767118
02b93d62f075756202ed64954a9ff8d07166d99cf65ac77eb40dd4efff5b2516
GET /upload/vod/20240509-1/ea31bbd3aa58525529e7d546db45685e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 193571
last-modified: Thu, 09 May 2024 08:32:31 GMT
etag: "663c8a1f-2f423"
expires: Sat, 08 Jun 2024 09:29:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/71bd48ca518b23e02f44d336b7b0905e.jpg
89.105.207.51200 OK 239 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/71bd48ca518b23e02f44d336b7b0905e.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3
Size 239 kB (239289 bytes)
Hash 2d0a68231999410d6e4d5369f27ca2b0
d56e6eec6d5cd56a754700a906ff89e7c6b2ae44
f41eab958771652b2406e2c96cc94483b6d4424c78f9da2d90e5e433fcdbc3a8
GET /upload/vod/20240509-1/71bd48ca518b23e02f44d336b7b0905e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 239289
last-modified: Thu, 09 May 2024 08:31:37 GMT
etag: "663c89e9-3a6b9"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=620886861&si=569ca73acb40f859d8d11d8f2794cf95&v=1.3.0&lv=1&sn=11069&r=0&ww=1280&u=http%3A%2F%2Fwww.juniorwatch.com%2Fassets%2Fproduction%2Fagents%2FWindows%2F3.5.1.4016%2FJuniorWatch_Windows_3.5.1.4016.exe&tt=%E5%96%80%E4%BB%80%E7%96%A4%E9%92%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
14.215.183.79200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=620886861&si=569ca73acb40f859d8d11d8f2794cf95&v=1.3.0&lv=1&sn=11069&r=0&ww=1280&u=http%3A%2F%2Fwww.juniorwatch.com%2Fassets%2Fproduction%2Fagents%2FWindows%2F3.5.1.4016%2FJuniorWatch_Windows_3.5.1.4016.exe&tt=%E5%96%80%E4%BB%80%E7%96%A4%E9%92%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 14.215.183.79:443
Requested by http://www.juniorwatch.com/assets/production/agents/Windows/3.5.1.4016/JuniorWatch_Windows_3.5.1.4016.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=620886861&si=569ca73acb40f859d8d11d8f2794cf95&v=1.3.0&lv=1&sn=11069&r=0&ww=1280&u=http%3A%2F%2Fwww.juniorwatch.com%2Fassets%2Fproduction%2Fagents%2FWindows%2F3.5.1.4016%2FJuniorWatch_Windows_3.5.1.4016.exe&tt=%E5%96%80%E4%BB%80%E7%96%A4%E9%92%A8%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.juniorwatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 11 May 2024 01:08:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8022D416F5CFA7C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?79e9f7e1fcbaf25401c84e3d008280de
111.45.3.198200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?79e9f7e1fcbaf25401c84e3d008280de
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (615)
Hash d49b640c6709314f4d4e66ca58962ea5
bfa123fd71a6a569bd2451d344ec51669047b301
b61507ba9a28e03ecbbc884bcae750e068d0ae70bdbee7458bbe56078930c9c2
GET /hm.js?79e9f7e1fcbaf25401c84e3d008280de HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 11 May 2024 01:08:14 GMT
Etag: 185e71fe9f86ab743287f169833f40d6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=214A316D6264BCC9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.hgimg01.com/upload/vod/20240510-1/22400c1390cad8bf6d2fc80e9a7b6892.jpg
89.105.207.51200 OK 100 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/22400c1390cad8bf6d2fc80e9a7b6892.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 100 kB (100000 bytes)
Hash 260f1591e005dac35b5998b631073ee9
b7fa81cf951213d1b380462f4389423269190594
3cd1db0f2e7aeebf053a4b51feb486a69f1ba3f6a78121f2fe0fc9d29ce959fa
GET /upload/vod/20240510-1/22400c1390cad8bf6d2fc80e9a7b6892.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 100000
