Report - www.5yyw.cn/config/203889906.exe

Report Overview

Visited public
2023-09-26 19:08:27
Tags
URL
www.5yyw.cn/config/203889906.exe
Finishing URL
www.5yyw.cn/config/203889906.exe
IP / ASN
154.86.208.2
#134548 DXTL Tseung Kwan O Service
Title
寿光鼐侣实业投资有限公司

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dvcasha2.ocsp-certum.com	71753	2013-12-19	2014-11-27 09:04:42	2023-09-25 23:22:29	3.7 kB	20 kB	95.101.10.107
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-25 22:39:12	1.7 kB	4.8 kB	104.18.15.101
kycnxwxaztbrax.huayingshangmeng.com	unknown	2020-06-24	2023-06-06 10:32:06	2023-09-24 18:55:41	1.8 kB	2.1 MB	101.28.250.219
www.linkpicture.com	86847	2018-06-25	2019-07-19 21:10:53	2023-09-25 20:07:35	432 B	99 kB	104.21.235.181
push.zhanzhang.baidu.com	57139	1999-10-11	2015-07-22 07:44:02	2023-09-25 22:46:40	322 B	750 B	182.61.201.94
img.1379a.xyz	unknown	2023-05-10	2023-06-25 03:18:18	2023-09-25 01:06:09	1.8 kB	812 B	3.36.126.81
files.230808.top	unknown	2023-08-08	2023-09-24 09:30:36	2023-09-24 09:30:36	1.7 kB	718 kB	172.67.27.250
hm.baidu.com	8254	1999-10-11	2012-05-26 10:38:45	2023-09-26 00:47:23	2.9 kB	43 kB	103.235.46.191
	unknown				3.3 kB	1.2 MB	85.208.116.132
587image.com:3188	unknown	unknown	No data	No data	422 B	54 kB	20.24.242.5
pic.xhumrknb.xyz	unknown	2023-07-25	2023-08-09 07:04:04	2023-09-26 11:03:13	433 B	516 kB	198.200.43.66
nxxzyimg.com	unknown	2023-03-04	2023-03-29 14:21:53	2023-09-20 01:07:23	10 kB	6.8 MB	166.0.195.111
www.5yyw.cn	unknown	2023-07-29	2019-01-23 17:28:07	2019-01-24 05:32:07	1.7 kB	4.6 kB	154.86.208.2
game168.top	unknown	2023-05-09	2020-06-29 02:26:50	2023-09-17 05:38:56	2.7 kB	254 kB	104.21.87.4
nxximg.com	unknown	2023-07-27	2023-08-04 17:47:05	2023-09-20 01:07:25	7.2 kB	784 kB	166.0.195.81
taiwtp1.com	unknown	2022-04-08	2022-04-08 09:06:08	2023-09-25 01:06:38	855 B	1.1 MB	220.128.218.220
imgsrc.baidu.com	78485	1999-10-11	2012-05-23 12:30:48	2023-09-25 13:20:49	469 B	51 kB	104.193.88.109
api.share.baidu.com	44629	1999-10-11	2013-04-25 16:45:11	2023-09-25 22:46:43	379 B	114 B	39.156.68.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-26 19:08:10	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-26	medium	xhumrknb.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	game168.top/	ScriptElement	1.7 kB	2023-09-26	2024-08-21
Pretty URL game168.top/ IP 104.21.87.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-26 20:09 Last Seen2024-08-21 05:42 Times Seen5 Hash 22ee26cae0fa2d54ab1f390858fae2d7 53ec745ede041fa79c8a430669a26106a7874069 78d646081a41ebee157f57bed7782da37a38cdc2ed33e24a7f15786b4f2656f9 Loading...

	hm.baidu.com/hm.js?f87907ecdd9f6db626a7e34aaba55e8d	ScriptElement	30 kB	2023-09-26	2023-09-26
Pretty URL hm.baidu.com/hm.js?f87907ecdd9f6db626a7e34aaba55e8d IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 21:08 Last Seen2023-09-26 21:08 Times Seen1 Hash 02bb17c3562c6a082921cd44d72fbcc7 75fc98fc3ef2d09cdfbbcc9509a4fd9200595ee3 aa280e0f03fa56e5195a2fd14ab54af364989412ecbd47f9272c40cc1d84f4f4 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-05-11 10:09 Times Seen34550 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	hm.baidu.com/hm.js?a913343dbdb5f7de1781112de321bef2	ScriptElement	30 kB	2023-09-26	2023-09-26
Pretty URL hm.baidu.com/hm.js?a913343dbdb5f7de1781112de321bef2 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 21:08 Last Seen2023-09-26 21:08 Times Seen1 Hash c76b5d7a1f2c5ef5f4eb5c1eeba98d83 a9bf8cad7c84af9a6efcef79d053d80cb7d59c58 fcfeed4f8adc511fae154dadcf4a975bed5e6146138ff6a3f19dc87a9dbaea3b Loading...

	unknown	Function	463 B	2024-08-21	2024-08-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen1 Hash 203232b48fca6a53aa3e9d60942cb48e 16ac5f3fb19ed5804946f3ac7f059d2b860c1c41 93838557d980577a1fa844f2467a84734d41858a77708388e00bd100f4ece96d Loading...

	www.5yyw.cn/config/203889906.exe	ScriptElement	54 B	2024-08-21	2024-08-21
Pretty URL www.5yyw.cn/config/203889906.exe IP 154.86.208.2 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen4 Hash 5983aabd436017ffbfeff8d61e4ea71f c7c3d07f93c047318bec37fe599e805e49418908 7b2b3f767ca681a2f3c43be569c2fac0e9e0526d6802e0e10863ef417fc702b4 Loading...

	game168.top/	ScriptElement	254 B	2024-08-21	2024-08-21
Pretty URL game168.top/ IP 104.21.87.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen4 Hash 103e09c4f6439977ea2f8ef5fb9663de 911cb0f0330bf07db0fa65ae5f48164952ee521b 0d6962fd1e3586627b8b9d73afbe7c4202e6a41703038a983a6e645c2d0bdf35 Loading...

	unknown	Function	463 B	2024-08-21	2024-08-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen1 Hash 9e92f00f1328fa1608469df21afaf75f a930ed79077a2387cdfd7db596f418d53f290590 e8174335b3bfa58d2702cc9465914942f6d3653ab55590a278836ec95a0f608d Loading...

	www.5yyw.cn/config/203889906.exe	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL www.5yyw.cn/config/203889906.exe IP 154.86.208.2 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 10:28 Times Seen4653318 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.5yyw.cn/common.js	ScriptElement	1.3 kB	2023-09-26	2023-09-26
Pretty URL www.5yyw.cn/common.js IP 154.86.208.2 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 20:09 Last Seen2023-09-26 21:08 Times Seen4 Hash 85b7e15823b19588254b1a9cf6b8ff99 cd9c3292e84676b437b1a065d1ab4c486e90669d 631f4f215946a15708248881aec11d0fb5e460fae1e9906d132d708f58e5bcc9 Loading...

	www.5yyw.cn/tj.js	ScriptElement	258 B	2023-09-26	2023-09-26
Pretty URL www.5yyw.cn/tj.js IP 154.86.208.2 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 20:09 Last Seen2023-09-26 21:08 Times Seen4 Hash b86c592d7ee4a99f7a23f73e010c85ec e0cdbd70a52ecdf0c0e72c244b6091a6e6abf7ec c716a50c21162f91e3fee03ab4ddc30631dbd4f7f314a8d2b0b8adede1c9117e Loading...

	push.zhanzhang.baidu.com/push.js	ScriptElement	281 B	2023-03-07	2025-05-11
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.94 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 10:01 Times Seen7763 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	hm.baidu.com/hm.js?da290f3d0640bfae8ea9a58402ee3ab3	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL hm.baidu.com/hm.js?da290f3d0640bfae8ea9a58402ee3ab3 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 10:28 Times Seen4653318 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	game168.top/	ScriptElement	254 B	2024-08-21	2024-08-21
Pretty URL game168.top/ IP 104.21.87.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen4 Hash b3d01e47e39d608363ad17cc381559b6 f2f5ed6e92a1720ef241c2f7977694b939b0d876 a9f1fd65e77d471d8eb057be98381fa61ca0fdd509f62a6d2dfa4fb8b8e513b3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 62e3e557a10b6db3633a5c7260e3eb3d	460 B	2024-08-21 05:42	2024-08-21 05:42
Pretty Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen4 Hash 62e3e557a10b6db3633a5c7260e3eb3d 330985f49005fe3d71ec945ff63ce638690feaa0 692c389814d31d78a0fb5e0186b5bba37b9dfa4c1f52033764eb5d58a49260f1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 734c68cb6e59e7e8676da0ccf1289291	441 B	2024-08-21 05:42	2024-08-21 05:42
Pretty Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen4 Hash 734c68cb6e59e7e8676da0ccf1289291 67d9930b6781cd4de122625b53be9cf0a2f84b48 98af0d76ef78d145a3f1af73a1d2aa81d45096853f5096cac966c490e9cf922b Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07 01:06	2025-05-02 06:41
Pretty Observations First Seen2023-03-07 01:06 Last Seen2025-05-02 06:41 Times Seen1605 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 78c3bc149c6a7c95cdcb56903aa26651	552 B	2023-09-26 20:09	2024-08-21 05:42
Pretty Observations First Seen2023-09-26 20:09 Last Seen2024-08-21 05:42 Times Seen5 Hash 78c3bc149c6a7c95cdcb56903aa26651 2400be1122fd882be7db7ab9f91552317fffecf0 08208f579a2207be1abd9fc62204aee842e852170e123ec315011ee65303573c Loading...