last-modified: Fri, 10 May 2024 09:44:33 GMT
etag: "663dec81-186a0"
expires: Sun, 09 Jun 2024 10:06:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/6719fada570b9054c2cca40df6298b22.jpg
89.105.207.51200 OK 151 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/6719fada570b9054c2cca40df6298b22.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 151 kB (151072 bytes)
Hash f15a64b5b4573ddc8d3f708e44112705
576ec502099ba847abb811f492871f72863d0ee6
58da7fc9d1b66762c01619f120e128f5dc9eb868cf6993b0ac330eb466e4c92e
GET /upload/vod/20240509-1/6719fada570b9054c2cca40df6298b22.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 151072
last-modified: Thu, 09 May 2024 08:31:35 GMT
etag: "663c89e7-24e20"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/426e6ff91fdbe72d3c7a64c72d655ab0.jpg
89.105.207.51200 OK 135 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/426e6ff91fdbe72d3c7a64c72d655ab0.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1892x1060, components 3
Size 135 kB (134821 bytes)
Hash 7d1ac409badc46e9ef3818b78a7422f9
9e97092929c8a24bcaee3b84bbaeba351ca26de4
10c95420fd89208bcfdc44a7af8da7e61d8b715259f7d436d3995369c71ca424
GET /upload/vod/20240510-1/426e6ff91fdbe72d3c7a64c72d655ab0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 134821
last-modified: Fri, 10 May 2024 09:45:59 GMT
etag: "663decd7-20ea5"
expires: Sun, 09 Jun 2024 10:00:51 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/5ec7cc890b584a70532346d6c94169f0.jpg
89.105.207.51200 OK 141 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/5ec7cc890b584a70532346d6c94169f0.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1180x732, components 3
Size 141 kB (140580 bytes)
Hash 0d3c027b338167a066fcc3c24bd4a9d0
6775ea0cfbf925f43454e1408317048351363286
052608871a8bbbe56b931fccc55a5380e439c3f0acfd19c7d6f8c51de96ef67c
GET /upload/vod/20240510-1/5ec7cc890b584a70532346d6c94169f0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 140580
last-modified: Fri, 10 May 2024 09:44:15 GMT
etag: "663dec6f-22524"
expires: Sun, 09 Jun 2024 10:00:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/0c0fb18dbe973b596e01f56099197bbf.jpg
89.105.207.51200 OK 141 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/0c0fb18dbe973b596e01f56099197bbf.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1180x732, components 3
Size 141 kB (140580 bytes)
Hash 0d3c027b338167a066fcc3c24bd4a9d0
6775ea0cfbf925f43454e1408317048351363286
052608871a8bbbe56b931fccc55a5380e439c3f0acfd19c7d6f8c51de96ef67c
GET /upload/vod/20240510-1/0c0fb18dbe973b596e01f56099197bbf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 140580
last-modified: Fri, 10 May 2024 09:44:14 GMT
etag: "663dec6e-22524"
expires: Sun, 09 Jun 2024 10:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240503-1/6356ad085e1b6d36be389a88d98dc64d.jpg
89.105.207.51200 OK 180 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240503-1/6356ad085e1b6d36be389a88d98dc64d.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2534x1424, components 3
Size 180 kB (180257 bytes)
Hash fab25901cbaf1b32ac519bf93fb8df0f
311486a50d010ba9ace4a5672ce7645fa085458a
9bcd427775f2ff4721e396d5aa9e226af4bd900596f96c846c88003d3548a34c
GET /upload/vod/20240503-1/6356ad085e1b6d36be389a88d98dc64d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 180257
last-modified: Fri, 03 May 2024 05:09:14 GMT
etag: "6634717a-2c021"
expires: Sun, 02 Jun 2024 05:23:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/987eafa8930ac3a43756f632d8012625.jpg
89.105.207.51200 OK 174 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/987eafa8930ac3a43756f632d8012625.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1011x567, components 3
Size 174 kB (174384 bytes)
Hash 940ef8efbad247df2dc131daa26fe15e
bc8e3c8caffd06bd968d5294f92d1dca4d6a561b
b1eff2c6fd2dc687aad2993b1565cb2689d02bda7ef265a6a73137b0c60c29a8
GET /upload/vod/20240510-1/987eafa8930ac3a43756f632d8012625.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 174384
last-modified: Fri, 10 May 2024 09:45:34 GMT
etag: "663decbe-2a930"
expires: Sun, 09 Jun 2024 10:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/24fca9c7cfcbbe3e2662dc1965c184a3.jpg
89.105.207.51200 OK 148 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/24fca9c7cfcbbe3e2662dc1965c184a3.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size 148 kB (147561 bytes)
Hash 826dada2a95c119438a15bed01f4c6f1
979883e7eaebe949723ebbd3b8cf04d0267463c2
7f9a7c84d50ad59a856ad5c7f18181bedd1652fb54ce911aafc28a3c9a26fecb
GET /upload/vod/20240510-1/24fca9c7cfcbbe3e2662dc1965c184a3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 147561
last-modified: Fri, 10 May 2024 09:45:32 GMT
etag: "663decbc-24069"
expires: Sun, 09 Jun 2024 10:13:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/fdff6db8e66100d9ec4fea55bc10dbf7.jpg
89.105.207.51200 OK 140 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/fdff6db8e66100d9ec4fea55bc10dbf7.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 140 kB (139808 bytes)
Hash ba7337e2e6ef054a7809875571b44fdd
6de5e1b483edba49ce55f297b03af9f0796e409f
172a9f8fad580c91be948209e9b2d30481a2a819cc021dc98ea7c35c18db0614
GET /upload/vod/20240510-1/fdff6db8e66100d9ec4fea55bc10dbf7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 139808
last-modified: Fri, 10 May 2024 09:44:35 GMT
etag: "663dec83-22220"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/63845acbb61945c8436d784779728985.jpg
89.105.207.51200 OK 225 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/63845acbb61945c8436d784779728985.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2561x1440, components 3
Size 225 kB (224683 bytes)
Hash 1e9f985a802ff167a9ad3a78dcd4a753
d800416ecf7500d77f1b640f7fbf3beea0092375
59e18f8fea0d2fa27c1316872ae81f5efa6440e9dd72f3a83ad1122bbfa3aeb4
GET /upload/vod/20240510-1/63845acbb61945c8436d784779728985.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 224683
last-modified: Fri, 10 May 2024 09:45:03 GMT
etag: "663dec9f-36dab"
expires: Sun, 09 Jun 2024 10:07:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/5fc3a324c05b39e1444f8aaee1a646f9.jpg
89.105.207.51200 OK 247 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/5fc3a324c05b39e1444f8aaee1a646f9.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 247 kB (246880 bytes)
Hash c1eed2e96d81ec2ed36cf785e866d515
6a85849e2f3ee2b5bfe52387672373555f7b1fb7
ee6e13889ef431548e728e72d4dcb10b2711e086aa6ce1c570928730d20a12f3
GET /upload/vod/20240510-1/5fc3a324c05b39e1444f8aaee1a646f9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 246880
last-modified: Fri, 10 May 2024 09:44:34 GMT
etag: "663dec82-3c460"
expires: Sun, 09 Jun 2024 10:06:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240509-1/cd779fc119a284b9468f6e2085a0d1cf.jpg