	#4 Write - 3c80fed105a6d1341beb68a40624a83c	542 B	2023-09-26 20:09	2024-08-21 05:42
Pretty Observations First Seen2023-09-26 20:09 Last Seen2024-08-21 05:42 Times Seen5 Hash 3c80fed105a6d1341beb68a40624a83c 234952bf6d4a9339d51dd6abe03522f55cc4ab7d f43efd4873690422a94ec0c6e27952bdaf8849351cb44c173ba376176c41e102 Loading...

HTTP Transactions (98)

URL IP Response Size

www.5yyw.cn/

154.86.208.2

807 B

URL
www.5yyw.cn/
IP
154.86.208.2:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
807 B (807 bytes)
Hash
d13bbb5cadb7e9bd1c600da01160997e
39d99309b7e64233f69443489c9de5db5b654911
55ced75a6f11d6a920ca9e2a717395c82c3457ea3c96b73a31973db215aec256

HTTP Headers

GET / HTTP/1.1
Host: www.5yyw.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:09 GMT
Content-Type: text/html
Content-Length: 807
Connection: keep-alive

www.5yyw.cn/config/203889906.exe

154.86.208.2

807 B

URL User Request GET
www.5yyw.cn/config/203889906.exe
IP
154.86.208.2:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
807 B (807 bytes)
Hash
d13bbb5cadb7e9bd1c600da01160997e
39d99309b7e64233f69443489c9de5db5b654911
55ced75a6f11d6a920ca9e2a717395c82c3457ea3c96b73a31973db215aec256

HTTP Headers

GET /config/203889906.exe HTTP/1.1
Host: www.5yyw.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:10 GMT
Content-Type: text/html
Content-Length: 807
Connection: keep-alive

www.5yyw.cn/common.js

154.86.208.2

200 OK

657 B

URL GET HTTP/1.1
www.5yyw.cn/common.js
IP
154.86.208.2:80
ASN
#134548 DXTL Tseung Kwan O Service

Requested by
http://www.5yyw.cn/config/203889906.exe

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
657 B (657 bytes)
Hash
85b7e15823b19588254b1a9cf6b8ff99
cd9c3292e84676b437b1a065d1ab4c486e90669d
631f4f215946a15708248881aec11d0fb5e460fae1e9906d132d708f58e5bcc9

HTTP Headers

GET /common.js HTTP/1.1
Host: www.5yyw.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/config/203889906.exe
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:10 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.5yyw.cn/tj.js

154.86.208.2

200 OK

258 B

URL GET HTTP/1.1
www.5yyw.cn/tj.js
IP
154.86.208.2:80
ASN
#134548 DXTL Tseung Kwan O Service

Requested by
http://www.5yyw.cn/config/203889906.exe

File type
ASCII text, with CRLF line terminators
Size
258 B (258 bytes)
Hash
b86c592d7ee4a99f7a23f73e010c85ec
e0cdbd70a52ecdf0c0e72c244b6091a6e6abf7ec
c716a50c21162f91e3fee03ab4ddc30631dbd4f7f314a8d2b0b8adede1c9117e

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.5yyw.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/config/203889906.exe
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:10 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive

push.zhanzhang.baidu.com/push.js

182.61.201.94

200 OK

227 B

URL GET HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.94:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://www.5yyw.cn/config/203889906.exe

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 26 Sep 2023 19:08:10 GMT
Etag: "4078521116"
Expires: Wed, 25 Sep 2024 19:08:10 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=2D0428624D927F1043496D4A8541DDC7:FG=1; max-age=31536000; expires=Wed, 25-Sep-24 19:08:10 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

www.5yyw.cn/favicon.ico

154.86.208.2

200 OK

1.2 kB

URL GET HTTP/1.1
www.5yyw.cn/favicon.ico
IP
154.86.208.2:80
ASN
#134548 DXTL Tseung Kwan O Service

Requested by
http://www.5yyw.cn/config/203889906.exe

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.5yyw.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/config/203889906.exe
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:11 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 01 Oct 2023 19:08:11 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

api.share.baidu.com/s.gif?l=http://www.5yyw.cn/config/203889906.exe

39.156.68.163

200 OK

0 B

URL GET HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.5yyw.cn/config/203889906.exe
IP
39.156.68.163:80
ASN
#9808 China Mobile Communications Group Co., Ltd.

Requested by
http://www.5yyw.cn/config/203889906.exe

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.5yyw.cn/config/203889906.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 26 Sep 2023 19:08:11 GMT

hm.baidu.com/hm.js?da290f3d0640bfae8ea9a58402ee3ab3

103.235.46.191

200 OK

0 B

URL GET HTTP/1.1
hm.baidu.com/hm.js?da290f3d0640bfae8ea9a58402ee3ab3
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://www.5yyw.cn/config/203889906.exe
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hm.js?da290f3d0640bfae8ea9a58402ee3ab3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Date: Tue, 26 Sep 2023 19:08:12 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: text/plain; charset=utf-8

game168.top/template/m1938/images/1.gif

104.21.87.4

200 OK

254 B

URL GET HTTP/3
game168.top/template/m1938/images/1.gif
IP
104.21.87.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectgame168.top
Fingerprint2C:B9:41:88:EE:05:F5:A4:D6:01:DD:46:25:4B:46:2F:E1:8B:8B:F6
ValiditySun, 17 Sep 2023 02:32:50 GMT - Sat, 16 Dec 2023 02:32:49 GMT

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938/images/1.gif HTTP/1.1
Host: game168.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 26 Sep 2023 19:08:12 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 03 May 2023 15:34:56 GMT
etag: "64527f20-fe"
expires: Tue, 24 Oct 2023 11:52:39 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 198933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOhc1nG0NewthI5P%2F7LCO2eSE89FfgpoRtdyt9Om9AFmrz8M1Yls%2FNLZsmZbP8G6wPJEifMIYn%2BfrvfFCO02vPGK8IMPcBuU7QPLfOFxAehJQ6yZkiKc1NkN8F%2B3Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80cdcb52d917b4f9-OSL
alt-svc: h3=":443"; ma=86400

game168.top/template/m1938/images/video-play.png

104.21.87.4

200 OK

1.6 kB

URL GET HTTP/3
game168.top/template/m1938/images/video-play.png
IP
104.21.87.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectgame168.top
Fingerprint2C:B9:41:88:EE:05:F5:A4:D6:01:DD:46:25:4B:46:2F:E1:8B:8B:F6
ValiditySun, 17 Sep 2023 02:32:50 GMT - Sat, 16 Dec 2023 02:32:49 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/m1938/images/video-play.png HTTP/1.1
Host: game168.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/template/m1938/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 26 Sep 2023 19:08:12 GMT
content-type: image/png
content-length: 1567
last-modified: Sat, 22 May 2021 20:07:20 GMT
etag: "60a96478-61f"
expires: Tue, 24 Oct 2023 11:52:39 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 198933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwhB%2B6PXnu8wxRlMnBck3gtw1eThpI1OWKsDvdunIEoXc5aIH0A%2F725LsWpD776PkyHu8rMGSj%2B8zGhDPRLYGKzZ038FDn7B7gv7Ej9Ga7ObgFRnRaXC%2FDsENqaTFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80cdcb545acbb4f9-OSL
alt-svc: h3=":443"; ma=86400

game168.top/template/m1938/css/ate.css

104.21.87.4

200 OK

103 kB

URL GET HTTP/3
game168.top/template/m1938/css/ate.css
IP
104.21.87.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectgame168.top
Fingerprint2C:B9:41:88:EE:05:F5:A4:D6:01:DD:46:25:4B:46:2F:E1:8B:8B:F6
ValiditySun, 17 Sep 2023 02:32:50 GMT - Sat, 16 Dec 2023 02:32:49 GMT

File type
ASCII text, with CRLF line terminators
Size
103 kB (103380 bytes)
Hash
c9d234b728c135b5282623cb8636e752
bf70825f227351dfeb2b0d0603ed18a088f5ab1e
b2ac1d6b7c51bee39a09c9073a0758c72f2d28a2170443d9e7fcd075259f428f

HTTP Headers

GET /template/m1938/css/ate.css HTTP/1.1
Host: game168.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 26 Sep 2023 19:08:12 GMT
content-type: text/css
last-modified: Fri, 23 Sep 2022 22:54:24 GMT
vary: Accept-Encoding
etag: W/"632e3920-12c0f"
expires: Wed, 27 Sep 2023 06:08:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPREVOqO7TcSI91xNq%2F2jAy9QIqRFTSiXuZsxni%2FQU9PZXwaWNUBq1rszJSJZYz1lxrTVsBXhTbbnp28B7cbxKGGqs6PDhmnytSbfgtEbtsEOHRZF7hLiHK0uoQtkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80cdcb52a8e2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
569b0a8c993474ed48a5cedfd4529d59
3289df171df5ae83598ef98563002e516939c4d2
b2b4e37a3f1092c369427e4596f53ad46a6e25c539fb5a81ed35639a25922aa5

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 26 Sep 2023 19:08:13 GMT
Connection: keep-alive
X-N: S

tp.xinxiyidiantong.com:5868/uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif

85.208.116.132

200 OK

36 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1000x200, components 3\012- data
Size
36 kB (36274 bytes)
Hash
7e5d039a1efc18bb7bea97fd777c69af
68ef09f74077052dcb97d54c3223d60b3cc8b571
49f4dac0c9655023462733d66e03a78de44377c97c6e1c78347a571f93696ba5

HTTP Headers

GET /uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/gif
Content-Length: 36274
Last-Modified: Wed, 19 Feb 2020 07:01:50 GMT
Connection: keep-alive
ETag: "5e4cdd5e-8db2"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
98a36b27da9833d2eb844da7c8e52a08
ed4b1368dd8d15cdf23ee40a2d0ec7129d9f8f01
ad4222ec002427e606075378a85b35d206ac711c856e850ed44776a70e03ddc1

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 26 Sep 2023 19:08:13 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
47d1d0d4a319b864b91651d32557bf9e
c80ddd9fba70b5e1198c036e5a601e7f14627619
fe37de441e95d15622eb99ca2b5219414d99f78ea9833445d99be13ab57a1fa4

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: UPDATING
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=871
Date: Tue, 26 Sep 2023 19:08:13 GMT
Connection: keep-alive

game168.top/template/m1938/css/zui.css

104.21.87.4

200 OK

34 kB

URL GET HTTP/3
game168.top/template/m1938/css/zui.css
IP
104.21.87.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectgame168.top
Fingerprint2C:B9:41:88:EE:05:F5:A4:D6:01:DD:46:25:4B:46:2F:E1:8B:8B:F6
ValiditySun, 17 Sep 2023 02:32:50 GMT - Sat, 16 Dec 2023 02:32:49 GMT

File type
assembler source, Unicode text, UTF-8 text
Size
34 kB (34219 bytes)
Hash
7b5a0650e21acf014072bd80c336cf66
8d05d047b84c2db8357a81fc23916a70ab86ccbf
1304be5b762ce7b56a664cf6e785eab6e84a2ff8a2973f4e27def4adc77b2f3d

HTTP Headers

GET /template/m1938/css/zui.css HTTP/1.1
Host: game168.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 26 Sep 2023 19:08:12 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 14:16:26 GMT
vary: Accept-Encoding
etag: W/"644bd53a-1b2c5"
expires: Wed, 27 Sep 2023 06:08:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyIvwOLheCPY%2BFax%2BIKtshG23aEXpi0T398NODqU9joWYpEADwrlmFOcpiWiPeDNJPr8RUkwSPXlV9GwciBOU6lun%2FwVZuLAUZn6BXDI%2FQL6vR4P8NgNYQ%2BtECEUCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80cdcb52a8e5b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hm.baidu.com/hm.js?a913343dbdb5f7de1781112de321bef2

103.235.46.191

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?a913343dbdb5f7de1781112de321bef2
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://game168.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
c76b5d7a1f2c5ef5f4eb5c1eeba98d83
a9bf8cad7c84af9a6efcef79d053d80cb7d59c58
fcfeed4f8adc511fae154dadcf4a975bed5e6146138ff6a3f19dc87a9dbaea3b

HTTP Headers

GET /hm.js?a913343dbdb5f7de1781112de321bef2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 26 Sep 2023 19:08:13 GMT
Etag: 277bd2a041efefbf4953b665fcbb33cb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F0487CDDADC877A7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
47d1d0d4a319b864b91651d32557bf9e
c80ddd9fba70b5e1198c036e5a601e7f14627619
fe37de441e95d15622eb99ca2b5219414d99f78ea9833445d99be13ab57a1fa4

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 26 Sep 2023 19:08:13 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
47d1d0d4a319b864b91651d32557bf9e
c80ddd9fba70b5e1198c036e5a601e7f14627619
fe37de441e95d15622eb99ca2b5219414d99f78ea9833445d99be13ab57a1fa4

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: UPDATING
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 26 Sep 2023 19:08:13 GMT
Connection: keep-alive

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
47d1d0d4a319b864b91651d32557bf9e
c80ddd9fba70b5e1198c036e5a601e7f14627619
fe37de441e95d15622eb99ca2b5219414d99f78ea9833445d99be13ab57a1fa4

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: UPDATING
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=883
Date: Tue, 26 Sep 2023 19:08:13 GMT
Connection: keep-alive

tp.xinxiyidiantong.com:5868/uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg

85.208.116.132

200 OK

130 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x200, components 3\012- data
Size
130 kB (130166 bytes)
Hash
eafed17c1fe2700860721ae8140eb2cb
0413f0641c22711164c2afe9371879939b8b0b75
cb9a226036421e9cf000f581d39f588909d796c0c1e6ad72a9d20fe0ca0ade96

HTTP Headers

GET /uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/jpeg
Content-Length: 130166
Last-Modified: Thu, 06 Oct 2022 15:53:07 GMT
Connection: keep-alive
ETag: "633ef9e3-1fc76"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/w2yv7gaw62ruwr45e84katad9rwob2w25kltscui.gif

85.208.116.132

200 OK

147 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/w2yv7gaw62ruwr45e84katad9rwob2w25kltscui.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
147 kB (147300 bytes)
Hash
fe2630f436d6054d633eed77c690cb04
3973acea65be0ccc75b8e1f35025599a2d3a05f8
914a9a3504f52008e94907997960f451a6ed001f8aaa95b444725f2a6200850b

HTTP Headers

GET /uploads/w2yv7gaw62ruwr45e84katad9rwob2w25kltscui.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/gif
Content-Length: 147300
Last-Modified: Thu, 06 Oct 2022 15:34:13 GMT
Connection: keep-alive
ETag: "633ef575-23f64"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png

85.208.116.132

200 OK

190 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
190 kB (189479 bytes)
Hash
b7d3386d8dec73589a373636029dc398
0c82d7bc365bd993fedb87ca7562be28ba29acdf
35f1c96a80e4059cda3efa1f9c4fcfe40e027e423dbfc8472a1b50d68fcd880b

HTTP Headers

GET /uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/png
Content-Length: 189479
Last-Modified: Thu, 06 Oct 2022 15:54:18 GMT
Connection: keep-alive
ETag: "633efa2a-2e427"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/tbd0y96vk5p68j99j7iib7205167td.jpg

85.208.116.132

200 OK

257 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/tbd0y96vk5p68j99j7iib7205167td.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
257 kB (257302 bytes)
Hash
da9e8671b27b7b4b1fdc87eeb75ee575
ca48bf5a63168889f502233c329f347b6268cb8c
2a00d43c8819ea8e3a1c59005794c338e5b9ef0a9971d7305d388613954b2dec

HTTP Headers

GET /uploads/tbd0y96vk5p68j99j7iib7205167td.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/jpeg
Content-Length: 257302
Last-Modified: Mon, 24 Apr 2023 11:53:50 GMT
Connection: keep-alive
ETag: "64466dce-3ed16"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/mA1qhe8QORmlYJ6vaKr25YXsAicF0fvcKPV6CKmu.gif

85.208.116.132

200 OK

165 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/mA1qhe8QORmlYJ6vaKr25YXsAicF0fvcKPV6CKmu.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
165 kB (164960 bytes)
Hash
9a8db4f5a23dde801a1f3bea4acc808e
cdcd782ee69d928d044bff94453657ac110ca2f6
0439e07b407e0264a9ba9f7bf910397f10c6670937e74e2d4edbc196fa8b4795

HTTP Headers

GET /uploads/mA1qhe8QORmlYJ6vaKr25YXsAicF0fvcKPV6CKmu.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/gif
Content-Length: 164960
Last-Modified: Thu, 06 Oct 2022 15:36:10 GMT
Connection: keep-alive
ETag: "633ef5ea-28460"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/loxhr6c3lkeebci08n65eocg1mgr4k.jpg

85.208.116.132

200 OK

235 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/loxhr6c3lkeebci08n65eocg1mgr4k.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
235 kB (235408 bytes)
Hash
db84f28dc85a2ebec9f3c92cd498fea0
4e8bd98d9b985548cb028193da5739e5af5044b5
9a23697eb71d44e730699d65f0a048682574cb08ce18115ff91c32c0c5a3505d

HTTP Headers

GET /uploads/loxhr6c3lkeebci08n65eocg1mgr4k.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/jpeg
Content-Length: 235408
Last-Modified: Mon, 10 Apr 2023 02:50:07 GMT
Connection: keep-alive
ETag: "6433795f-39790"
Expires: Thu, 26 Oct 2023 19:08:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
ed48971feefd7030e6a5e3c83d3817b4
cbf10543d1793b9d9e4a2d94a776ddb3e032b325
85f90ce7acc58fa5c8ab01c06c4ecab627066cafafa85d9dd590a40fd81a16db

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=870
Date: Tue, 26 Sep 2023 19:08:14 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
ed48971feefd7030e6a5e3c83d3817b4
cbf10543d1793b9d9e4a2d94a776ddb3e032b325
85f90ce7acc58fa5c8ab01c06c4ecab627066cafafa85d9dd590a40fd81a16db

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=870
Date: Tue, 26 Sep 2023 19:08:14 GMT
Connection: keep-alive
X-N: S

587image.com:3188/960x120.gif

20.24.242.5

200 OK

54 kB

URL GET HTTP/1.1
587image.com:3188/960x120.gif
IP
20.24.242.5:3188
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subject225image.com
Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED
ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
54 kB (53701 bytes)
Hash
1b0debb707f7274e95ae467969832663
7787ea12e377677eccfcbba7f7fc14b18602ddad
688c201ad0040278d8431382eeeb71ea318699cc7d4ccf167132e5818473d55f

HTTP Headers

GET /960x120.gif HTTP/1.1
Host: 587image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: image/gif
Content-Length: 53701
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 13:32:00 GMT
ETag: "639b21d0-d1c5"
Expires: Sat, 14 Oct 2023 14:23:19 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=495217024&si=f87907ecdd9f6db626a7e34aaba55e8d&su=http%3A%2F%2Fwww.5yyw.cn%2F&v=1.3.0&lv=1&sn=37169&r=0&ww=1280&u=https%3A%2F%2Fgame168.top%2F&tt=%E9%B2%8D%E9%B1%BC%E8%A7%86%E9%A2%91%2C%E9%B2%8D%E9%B1%BCTV%2C%E9%B2%8D%E9%B1%BCAV%2C%E9%B2%8D%E9%B1%BC%E5%BD%B1%E9%99%A2%2C%E9%B2%8D%E9%B1%BC%E7%9C%8B%E7%89%87%E7%BD%91%2C%E9%A6%96%E9%A1%B5