89.105.207.51200 OK 633 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240509-1/cd779fc119a284b9468f6e2085a0d1cf.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3840x2160, components 3
Size 633 kB (632751 bytes)
Hash 4a37bbfe8baba233b38a13bd1e510186
85a17e22829416b5fbe5ae00c137f1f4554db0af
27be32a2b24b409215e159f486bf05a1ab744cbe1bf195e3611d4e13a6ddd09c
GET /upload/vod/20240509-1/cd779fc119a284b9468f6e2085a0d1cf.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 632751
last-modified: Thu, 09 May 2024 08:31:24 GMT
etag: "663c89dc-9a7af"
expires: Sat, 08 Jun 2024 08:34:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1903307212&si=79e9f7e1fcbaf25401c84e3d008280de&su=http%3A%2F%2Fwww.juniorwatch.com%2F&v=1.3.0&lv=1&sn=11071&r=0&ww=1280&u=https%3A%2F%2Fwelcome.ask39dka-3j3kds.vip%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4-%E6%A8%B1%E8%8A%B1%E8%A7%86%E9%A2%91-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86
14.215.183.79200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1903307212&si=79e9f7e1fcbaf25401c84e3d008280de&su=http%3A%2F%2Fwww.juniorwatch.com%2F&v=1.3.0&lv=1&sn=11071&r=0&ww=1280&u=https%3A%2F%2Fwelcome.ask39dka-3j3kds.vip%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4-%E6%A8%B1%E8%8A%B1%E8%A7%86%E9%A2%91-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86
IP 14.215.183.79:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1903307212&si=79e9f7e1fcbaf25401c84e3d008280de&su=http%3A%2F%2Fwww.juniorwatch.com%2F&v=1.3.0&lv=1&sn=11071&r=0&ww=1280&u=https%3A%2F%2Fwelcome.ask39dka-3j3kds.vip%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4-%E6%A8%B1%E8%8A%B1%E8%A7%86%E9%A2%91-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 11 May 2024 01:08:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=50C6555B138AB0A1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img.hgimg01.com/upload/vod/20240510-1/87533d4e8b9ec953298b5435121a0bd1.jpg
89.105.207.51200 OK 293 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/87533d4e8b9ec953298b5435121a0bd1.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2872x1616, components 3
Size 293 kB (292765 bytes)
Hash 44ab780dbf545d3047abce520948f596
602df047d12889f07dfb68fd8ce58da6f00785f5
7cba1fa164beae35f0d4edcdff6b9f4c9f2dd044ef4616a8baadcc54b3a7a0f4
GET /upload/vod/20240510-1/87533d4e8b9ec953298b5435121a0bd1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 292765
last-modified: Fri, 10 May 2024 09:44:13 GMT
etag: "663dec6d-4779d"
expires: Sun, 09 Jun 2024 10:01:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240504-1/d8374e8715fb7da04b9f12100ddd9c01.jpg
89.105.207.51200 OK 244 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240504-1/d8374e8715fb7da04b9f12100ddd9c01.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 3424x1920, components 3
Size 244 kB (243933 bytes)
Hash e1b56f2ef322dc919e9e513b5ffa3ee2
d2aef0312acf6c9a4f77864ed1ea927b1c3ea2dc
c8f99f83e31bc06726e240f72b6d9ce9228d52d3a5ecacf77da5849aa5825d82
GET /upload/vod/20240504-1/d8374e8715fb7da04b9f12100ddd9c01.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 243933
last-modified: Sat, 04 May 2024 05:13:22 GMT
etag: "6635c3f2-3b8dd"
expires: Mon, 03 Jun 2024 05:30:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/7981c191b83f29e63e62cfd3d8a8e7af.jpg
89.105.207.51200 OK 320 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/7981c191b83f29e63e62cfd3d8a8e7af.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2561x1440, components 3