103.235.46.191

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=495217024&si=f87907ecdd9f6db626a7e34aaba55e8d&su=http%3A%2F%2Fwww.5yyw.cn%2F&v=1.3.0&lv=1&sn=37169&r=0&ww=1280&u=https%3A%2F%2Fgame168.top%2F&tt=%E9%B2%8D%E9%B1%BC%E8%A7%86%E9%A2%91%2C%E9%B2%8D%E9%B1%BCTV%2C%E9%B2%8D%E9%B1%BCAV%2C%E9%B2%8D%E9%B1%BC%E5%BD%B1%E9%99%A2%2C%E9%B2%8D%E9%B1%BC%E7%9C%8B%E7%89%87%E7%BD%91%2C%E9%A6%96%E9%A1%B5
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://game168.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=495217024&si=f87907ecdd9f6db626a7e34aaba55e8d&su=http%3A%2F%2Fwww.5yyw.cn%2F&v=1.3.0&lv=1&sn=37169&r=0&ww=1280&u=https%3A%2F%2Fgame168.top%2F&tt=%E9%B2%8D%E9%B1%BC%E8%A7%86%E9%A2%91%2C%E9%B2%8D%E9%B1%BCTV%2C%E9%B2%8D%E9%B1%BCAV%2C%E9%B2%8D%E9%B1%BC%E5%BD%B1%E9%99%A2%2C%E9%B2%8D%E9%B1%BC%E7%9C%8B%E7%89%87%E7%BD%91%2C%E9%A6%96%E9%A1%B5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 26 Sep 2023 19:08:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FE1BCEDBB92DD732; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
ed48971feefd7030e6a5e3c83d3817b4
cbf10543d1793b9d9e4a2d94a776ddb3e032b325
85f90ce7acc58fa5c8ab01c06c4ecab627066cafafa85d9dd590a40fd81a16db

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=870
Date: Tue, 26 Sep 2023 19:08:14 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
ed48971feefd7030e6a5e3c83d3817b4
cbf10543d1793b9d9e4a2d94a776ddb3e032b325
85f90ce7acc58fa5c8ab01c06c4ecab627066cafafa85d9dd590a40fd81a16db

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=870
Date: Tue, 26 Sep 2023 19:08:14 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

95.101.10.107

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
ed48971feefd7030e6a5e3c83d3817b4
cbf10543d1793b9d9e4a2d94a776ddb3e032b325
85f90ce7acc58fa5c8ab01c06c4ecab627066cafafa85d9dd590a40fd81a16db

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=870
Date: Tue, 26 Sep 2023 19:08:14 GMT
Connection: keep-alive
X-N: S

pic.xhumrknb.xyz/byys/kaiyuan960-120.gif

198.200.43.66

200 OK

516 kB

URL GET HTTP/2
pic.xhumrknb.xyz/byys/kaiyuan960-120.gif
IP
198.200.43.66:443
ASN
#54600 PEGTECHINC

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjectpic.xhumrknb.xyz
Fingerprint51:9D:57:67:AC:5A:EA:E1:13:05:FA:9E:0B:EA:8B:AB:B2:EC:D1:77
ValidityTue, 26 Sep 2023 08:02:20 GMT - Mon, 25 Dec 2023 08:02:19 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
516 kB (516018 bytes)
Hash
b0509a412080c37ae8063d2d84b154c4
6144e0aa1d298e01e256ccf458097235b1db29b6
af89d7058b076dbc734098311c2809de3be061e9194b79fbafc9c51b7b0c3f30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /byys/kaiyuan960-120.gif HTTP/1.1
Host: pic.xhumrknb.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Tue, 26 Sep 2023 18:08:38 GMT
etag: "1695753155"
expires: Thu, 26 Oct 2023 18:08:38 GMT
last-modified: Tue, 26 Sep 2023 18:32:35 GMT
server: nginx
x-cache: HIT, server, memory
content-length: 516018
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=358988039&si=a913343dbdb5f7de1781112de321bef2&su=http%3A%2F%2Fwww.5yyw.cn%2F&v=1.3.0&lv=1&sn=37169&r=0&ww=1280&u=https%3A%2F%2Fgame168.top%2F&tt=%E9%B2%8D%E9%B1%BC%E8%A7%86%E9%A2%91%2C%E9%B2%8D%E9%B1%BCTV%2C%E9%B2%8D%E9%B1%BCAV%2C%E9%B2%8D%E9%B1%BC%E5%BD%B1%E9%99%A2%2C%E9%B2%8D%E9%B1%BC%E7%9C%8B%E7%89%87%E7%BD%91%2C%E9%A6%96%E9%A1%B5

103.235.46.191

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=358988039&si=a913343dbdb5f7de1781112de321bef2&su=http%3A%2F%2Fwww.5yyw.cn%2F&v=1.3.0&lv=1&sn=37169&r=0&ww=1280&u=https%3A%2F%2Fgame168.top%2F&tt=%E9%B2%8D%E9%B1%BC%E8%A7%86%E9%A2%91%2C%E9%B2%8D%E9%B1%BCTV%2C%E9%B2%8D%E9%B1%BCAV%2C%E9%B2%8D%E9%B1%BC%E5%BD%B1%E9%99%A2%2C%E9%B2%8D%E9%B1%BC%E7%9C%8B%E7%89%87%E7%BD%91%2C%E9%A6%96%E9%A1%B5
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://game168.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=358988039&si=a913343dbdb5f7de1781112de321bef2&su=http%3A%2F%2Fwww.5yyw.cn%2F&v=1.3.0&lv=1&sn=37169&r=0&ww=1280&u=https%3A%2F%2Fgame168.top%2F&tt=%E9%B2%8D%E9%B1%BC%E8%A7%86%E9%A2%91%2C%E9%B2%8D%E9%B1%BCTV%2C%E9%B2%8D%E9%B1%BCAV%2C%E9%B2%8D%E9%B1%BC%E5%BD%B1%E9%99%A2%2C%E9%B2%8D%E9%B1%BC%E7%9C%8B%E7%89%87%E7%BD%91%2C%E9%A6%96%E9%A1%B5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 26 Sep 2023 19:08:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C1BDE5F8C57D5790; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

nxxzyimg.com/20230312/4qgTBuLi/1.jpg?t=1679994196

166.0.195.111

200 OK

44 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/4qgTBuLi/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
44 kB (44084 bytes)
Hash
3aa2e05d0605a63c2e9e098dac84f0bf
b423ce5a9544047fc48350996608cf22ec84a892
2a832809743214e52addb43c285aa321392e84311328b7bf6cae1367463cfd32

HTTP Headers

GET /20230312/4qgTBuLi/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 44084
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:27 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192aeb-ac34"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxximg.com/20230925/RJt7oW9C/1.jpg?t=1695626108

166.0.195.81

200 OK

13 kB

URL GET HTTP/2
nxximg.com/20230925/RJt7oW9C/1.jpg?t=1695626108
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x225, components 3\012- data
Size
13 kB (13208 bytes)
Hash
3815c16903cb9959289157c216b87dc4
7e2729c2ca5eac26640c9fbc183b15b4bfacc99b
6a69ec78ddb9addff8103fe66531f02e6439fbfe0381cdcee88d5faccf42e226

HTTP Headers

GET /20230925/RJt7oW9C/1.jpg?t=1695626108 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 13208
last-modified: Tue, 26 Sep 2023 03:11:07 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124bcb-3398"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxxzyimg.com/20230312/ckDoH7XS/1.jpg?t=1679994196

166.0.195.111

200 OK

60 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/ckDoH7XS/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
60 kB (59619 bytes)
Hash
57869afea6a0acbdbe92ee3a1cc0c762
b942e234e36b5168b5eefdfff857e50918ddba3f
b52efbbc55dfb3f83f126d93df8dd2faa6365d710e3808d1f80b10154323a7ff

HTTP Headers

GET /20230312/ckDoH7XS/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 59619
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:21 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192ae5-e8e3"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

img.1379a.xyz/images/64ad519cc789ac3b7abc4494.gif

3.36.126.81

302 Found

0 B

URL GET HTTP/2
img.1379a.xyz/images/64ad519cc789ac3b7abc4494.gif
IP
3.36.126.81:443
ASN
#16509 AMAZON-02

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subject1379a.xyz
FingerprintBB:FB:C7:6D:53:7D:DC:9B:DB:72:46:57:0D:B0:DF:B5:B9:EC:EC:3F
ValidityTue, 18 Jul 2023 15:16:23 GMT - Mon, 16 Oct 2023 15:16:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/64ad519cc789ac3b7abc4494.gif HTTP/1.1
Host: img.1379a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://files.230808.top/store/loveimgmoe/44/94/64ad519cc789ac3b7abc4494.gif
X-Firefox-Spdy: h2

nxxzyimg.com/20230312/fjeAjeSY/1.jpg?t=1679994196

166.0.195.111

200 OK

141 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/fjeAjeSY/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1012, components 3\012- data
Size
141 kB (141357 bytes)
Hash
904ff5cd709e7f9f886fea5139eacbf5
e01dd57d31ae94aa59d2da43b82f3901ba13f0b7
02adda392ff6ce0889802b2f3517d8d973541c7eb4250a0f8a30f671d9867a08

HTTP Headers

GET /20230312/fjeAjeSY/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: application/octet-stream
Content-Length: 141357
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:17 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192ae1-2282d"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

img.1379a.xyz/images/64c8cc903b631af06e9125fb.gif

3.36.126.81

302 Found

0 B

URL GET HTTP/2
img.1379a.xyz/images/64c8cc903b631af06e9125fb.gif
IP
3.36.126.81:443
ASN
#16509 AMAZON-02

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subject1379a.xyz
FingerprintBB:FB:C7:6D:53:7D:DC:9B:DB:72:46:57:0D:B0:DF:B5:B9:EC:EC:3F
ValidityTue, 18 Jul 2023 15:16:23 GMT - Mon, 16 Oct 2023 15:16:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/64c8cc903b631af06e9125fb.gif HTTP/1.1
Host: img.1379a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://files.230808.top/store/loveimgmoe/44/98/64ad519ec789ac3b7abc4498.gif
X-Firefox-Spdy: h2

img.1379a.xyz/images/649be5c44f60bc44cdef5c31.gif

3.36.126.81

302 Found

0 B

URL GET HTTP/2
img.1379a.xyz/images/649be5c44f60bc44cdef5c31.gif
IP
3.36.126.81:443
ASN
#16509 AMAZON-02

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subject1379a.xyz
FingerprintBB:FB:C7:6D:53:7D:DC:9B:DB:72:46:57:0D:B0:DF:B5:B9:EC:EC:3F
ValidityTue, 18 Jul 2023 15:16:23 GMT - Mon, 16 Oct 2023 15:16:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/649be5c44f60bc44cdef5c31.gif HTTP/1.1
Host: img.1379a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://files.230808.top/store/loveimgmoe/5c/31/649be5c44f60bc44cdef5c31.gif
X-Firefox-Spdy: h2

img.1379a.xyz/images/64c8d34e3b631af06e9125fc.gif

3.36.126.81

302 Found

0 B

URL GET HTTP/2
img.1379a.xyz/images/64c8d34e3b631af06e9125fc.gif
IP
3.36.126.81:443
ASN
#16509 AMAZON-02

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subject1379a.xyz
FingerprintBB:FB:C7:6D:53:7D:DC:9B:DB:72:46:57:0D:B0:DF:B5:B9:EC:EC:3F
ValidityTue, 18 Jul 2023 15:16:23 GMT - Mon, 16 Oct 2023 15:16:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/64c8d34e3b631af06e9125fc.gif HTTP/1.1
Host: img.1379a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://files.230808.top/store/loveimgmoe/44/96/64ad519dc789ac3b7abc4496.gif
X-Firefox-Spdy: h2

nxxzyimg.com/20230312/g4XWIgrB/1.jpg?t=1679994196

166.0.195.111

200 OK

105 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/g4XWIgrB/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1890x1063, components 3\012- data
Size
105 kB (104992 bytes)
Hash
b01b8602f8f0b8a59762ba69cfd780a1
534e610a8fbfc544ee3b0d8bc33c433f54804e2a
7bed43c07b72dddf00ce56d455f3bf3063d546849ba5bbe57503123fc7c1a113

HTTP Headers

GET /20230312/g4XWIgrB/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 104992
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:12 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192adc-19a20"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230312/Sck4WQyf/1.jpg?t=1679994196

166.0.195.111

200 OK

143 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/Sck4WQyf/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1890x1063, components 3\012- data
Size
143 kB (143146 bytes)
Hash
d0db3b87b91c1df9e0d6d56bc92350c6
10381a697cc62b30c2153225a257c9fa407e3bbd
edc04e24e5f81c201e31861a75a76f6719c901647cf3633212fdd946cb664eb5

HTTP Headers

GET /20230312/Sck4WQyf/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 143146
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:15 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192adf-22f2a"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230312/pYXuuHLQ/1.jpg?t=1679994196

166.0.195.111

200 OK

79 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/pYXuuHLQ/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
79 kB (79167 bytes)
Hash
c9641230ad77fc45deb9686b71d1956d
fe7bef895ec673dce28052543bc620ee10ca7926
c13b18fa9ac02051905a0596c736f304fecb7207079778edd9d2626d36fe5089

HTTP Headers

GET /20230312/pYXuuHLQ/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 79167
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:32 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192af0-1353f"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230312/yN1IW1e5/1.jpg?t=1679990529

166.0.195.111

200 OK

69 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/yN1IW1e5/1.jpg?t=1679990529
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
69 kB (68920 bytes)
Hash
ad9f378d5106e950819dd9cee4620f97
e21e92807622413d601301814054657b05c5b60a
5c179f8de2ff8ac17e973c9a89366930f6830d32fea6b51910169e1764a87911

HTTP Headers

GET /20230312/yN1IW1e5/1.jpg?t=1679990529 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 68920
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:43 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192afb-10d38"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230312/0BtmIdSK/1.jpg?t=1679994197

166.0.195.111

200 OK

48 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/0BtmIdSK/1.jpg?t=1679994197
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
48 kB (47933 bytes)
Hash
537a7f7adc2692d9508f1e542fd42a89
ca12f6c543e96ea5f662ec0be4d3d479c870593d
a1977a13d586490ce7490c3e77ae9d4d1d814e693badfb95e9cf808e612c1c26

HTTP Headers

GET /20230312/0BtmIdSK/1.jpg?t=1679994197 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 47933
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:42 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192afa-bb3d"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxximg.com/20230925/Fmo29Cti/1.jpg?t=1695626317

166.0.195.81

200 OK

65 kB

URL GET HTTP/2
nxximg.com/20230925/Fmo29Cti/1.jpg?t=1695626317
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 14373-9792, spot sensor temperature 0.000000, unit fahrenheit, color scheme 8, show spot sensor, minimum point enabled, calibration: offset 0.000000, slope 0.004982\012- data
Size
65 kB (65181 bytes)
Hash
1d80eb65869c9081bc6a74902b75ab25
eff58b22b8a360375a6166ade75ffd57d9c211f1
27b2a9da73d3ff0fc8d4b1a4801add4d98c16ed5ed39696e52fd965a0b438075

HTTP Headers

GET /20230925/Fmo29Cti/1.jpg?t=1695626317 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 65181
last-modified: Tue, 26 Sep 2023 03:09:12 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b58-fe9d"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxxzyimg.com/20230312/PyK5cPZy/1.jpg?t=1679994196

166.0.195.111

200 OK

70 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/PyK5cPZy/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, progressive, precision 8, 700x394, components 3\012- data
Size
70 kB (70448 bytes)
Hash
1a29f6b358e78a8b252a1d3e425ef52a
76716450891e71ebe4f44f48c1220e2c705c7f94
0005607537155e69c922db1b4f007bb16aa68a18577be4ba53ebfad2f0cc54c8

HTTP Headers

GET /20230312/PyK5cPZy/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 70448
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:32 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192af0-11330"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230312/1vREwdeA/1.jpg?t=1679994197

166.0.195.111

200 OK

144 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/1vREwdeA/1.jpg?t=1679994197
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
144 kB (144465 bytes)
Hash
b34f3edd7b00e51996045c7f71dd8f1b
034973f9d7718f51d13ab0562885188fe9774ddd
10d5c273253db059190449ee1f209493bca03d06844a28b3803b9ba2a3311898

HTTP Headers

GET /20230312/1vREwdeA/1.jpg?t=1679994197 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 144465
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:41 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192af9-23451"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxximg.com/20230925/Fr0b1VTk/1.jpg?t=1695626329

166.0.195.81

200 OK

42 kB

URL GET HTTP/2
nxximg.com/20230925/Fr0b1VTk/1.jpg?t=1695626329
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Size
42 kB (41642 bytes)
Hash
fca43623a4c952a01df6d978816b126c
6e43c9b3ae0da8101ffc582a94d7e3b9c5218675
3cbe4ff53327c02c16e62c7de570f43d4cae86ff94e12645b66856f1d18f06f3

HTTP Headers

GET /20230925/Fr0b1VTk/1.jpg?t=1695626329 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 41642
last-modified: Tue, 26 Sep 2023 03:09:17 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b5d-a2aa"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230925/ADWD8lpM/1.jpg?t=1695626074

166.0.195.81

200 OK

16 kB

URL GET HTTP/2
nxximg.com/20230925/ADWD8lpM/1.jpg?t=1695626074
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x225, components 3\012- data
Size
16 kB (15556 bytes)
Hash
965379ae3d5c194e656a4b2f41846996
335637f7c1e266704a7300f130f5b34697bbf470
a4c290f5240608d6986a53f14f6c0ad8fad9c41853e206703bde5cbab370e833

HTTP Headers

GET /20230925/ADWD8lpM/1.jpg?t=1695626074 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 15556
last-modified: Tue, 26 Sep 2023 03:11:08 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124bcc-3cc4"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230925/w3n1Rgja/1.jpg?t=1695625897

166.0.195.81

200 OK

14 kB

URL GET HTTP/2
nxximg.com/20230925/w3n1Rgja/1.jpg?t=1695625897
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x225, components 3\012- data
Size
14 kB (14302 bytes)
Hash
d10862acecac7145a689f1f94b7f8679
4061bf456e3ff190191773c45a8bc909b42c9b15
7c0fefb1ecc391152054af0580beb2b3036f9ce37acc60314b28658a309a03e2

HTTP Headers

GET /20230925/w3n1Rgja/1.jpg?t=1695625897 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 14302
last-modified: Tue, 26 Sep 2023 03:11:07 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124bcb-37de"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230925/UHFVwaEL/1.jpg?t=1695625856

166.0.195.81

200 OK

16 kB

URL GET HTTP/2
nxximg.com/20230925/UHFVwaEL/1.jpg?t=1695625856
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x225, components 3\012- data
Size
16 kB (15998 bytes)
Hash
f008cd1a45b551051687110a670ec47a
2f26e61592e1bd35a508c130b44d18529619f205
d36485e4324d48afcbe58705155b775b0231bd58f5a5f7b7fcc3a0d2d01fb9f2

HTTP Headers

GET /20230925/UHFVwaEL/1.jpg?t=1695625856 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 15998
last-modified: Tue, 26 Sep 2023 03:11:09 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124bcd-3e7e"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

files.230808.top/store/loveimgmoe/44/98/64ad519ec789ac3b7abc4498.gif

172.67.27.250

200 OK

55 kB

URL GET HTTP/2
files.230808.top/store/loveimgmoe/44/98/64ad519ec789ac3b7abc4498.gif
IP
172.67.27.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectfiles.230808.top
Fingerprint40:63:ED:76:8D:B4:C8:FA:B8:8B:9C:00:C7:8B:2E:33:ED:18:D8:C4
ValidityThu, 14 Sep 2023 05:25:15 GMT - Wed, 13 Dec 2023 05:25:14 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
55 kB (55284 bytes)
Hash
9f70ddd716efe1a0101efc7f23563bb7
df63e81983a6672753ed773c12c13b09aab70a65
56736f883e73f213b86bae8a2104b5ce743adf9ba985cc730823abd934da3220