Size 320 kB (319775 bytes)
Hash ca2461c8cec78f48642cffa12692d567
00e1a32ae95c6cfa6a750aa47c7a0283bbd309db
51849bb6cf9a44450cf937c4cd189baae9cc94b98abfe03caf41d9b8d8108f0f
GET /upload/vod/20240510-1/7981c191b83f29e63e62cfd3d8a8e7af.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 319775
last-modified: Fri, 10 May 2024 09:50:17 GMT
etag: "663dedd9-4e11f"
expires: Sun, 09 Jun 2024 09:56:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/a03574ffa20c067a3c40c89e6af12837.jpg
89.105.207.51200 OK 94 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/a03574ffa20c067a3c40c89e6af12837.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash 73408b8b9068678657671f29adcfc7c0
40ba5d28a92df08403d2bee2b93f2c592bed300a
07d38a28b4496c80136523eb700eb72d36a1e6841cc789510390add35c9ecf08
GET /upload/vod/20240510-1/a03574ffa20c067a3c40c89e6af12837.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:14 GMT
content-type: image/jpeg
content-length: 93888
last-modified: Fri, 10 May 2024 09:44:37 GMT
etag: "663dec85-16ec0"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240510-1/508893282bfe933ccbbc3d494dc99bcd.jpg
89.105.207.51200 OK 132 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240510-1/508893282bfe933ccbbc3d494dc99bcd.jpg
IP 89.105.207.51:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 132 kB (132528 bytes)
Hash 4fd64adc6c4b996b489d0839ec01ecdb
50649ff6ddd7ef2f1712932716b898d3149028a3
2f5e852db31a31383414cddffce12960a42c7cc626cfc82be19f96d0ff640db2
GET /upload/vod/20240510-1/508893282bfe933ccbbc3d494dc99bcd.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:15 GMT
content-type: image/jpeg
content-length: 132528
last-modified: Fri, 10 May 2024 09:44:36 GMT
etag: "663dec84-205b0"
expires: Sun, 09 Jun 2024 10:01:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/05/07/150-17e009a74d7d764f2.gif
172.67.172.31200 OK 59 kB URL GET HTTP/2 www.imageoss.com/images/2024/05/07/150-17e009a74d7d764f2.gif
IP 172.67.172.31:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 150 x 150
Hash cb7ed2cddfd87e48f2ac30b32ab91049
fee39c6733e42d547294d01efe849389798ea744
68800044a7d96856376fa6f4557a86178b68f1454e66da29503edce2fe941594
GET /images/2024/05/07/150-17e009a74d7d764f2.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:16 GMT
content-type: image/gif
content-length: 59002
last-modified: Tue, 07 May 2024 06:16:15 GMT
etag: "6639c72f-e67a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 324118
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpoUtg2DzreLl5a4Uln1Q%2BNkUSVK%2BtGh%2F25XYwhPP5B7Jmy%2B6z4pQeFQHby1l1rP2jjhhCj%2BX6rO%2B1bVRaStBKs5lvbS02FmZgkWbhlX7ZIL6qIqalRWobngwmT1Ejk7bGRp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e46e2ba7c0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r9n9ej2gmhde.sisiyy.com/2024/6117/960-120.webp
143.204.55.33200 OK 311 kB URL GET HTTP/2 r9n9ej2gmhde.sisiyy.com/2024/6117/960-120.webp
IP 143.204.55.33:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectr9n9ej2gmhde.sisiyy.com
FingerprintA2:DD:60:24:90:77:5C:0D:20:0C:AE:36:DA:66:83:14:B9:7F:8C:61
ValidityTue, 19 Mar 2024 06:47:03 GMT - Fri, 18 Apr 2025 06:47:02 GMT
File type RIFF (little-endian) data, Web/P image
Size 311 kB (311022 bytes)
Hash 7f7a16586f254cae9cacdb909f04a356
60a2fb5297cb85b5b33db030cbefe44e6cfc9bb5
d860295b4550a848afd917d6bfa658013094df9f49837673046045cd74a77bf1