HTTP Headers

GET /store/loveimgmoe/44/98/64ad519ec789ac3b7abc4498.gif HTTP/1.1
Host: files.230808.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 19:08:15 GMT
content-type: image/gif
content-length: 55284
vary: Origin, Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
last-modified: Tue, 11 Jul 2023 12:57:39 GMT
cf-cache-status: HIT
age: 21507
accept-ranges: bytes
server: cloudflare
cf-ray: 80cdcb627c9fb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nxximg.com/20230925/WFNcEHz2/1.jpg?t=1695625872

166.0.195.81

200 OK

50 kB

URL GET HTTP/2
nxximg.com/20230925/WFNcEHz2/1.jpg?t=1695625872
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Size
50 kB (50218 bytes)
Hash
7675fae3142e0125f6bb05b95c9306c9
1db18c35e7b7a432a50dd0f645502e9a5dbaf2a7
cd3f66a9ec385a1c7d2adc94dc951708d636af576c067cbef36d10869db7af2d

HTTP Headers

GET /20230925/WFNcEHz2/1.jpg?t=1695625872 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 50218
last-modified: Tue, 26 Sep 2023 03:09:13 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b59-c42a"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

files.230808.top/store/loveimgmoe/44/94/64ad519cc789ac3b7abc4494.gif

172.67.27.250

200 OK

101 kB

URL GET HTTP/2
files.230808.top/store/loveimgmoe/44/94/64ad519cc789ac3b7abc4494.gif
IP
172.67.27.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectfiles.230808.top
Fingerprint40:63:ED:76:8D:B4:C8:FA:B8:8B:9C:00:C7:8B:2E:33:ED:18:D8:C4
ValidityThu, 14 Sep 2023 05:25:15 GMT - Wed, 13 Dec 2023 05:25:14 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
101 kB (101312 bytes)
Hash
62a84f9def651419f1984c7b438cb6af
2271568da294c340f938d9cb0ae92a8a73906880
f971e69e726ffaf9d10288b64c422f3dbe6b9e5fbe8fb48cf8245921e0b33c63

HTTP Headers

GET /store/loveimgmoe/44/94/64ad519cc789ac3b7abc4494.gif HTTP/1.1
Host: files.230808.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 19:08:15 GMT
content-type: image/gif
content-length: 101312
vary: Origin, Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
last-modified: Tue, 11 Jul 2023 12:57:31 GMT
cf-cache-status: HIT
age: 15177
accept-ranges: bytes
server: cloudflare
cf-ray: 80cdcb628cb0b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

taiwtp1.com/xin/960240.gif

220.128.218.220

200 OK

436 kB

URL GET HTTP/2
taiwtp1.com/xin/960240.gif
IP
220.128.218.220:443
ASN
#3462 Data Communication Business Group

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttaiwtp1.com
Fingerprint07:97:5D:FB:58:5B:94:F3:64:BE:D5:B0:AB:11:2D:AC:73:5B:24:C2
ValidityWed, 30 Aug 2023 16:39:56 GMT - Tue, 28 Nov 2023 16:39:55 GMT

File type
GIF image data, version 89a, 960 x 240\012- data
Size
436 kB (436473 bytes)
Hash
732bd86d0a1c250c8ee8f6ebf30d358e
9f8ec516e191af6504caead933e550627ed80af9
8f3edf67a76ef4c9b72fe1dc842ec813009e0fd7bb1945c96d564eb385d068ee

HTTP Headers

GET /xin/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 18:58:42 GMT
content-type: image/gif
content-length: 436473
last-modified: Thu, 20 Oct 2022 07:11:15 GMT
etag: "6350f493-6a8f9"
expires: Thu, 26 Oct 2023 18:58:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230925/Xgxcm89A/1.jpg?t=1695626287

166.0.195.81

200 OK

46 kB

URL GET HTTP/2
nxximg.com/20230925/Xgxcm89A/1.jpg?t=1695626287
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Size
46 kB (46298 bytes)
Hash
7bda40f2860ae3b1b9c5aab040eff307
d49363ab611fe91911c5c8cd615149c706bf50d0
5eee014c38a197ddb3f19d4fd9d7e5f9ccbbc8d174f78e6abd868f3f8c133f36

HTTP Headers

GET /20230925/Xgxcm89A/1.jpg?t=1695626287 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 46298
last-modified: Tue, 26 Sep 2023 03:09:14 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b5a-b4da"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

files.230808.top/store/loveimgmoe/44/96/64ad519dc789ac3b7abc4496.gif

172.67.27.250

200 OK

358 kB

URL GET HTTP/2
files.230808.top/store/loveimgmoe/44/96/64ad519dc789ac3b7abc4496.gif
IP
172.67.27.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectfiles.230808.top
Fingerprint40:63:ED:76:8D:B4:C8:FA:B8:8B:9C:00:C7:8B:2E:33:ED:18:D8:C4
ValidityThu, 14 Sep 2023 05:25:15 GMT - Wed, 13 Dec 2023 05:25:14 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
358 kB (358142 bytes)
Hash
0319cff8fbdcb7b7c833bc87124bbee7
4421be1473298511ebeb8d467f7c06e7600feb92
d7baf64c7694d1fd420a859f482b33b1a5472ee94442a7354bcb577a28fa8ef2

HTTP Headers

GET /store/loveimgmoe/44/96/64ad519dc789ac3b7abc4496.gif HTTP/1.1
Host: files.230808.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 19:08:15 GMT
content-type: image/gif
content-length: 358142
vary: Origin, Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
last-modified: Tue, 11 Jul 2023 12:57:53 GMT
cf-cache-status: HIT
age: 23739
accept-ranges: bytes
server: cloudflare
cf-ray: 80cdcb627ca5b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nxximg.com/20230922/qeILjafa/1.jpg?t=1695369886

166.0.195.81

200 OK

19 kB

URL GET HTTP/2
nxximg.com/20230922/qeILjafa/1.jpg?t=1695369886
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x223, components 3\012- data
Size
19 kB (18903 bytes)
Hash
134b7ac87323cb8164ff211d0dabbab1
aa53e0abf80f31568eba8d5c5620574902aabf29
83fbcaed94931de55dc7ee8584cc38fdb3e4cae18b0668fbe79033c9e081298b

HTTP Headers

GET /20230922/qeILjafa/1.jpg?t=1695369886 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 18903
last-modified: Sat, 23 Sep 2023 06:40:45 GMT
content-disposition: attachment; filename="1.jpg"
etag: "650e886d-49d7"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230922/Wyp2k1Ut/1.jpg?t=1695369989

166.0.195.81

200 OK

22 kB

URL GET HTTP/2
nxximg.com/20230922/Wyp2k1Ut/1.jpg?t=1695369989
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x225, components 3\012- data
Size
22 kB (21998 bytes)
Hash
38ef296371cff5dda06172b9694c968e
e2863a1e09c0ddb3e7537c14081999fe885906e3
ec364bf56baaf8e8e3ed53ce41241a564fcce67959d91f271a157b0c763c131e

HTTP Headers

GET /20230922/Wyp2k1Ut/1.jpg?t=1695369989 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 21998
last-modified: Sat, 23 Sep 2023 06:40:42 GMT
content-disposition: attachment; filename="1.jpg"
etag: "650e886a-55ee"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxxzyimg.com/20230421/ymNZhgZ3/1.jpg?t=1682064611

166.0.195.111

200 OK

219 kB

URL GET HTTP/1.1
nxxzyimg.com/20230421/ymNZhgZ3/1.jpg?t=1682064611
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x900, components 3\012- data
Size
219 kB (218722 bytes)
Hash
50ae2052cbd73c3f213a227578cd084e
2c8da6ac08064ab7dc1f47902e171387fc32825e
9f237472a623f209112eedc1d239310011541db73df0ae687e0e8a5c6071af6f

HTTP Headers

GET /20230421/ymNZhgZ3/1.jpg?t=1682064611 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 218722
Connection: keep-alive
Last-Modified: Sat, 22 Apr 2023 14:14:57 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "6443ebe1-35662"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230421/82sVbtyl/1.jpg?t=1682064661

166.0.195.111

200 OK

154 kB

URL GET HTTP/1.1
nxxzyimg.com/20230421/82sVbtyl/1.jpg?t=1682064661
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 1000x562, components 3\012- data
Size
154 kB (154209 bytes)
Hash
749b429e11e2d2fa82830a8f35a70c84
2f21902b53dcf03b1f35ad8315f88283591648d4
80a94ef666931b4c09897493b50688cb8e1fd4e916eabafe5c6ece592c5789e0

HTTP Headers

GET /20230421/82sVbtyl/1.jpg?t=1682064661 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 154209
Connection: keep-alive
Last-Modified: Sat, 22 Apr 2023 14:15:02 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "6443ebe6-25a61"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

files.230808.top/store/loveimgmoe/5c/31/649be5c44f60bc44cdef5c31.gif

172.67.27.250

200 OK

202 kB

URL GET HTTP/2
files.230808.top/store/loveimgmoe/5c/31/649be5c44f60bc44cdef5c31.gif
IP
172.67.27.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectfiles.230808.top
Fingerprint40:63:ED:76:8D:B4:C8:FA:B8:8B:9C:00:C7:8B:2E:33:ED:18:D8:C4
ValidityThu, 14 Sep 2023 05:25:15 GMT - Wed, 13 Dec 2023 05:25:14 GMT

File type
GIF image data, version 89a, 640 x 350\012- data
Size
202 kB (201858 bytes)
Hash
6210b461bf512d3b2d853302a7beb4d0
be1a5762e312ee8e306dee9a9723f270bdbf2426
6b8a34df116b60cddf8ff499577b1d1d92986f6c98d2d9ba26381a2aa1ed3d22