GET /2024/6117/960-120.webp HTTP/1.1
Host: r9n9ej2gmhde.sisiyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 311022
server: openresty
date: Mon, 29 Apr 2024 09:15:57 GMT
accept-ranges: bytes
etag: "6613e62b-4beee"
last-modified: Mon, 08 Apr 2024 12:42:19 GMT
x-m-log: QNM:dal125;QNM3
x-m-reqid: 40kAAOQZxEt9tcoX
x-qnm-cache: Hit
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
age: 1875215
access-control-max-age: 129600
cache-control: Max-Age=129600
x-az-kvs-duration: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FXnLAtWPOnDn3vf_jDP4HhMfg5vGKjdIwjgBTyuaCYghmx9O9UdqhQ==
X-Firefox-Spdy: h2
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL GET HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:443
ASN #3462 Data Communication Business Group
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintB0:43:78:32:80:A7:A0:F7:9E:6A:67:05:7A:BC:88:85:19:E6:24:E9
ValidityFri, 08 Mar 2024 08:00:28 GMT - Thu, 06 Jun 2024 08:00:27 GMT
File type GIF image data, version 89a, 960 x 60
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Apr 2011 06:25:49 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Mon, 09 May 2011 06:25:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
666bbb333www.com/eef93f954ba840d0994b763a1fc78c04.gif
45.58.182.122200 OK 55 kB URL GET HTTP/1.1 666bbb333www.com/eef93f954ba840d0994b763a1fc78c04.gif
IP 45.58.182.122:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 300 x 200
Hash 6a74268586745b61539e595a16e9fdc2
aa50489929b670f3d27c0d6a145123daeb26c122
3ecfab23f2f85af5e9d301cbc3b132706b2af6e3fb13a9d3a60d1bcec64bb5af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /eef93f954ba840d0994b763a1fc78c04.gif HTTP/1.1
Host: 666bbb333www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:08:16 GMT
Content-Type: image/gif
Content-Length: 54826
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 07:57:14 GMT
ETag: "6633475a-d62a"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
r9n9ej2gmhde.sisiyy.com/2024/9666/960-120.webp
143.204.55.33200 OK 251 kB URL GET HTTP/2 r9n9ej2gmhde.sisiyy.com/2024/9666/960-120.webp
IP 143.204.55.33:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectr9n9ej2gmhde.sisiyy.com
FingerprintA2:DD:60:24:90:77:5C:0D:20:0C:AE:36:DA:66:83:14:B9:7F:8C:61
ValidityTue, 19 Mar 2024 06:47:03 GMT - Fri, 18 Apr 2025 06:47:02 GMT
File type RIFF (little-endian) data, Web/P image
Size 251 kB (251160 bytes)
Hash 03ddb2504bdbddd6bb6f1c86220ba393
d270d799d5a352fa1dbc28498cceacf98dbadc02
e0100aa0e1be2544d644e0f44198a680e9c0d1ef62af7cb5ac35cc2db9f73ddc
GET /2024/9666/960-120.webp HTTP/1.1
Host: r9n9ej2gmhde.sisiyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 251160
server: openresty
date: Mon, 29 Apr 2024 09:16:13 GMT
accept-ranges: bytes
etag: "661d3370-3d518"
last-modified: Mon, 15 Apr 2024 14:02:24 GMT
x-m-log: QNM:dal125;QNM3
x-m-reqid: 40kAAIM079GAtcoX
x-qnm-cache: Hit
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
age: 1875200
access-control-max-age: 129600
cache-control: Max-Age=129600
x-az-kvs-duration: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K1MUzmjHx9vaJDXpC_zPkHlVmSX_0964uzXGwkE1ZNHCAhOYPm4bnA==
X-Firefox-Spdy: h2
r9n9ej2gmhde.sisiyy.com/2024/8878/960-120.webp
143.204.55.33200 OK 312 kB URL GET HTTP/2 r9n9ej2gmhde.sisiyy.com/2024/8878/960-120.webp
IP 143.204.55.33:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerUnizeto Technologies S.A.
Subjectr9n9ej2gmhde.sisiyy.com
FingerprintA2:DD:60:24:90:77:5C:0D:20:0C:AE:36:DA:66:83:14:B9:7F:8C:61
ValidityTue, 19 Mar 2024 06:47:03 GMT - Fri, 18 Apr 2025 06:47:02 GMT
File type RIFF (little-endian) data, Web/P image
Size 312 kB (311578 bytes)
Hash 4e5927ed835b806fa5c31debb2cfdf34
2c862aa1eb52a11bd1445dedb2530a429ab94dbd
0187a8bbe5684d521a68ab0ecabd2c54b6ee7800e0f62da62287275ce8ca28b6
GET /2024/8878/960-120.webp HTTP/1.1
Host: r9n9ej2gmhde.sisiyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 311578
server: openresty
date: Mon, 29 Apr 2024 09:15:57 GMT
accept-ranges: bytes
etag: "6613e650-4c11a"
last-modified: Mon, 08 Apr 2024 12:42:56 GMT
x-m-log: QNM:dal129;QNM3
x-m-reqid: agwAACApSUt9tcoX
x-qnm-cache: Hit
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
age: 1875209
access-control-max-age: 129600
cache-control: Max-Age=129600
x-az-kvs-duration: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZZC-zg17u6Ltj6Ey7fUyAmQGHexXfjaUzZUjahaXflymssidPaojJg==
X-Firefox-Spdy: h2
777bbb333www.com/b81d01c2191d4544a7af79a021eb9839.gif
45.58.182.122200 OK 276 kB URL GET HTTP/1.1 777bbb333www.com/b81d01c2191d4544a7af79a021eb9839.gif
IP 45.58.182.122:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 960 x 120
Size 276 kB (275557 bytes)
Hash 11860f404faba7f60bb234c85667399a
4fe02c13af45dd4cabbb1a382ad822b0552cbf02
da719a94a6242190011b6b84f65cb5ddd9a7c378a3769a0fa1579816f806656d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /b81d01c2191d4544a7af79a021eb9839.gif HTTP/1.1
Host: 777bbb333www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:08:16 GMT
Content-Type: image/gif
Content-Length: 275557
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 08:46:09 GMT
ETag: "663352d1-43465"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
q6h-vza.com/sq960-120.gif
198.16.54.19200 OK 233 kB URL GET HTTP/2 q6h-vza.com/sq960-120.gif
IP 198.16.54.19:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subject2we-y3h.com
FingerprintDC:38:36:01:99:05:32:6D:C0:9E:06:87:8C:AC:4D:1B:88:D6:B4:26
ValidityWed, 24 Apr 2024 12:04:52 GMT - Tue, 23 Jul 2024 12:04:51 GMT
File type GIF image data, version 89a, 960 x 120
Size 233 kB (232959 bytes)
Hash 326cce373c636a893a98174893a1d356
d9e61854af6bf6b2eb07db4cbade6d23c5518a77
251f437d5789b5d5647e5c8c59ff3abd2f6b2ebac80a30f02b3f8821e88a3a22
GET /sq960-120.gif HTTP/1.1
Host: q6h-vza.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:08:16 GMT
content-type: image/gif
content-length: 232959
last-modified: Wed, 24 Apr 2024 12:15:23 GMT
etag: "38dff-616d69ff96cc0"
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
files.catbox.moe/txctsq.gif
108.181.20.35200 OK 466 kB URL GET HTTP/2 files.catbox.moe/txctsq.gif
IP 108.181.20.35:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectcatbox.moe
Fingerprint39:D9:8F:B6:28:27:0B:83:FF:34:5D:CD:EF:B7:DC:17:C4:51:98:5B
ValidityThu, 29 Feb 2024 08:26:47 GMT - Wed, 29 May 2024 08:26:46 GMT
File type GIF image data, version 89a, 120 x 120
Size 466 kB (465779 bytes)
Hash c5dff16d1a18c3fe89bd8a29c128bb3d
26fe4a2634295930c232b485ccccf4fee7e8a5ff
2c9db7af23cd0f1293de474531c89c44c2f0cc89ab5d0d0ac4060abed17bef2d
GET /txctsq.gif HTTP/1.1