HTTP Headers

GET /store/loveimgmoe/5c/31/649be5c44f60bc44cdef5c31.gif HTTP/1.1
Host: files.230808.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 19:08:15 GMT
content-type: image/gif
content-length: 201858
vary: Origin, Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
last-modified: Wed, 28 Jun 2023 07:48:28 GMT
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 80cdcb625c86b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nxximg.com/20230922/oj3lY7An/1.jpg?t=1695370102

166.0.195.81

200 OK

20 kB

URL GET HTTP/2
nxximg.com/20230922/oj3lY7An/1.jpg?t=1695370102
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 399x225, components 3\012- data
Size
20 kB (19667 bytes)
Hash
ed2c39ab4f15709f0d8016116dbb62fe
0e3ee5fd88b403e492644fce1acc9c27fa0a170f
636ac4f71af4e46b814cb454d3cbe3aaa4c787c52ce6e22c6146bc8a01f20e57

HTTP Headers

GET /20230922/oj3lY7An/1.jpg?t=1695370102 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 19667
last-modified: Sat, 23 Sep 2023 06:40:45 GMT
content-disposition: attachment; filename="1.jpg"
etag: "650e886d-4cd3"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230922/jUSePfG6/1.jpg?t=1695370573

166.0.195.81

200 OK

14 kB

URL GET HTTP/2
nxximg.com/20230922/jUSePfG6/1.jpg?t=1695370573
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 398x225, components 3\012- data
Size
14 kB (14419 bytes)
Hash
e41170f26a41cd651d7a119f173833d4
e3f637a8762474141f8817627adafa22e4348c11
ca9b1d5f9c25c6db2890ce44c9dd31b950f8ec0e4607cfbd86d79a98f4080087

HTTP Headers

GET /20230922/jUSePfG6/1.jpg?t=1695370573 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 14419
last-modified: Sat, 23 Sep 2023 06:40:43 GMT
content-disposition: attachment; filename="1.jpg"
etag: "650e886b-3853"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxxzyimg.com/20230312/nzHMZT7F/1.jpg?t=1679994197

166.0.195.111

200 OK

221 kB

URL GET HTTP/1.1
nxxzyimg.com/20230312/nzHMZT7F/1.jpg?t=1679994197
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, baseline, precision 8, 700x394, components 3\012- data
Size
221 kB (221040 bytes)
Hash
af78cc3d7ab835f56e1d6d56dadf4dd7
b7c19a57e6fee84b56ab29b1ebc05436a4f3acc1
df8ead34fe4b2132d9e747e28936bf79396d7acf7e00c318beb12352830e371a

HTTP Headers

GET /20230312/nzHMZT7F/1.jpg?t=1679994197 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:14 GMT
Content-Type: application/octet-stream
Content-Length: 221040
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:36 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192af4-35f70"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230312/iSWDJx5D/1.jpg?t=1679994196

166.0.195.111

200 OK

1.9 MB

URL GET HTTP/1.1
nxxzyimg.com/20230312/iSWDJx5D/1.jpg?t=1679994196
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, progressive, precision 8, 3000x1733, components 3\012- data
Size
1.9 MB (1903444 bytes)
Hash
d35a6b8512e20396cc19209625b0cda5
a63add504afb39048d0987ee31a9da2ddbf3f2e8
5c93f71b7e26509c2a49b9997a117e31793f609f3d5ff03916847913b77f36d9

HTTP Headers

GET /20230312/iSWDJx5D/1.jpg?t=1679994196 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:13 GMT
Content-Type: application/octet-stream
Content-Length: 1903444
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:56:11 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192adb-1d0b54"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230421/OYUQGYuS/1.jpg?t=1682064902

166.0.195.111

200 OK

255 kB

URL GET HTTP/1.1
nxxzyimg.com/20230421/OYUQGYuS/1.jpg?t=1682064902
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x900, components 3\012- data
Size
255 kB (255126 bytes)
Hash
accb76c0e5badcd24876c8656e33bfd2
87ae2643afea317505d1912f7b2411d1a080078a
dad6dbf8f7d9d5231ab4c1bec6310445b4c0588875f82df75256c512a7bfcd36

HTTP Headers

GET /20230421/OYUQGYuS/1.jpg?t=1682064902 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 255126
Connection: keep-alive
Last-Modified: Sat, 22 Apr 2023 14:14:58 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "6443ebe2-3e496"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxximg.com/20230925/9QQOpT5l/1.jpg?t=1695627208

166.0.195.81

200 OK

24 kB

URL GET HTTP/2
nxximg.com/20230925/9QQOpT5l/1.jpg?t=1695627208
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x288, components 3\012- data
Size
24 kB (24057 bytes)
Hash
d2595e8fbe388515a383c141da23cb85
31eb9cdb3178380000d8b7de8a2eacd08994b138
15f5cb38962f8d988f179cbefc79e399de3a610e087970dbabbd33399dba5014

HTTP Headers

GET /20230925/9QQOpT5l/1.jpg?t=1695627208 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 24057
last-modified: Tue, 26 Sep 2023 03:09:08 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b54-5df9"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

taiwtp1.com/xin/200200sas.gif

220.128.218.220

200 OK

694 kB

URL GET HTTP/2
taiwtp1.com/xin/200200sas.gif
IP
220.128.218.220:443
ASN
#3462 Data Communication Business Group

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjecttaiwtp1.com
Fingerprint07:97:5D:FB:58:5B:94:F3:64:BE:D5:B0:AB:11:2D:AC:73:5B:24:C2
ValidityWed, 30 Aug 2023 16:39:56 GMT - Tue, 28 Nov 2023 16:39:55 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
694 kB (693471 bytes)
Hash
e6ff7b0afb00d39bca2032b100e871ec
f3da5b9bd4d1769ed482bf6f23c3b05ded824d63
41d7266ed35337d77b04bad32c7ec3c4b44e7a1707f6c6f21c8e6bc4c9f3f252

HTTP Headers

GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 18:58:42 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Thu, 26 Oct 2023 18:58:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230925/c63k50J6/1.jpg?t=1695627308

166.0.195.81

200 OK

109 kB

URL GET HTTP/2
nxximg.com/20230925/c63k50J6/1.jpg?t=1695627308
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x334, components 3\012- data
Size
109 kB (108851 bytes)
Hash
fa66c584b23d843c18a60c5305439bae
d992164db203588adb32fb03d2127fa0483aeeb4
375059cf70777c1a8ebf3c8a104341d5b66c52489464950d65b6b6dad789daa1

HTTP Headers

GET /20230925/c63k50J6/1.jpg?t=1695627308 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 108851
last-modified: Tue, 26 Sep 2023 03:09:08 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b54-1a933"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxxzyimg.com/20230315/uiKJ77Hw/1.jpg?t=1679994361

166.0.195.111

200 OK

9.9 kB

URL GET HTTP/1.1
nxxzyimg.com/20230315/uiKJ77Hw/1.jpg?t=1679994361
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.9 kB (9883 bytes)
Hash
abb20c876659c6de320a84e0bc70643e
955b3a29b413b2cae5281f849a2c5e7e2c4c7017
05066ae0f72725eff07193c60ecf4bdc2565dcbdab6e348380d3eb69c7b095af

HTTP Headers

GET /20230315/uiKJ77Hw/1.jpg?t=1679994361 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 9883
Connection: keep-alive
Last-Modified: Wed, 15 Mar 2023 03:05:37 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64113601-269b"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxximg.com/20230924/uleACeyH/1.jpg?t=1695532479

166.0.195.81

200 OK

137 kB

URL GET HTTP/2
nxximg.com/20230924/uleACeyH/1.jpg?t=1695532479
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x334, components 3\012- data
Size
137 kB (136823 bytes)
Hash
09ac546726c1942415c680c3253e12ba
24205538b17d276dcf4f9058addb5ffea031791b
1de9c6d4792932a94a34df648c75a344271216d7281c14c875c546de3c595d37

HTTP Headers

GET /20230924/uleACeyH/1.jpg?t=1695532479 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 136823
last-modified: Mon, 25 Sep 2023 06:49:56 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65112d94-21677"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxximg.com/20230925/E6Rkmv9C/1.jpg?t=1695627048

166.0.195.81

200 OK

168 kB

URL GET HTTP/2
nxximg.com/20230925/E6Rkmv9C/1.jpg?t=1695627048
IP
166.0.195.81:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxximg.com
FingerprintB9:17:D5:38:8E:42:1F:32:23:A5:00:2E:4E:B9:D0:16:E9:AE:E1:E2
ValidityThu, 27 Jul 2023 17:08:05 GMT - Sun, 25 Aug 2024 17:08:04 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:04:19 11:23:14], baseline, precision 8, 718x334, components 3\012- data
Size
168 kB (168178 bytes)
Hash
62bb865d9d9083cb2995e2a2e577dc5c
22bb7651b7917eedeff422af127654260bbe338a
8c1873e95398bf131d3d712a909ba8f119727b30f5ce6094f546ab57c214b49e

HTTP Headers

GET /20230925/E6Rkmv9C/1.jpg?t=1695627048 HTTP/1.1
Host: nxximg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 26 Sep 2023 19:08:14 GMT
content-type: application/octet-stream
content-length: 168178
last-modified: Tue, 26 Sep 2023 03:09:07 GMT
content-disposition: attachment; filename="1.jpg"
etag: "65124b53-290f2"
access-control-allow-headers: X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *, *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

nxxzyimg.com/20230315/7DAaraZz/1.jpg?t=1679994360

166.0.195.111

200 OK

324 kB

URL GET HTTP/1.1
nxxzyimg.com/20230315/7DAaraZz/1.jpg?t=1679994360
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x563, components 3\012- data
Size
324 kB (324132 bytes)
Hash
14232f14c46653687e6f882aaa0fa424
10000011a08fbc2b4fe2a7544b351be737ca7a34
062de966ef457ad216dc3b9189f7f3ccd04b59af5dec4ac3cef92581e022613c