Host: files.catbox.moe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:08:16 GMT
content-type: image/gif
content-length: 465779
last-modified: Wed, 20 Dec 2023 08:48:48 GMT
etag: "6582aa70-71b73"
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
X-Firefox-Spdy: h2
zhibo128x.xyz/18/180180.gif
192.74.228.210200 OK 246 kB URL GET HTTP/1.1 zhibo128x.xyz/18/180180.gif
IP 192.74.228.210:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectzhibo128x.xyz
Fingerprint67:A6:C6:63:35:88:F1:1A:13:2E:04:66:4B:FD:55:0A:1E:E1:37:79
ValidityMon, 04 Mar 2024 15:14:07 GMT - Sun, 02 Jun 2024 15:14:06 GMT
File type GIF image data, version 89a, 100 x 100
Size 246 kB (245681 bytes)
Hash 8410d45b2bc678e3d3f6bace277f0194
a34fdab4212014ce03f99c3e15a7a29575e17015
ade534d1d48ad181eb469060240e069ed836e853d47a9c7ff49fb7c32eaf315c
GET /18/180180.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 11 May 2024 01:08:16 GMT
Content-Type: image/gif
Content-Length: 245681
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 18:14:43 GMT
ETag: "64a5b313-3bfb1"
Expires: Sat, 08 Jun 2024 08:08:41 GMT
Cache-Control: max-age=2592000
Via: mycdn
CDN-Cache: HIT
Accept-Ranges: bytes
api.pandeku.com/Public/uploads/650aeeb8ce29b.gif
103.194.186.59403 Forbidden 420 B URL GET HTTP/2 api.pandeku.com/Public/uploads/650aeeb8ce29b.gif
IP 103.194.186.59:443
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerLet's Encrypt
Subjectapi.pandeku.com
Fingerprint5F:56:F3:2A:68:D2:47:29:F6:94:D6:D4:21:6E:89:35:28:81:F3:CC
ValidityMon, 06 May 2024 15:57:25 GMT - Sun, 04 Aug 2024 15:57:24 GMT
File type HTML document, ASCII text
Hash 3e14dea24b37bc6f23fcd11f590d5fa9
79c3dd74b184b6a85a0f23360a1c8820ea93c9d0
56b9a17f12a27c33950ebbf3a5d1aa5249173f57586da6bcc6faa7783447e431
GET /Public/uploads/650aeeb8ce29b.gif HTTP/1.1
Host: api.pandeku.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
content-length: 420
date: Sat, 11 May 2024 01:08:17 GMT
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
104.193.88.109200 OK 85 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 200 x 200
Hash 7c7282d06f4d8c18aa9c8d90edefcd29
eb230b66267afe4bf59d4eb27c6bbafa74f59be8
fc8f3ffb381649d5e1739f5246ecbf6608ae3ccd7629bb254a675619f87f6171
GET /forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 11 May 2024 01:08:17 GMT
content-type: image/gif
content-length: 84776
access-control-allow-origin: *
etag: 7c7282d06f4d8c18aa9c8d90edefcd29
expires: Mon, 10 Jun 2024 01:08:17 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
104.193.88.109200 OK 233 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://welcome.ask39dka-3j3kds.vip/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 120
Size 233 kB (232650 bytes)
Hash 4b27d41a2128600fde62fbb7f6d4f8ed
0612d8918617330bc746f5846dfaf04f81c8465a
39ccf13d8ffed481f1075b1a896c3750815f6a3bb8044ec876493659d91bd941
GET /forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.ask39dka-3j3kds.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 11 May 2024 01:08:17 GMT
content-type: image/gif
content-length: 232650
access-control-allow-origin: *
etag: 4b27d41a2128600fde62fbb7f6d4f8ed
expires: Mon, 10 Jun 2024 01:08:17 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2