HTTP Headers

GET /20230315/7DAaraZz/1.jpg?t=1679994360 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 324132
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:54:28 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192a74-4f224"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1b64f2643e8c8bf136e01d99b754102d
7de90be95dc5c58f0f82a9123a0ae51fd3f780be
a2ff90746e9059bceae7cb10ba9b0e3b0e44f87466f1e1800e2f768a11eaa9f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 25 Sep 2023 10:27:56 GMT
Expires: Mon, 02 Oct 2023 10:27:55 GMT
Etag: "7de90be95dc5c58f0f82a9123a0ae51fd3f780be"
Cache-Control: max-age=487208,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80cdcb663c635694-OSL

nxxzyimg.com/20230315/JJBHEZ53/1.jpg?t=1679994359

166.0.195.111

200 OK

7.0 kB

URL GET HTTP/1.1
nxxzyimg.com/20230315/JJBHEZ53/1.jpg?t=1679994359
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.0 kB (6984 bytes)
Hash
7da0c1ae0dc0e208f196014212465bf3
b70ea718061eeb0bc400ebd3f72123eae65e7745
51413a1c0e36cf51b8a789d0e4d687d11715923f1a7955b5a85f85f4a282de48

HTTP Headers

GET /20230315/JJBHEZ53/1.jpg?t=1679994359 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 6984
Connection: keep-alive
Last-Modified: Wed, 15 Mar 2023 02:56:21 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "641133d5-1b48"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230315/YnOn7YGk/1.jpg?t=1679999982

166.0.195.111

200 OK

126 kB

URL GET HTTP/1.1
nxxzyimg.com/20230315/YnOn7YGk/1.jpg?t=1679999982
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x562, components 3\012- data
Size
126 kB (126527 bytes)
Hash
e7510ee58266a8791bd1eb7a6559e427
198e78efe501bd8b712f16e1cc461d5ed044e988
269e070fd4efc3e7e37ad63053129f9aeccda02eb8a04f3fe6c8763571d5f2aa

HTTP Headers

GET /20230315/YnOn7YGk/1.jpg?t=1679999982 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 126527
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:54:31 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192a77-1ee3f"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230421/qW2cEEAm/1.jpg?t=1682064879

166.0.195.111

200 OK

1.1 MB

URL GET HTTP/1.1
nxxzyimg.com/20230421/qW2cEEAm/1.jpg?t=1682064879
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 MB (1115544 bytes)
Hash
eb86a36707b34d17db539cd678737387
1d390185ad70dd69472f285b99b05a6511dc6dc0
9621280686c12a072975f1199cf08e390e8191517979eb18ef3d181e8f941fe0

HTTP Headers

GET /20230421/qW2cEEAm/1.jpg?t=1682064879 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 1115544
Connection: keep-alive
Last-Modified: Sat, 22 Apr 2023 14:15:03 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "6443ebe7-110598"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

nxxzyimg.com/20230315/PBL8G66H/1.jpg?t=1679999982

166.0.195.111

200 OK

210 kB

URL GET HTTP/1.1
nxxzyimg.com/20230315/PBL8G66H/1.jpg?t=1679999982
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], baseline, precision 8, 1280x720, components 3\012- data
Size
210 kB (210423 bytes)
Hash
8d4467fd64fd68bbcf952ae322e5983b
82e14e69eca18c03e5fac6d656f88d5e6e9a6a10
aa7f8ef5b9f9e508a0fd92d3e82175d01306f9fa50e9c7b12fd6e9cc49a3055f

HTTP Headers

GET /20230315/PBL8G66H/1.jpg?t=1679999982 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 210423
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:54:26 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192a72-335f7"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1b64f2643e8c8bf136e01d99b754102d
7de90be95dc5c58f0f82a9123a0ae51fd3f780be
a2ff90746e9059bceae7cb10ba9b0e3b0e44f87466f1e1800e2f768a11eaa9f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 25 Sep 2023 10:27:56 GMT
Expires: Mon, 02 Oct 2023 10:27:55 GMT
Etag: "7de90be95dc5c58f0f82a9123a0ae51fd3f780be"
Cache-Control: max-age=487208,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80cdcb671d8d5694-OSL

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1b64f2643e8c8bf136e01d99b754102d
7de90be95dc5c58f0f82a9123a0ae51fd3f780be
a2ff90746e9059bceae7cb10ba9b0e3b0e44f87466f1e1800e2f768a11eaa9f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 25 Sep 2023 10:27:56 GMT
Expires: Mon, 02 Oct 2023 10:27:55 GMT
Etag: "7de90be95dc5c58f0f82a9123a0ae51fd3f780be"
Cache-Control: max-age=486579,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80cdcb663d265684-OSL

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1b64f2643e8c8bf136e01d99b754102d
7de90be95dc5c58f0f82a9123a0ae51fd3f780be
a2ff90746e9059bceae7cb10ba9b0e3b0e44f87466f1e1800e2f768a11eaa9f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 25 Sep 2023 10:27:56 GMT
Expires: Mon, 02 Oct 2023 10:27:55 GMT
Etag: "7de90be95dc5c58f0f82a9123a0ae51fd3f780be"
Cache-Control: max-age=486579,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80cdcb663a8c569a-OSL

nxxzyimg.com/20230315/fXxvxxUH/1.jpg?t=1679994360

166.0.195.111

200 OK

310 kB

URL GET HTTP/1.1
nxxzyimg.com/20230315/fXxvxxUH/1.jpg?t=1679994360
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Windows), datetime=2021:12:30 02:45:03], baseline, precision 8, 1000x563, components 3\012- data
Size
310 kB (310259 bytes)
Hash
a2e52548704d3c0b90290cdc30d14fb6
7a389f30901e9b74feedae8321d4ec7c8eb69a2e
32f8a48556d4f9cc79f9630875ef7fc1c2192d6ba30b7f67d189c13cf30667b7

HTTP Headers

GET /20230315/fXxvxxUH/1.jpg?t=1679994360 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 310259
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:55:18 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192aa6-4bbf3"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1b64f2643e8c8bf136e01d99b754102d
7de90be95dc5c58f0f82a9123a0ae51fd3f780be
a2ff90746e9059bceae7cb10ba9b0e3b0e44f87466f1e1800e2f768a11eaa9f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 19:08:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 25 Sep 2023 10:27:56 GMT
Expires: Mon, 02 Oct 2023 10:27:55 GMT
Etag: "7de90be95dc5c58f0f82a9123a0ae51fd3f780be"
Cache-Control: max-age=486578,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80cdcb663840b4eb-OSL

nxxzyimg.com/20230315/M4Ce0BT0/1.jpg?t=1679994360

166.0.195.111

200 OK

1.1 MB

URL GET HTTP/1.1
nxxzyimg.com/20230315/M4Ce0BT0/1.jpg?t=1679994360
IP
166.0.195.111:443
ASN
#0

Requested by
https://game168.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectnxxzyimg.com
Fingerprint24:81:58:9E:48:F4:17:1E:B7:4E:4C:8A:AE:C5:E7:67:76:EB:33:59
ValidityMon, 06 Mar 2023 05:50:08 GMT - Wed, 03 Apr 2024 00:00:00 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Windows), datetime=2021:12:13 20:56:28], baseline, precision 8, 2000x1125, components 3\012- data
Size
1.1 MB (1054887 bytes)
Hash
c8e0cb0dc79f5b5ba5d4ac6e667fc884
ed9cc9fa9c590363ee86d03e4e299355fe6f4d2d
6e08913d08e921c4312abe0ac8d234c5f52da30861b33d499a09106c749a2693

HTTP Headers

GET /20230315/M4Ce0BT0/1.jpg?t=1679994360 HTTP/1.1
Host: nxxzyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 19:08:15 GMT
Content-Type: application/octet-stream
Content-Length: 1054887
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:55:18 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "64192aa6-1018a7"
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

kycnxwxaztbrax.huayingshangmeng.com/gg/k960X120.gif

101.28.250.219

200 OK

628 kB

URL GET HTTP/2
kycnxwxaztbrax.huayingshangmeng.com/gg/k960X120.gif
IP
101.28.250.219:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://game168.top/
Certificate
IssuerSectigo Limited
Subjectkycnxwxaztbrax.huayingshangmeng.com
Fingerprint6C:32:B5:DE:0D:D2:85:5A:D4:D2:CE:FA:97:6C:2A:32:E2:CA:19:61
ValidityTue, 06 Jun 2023 00:00:00 GMT - Wed, 05 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
628 kB (628344 bytes)
Hash
fb399f82a3d3921887db083afb3b9508
986e19a2c2334419163e0a84c01085191657e82d
fa9623db6651c1c0bec793b4f57c5e83f834420e3e3b73604b2e3c916d43e167

HTTP Headers

GET /gg/k960X120.gif HTTP/1.1
Host: kycnxwxaztbrax.huayingshangmeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/gif
content-length: 628344
accept-ranges: bytes
age: 1011850
cache-control: 31536000
etag: "64c7d276-99678"
expires: Sun, 15 Oct 2023 02:04:06 GMT
last-modified: Mon, 31 Jul 2023 15:25:42 GMT
x-bdcdn-cache-status: TCP_HIT
x-request-id: f4bad715ebcbe3b2f0aa720cd11d418d
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-tt-trace-tag: id=5
date: Tue, 26 Sep 2023 19:08:16 GMT
via: cache02.hdcu03
access-control-max-age: 31536000
X-Firefox-Spdy: h2

imgsrc.baidu.com/forum/pic/item/eaf81a4c510fd9f95427e559632dd42a2834a4ca.jpg

104.193.88.109

200 OK

51 kB

URL GET HTTP/2
imgsrc.baidu.com/forum/pic/item/eaf81a4c510fd9f95427e559632dd42a2834a4ca.jpg
IP
104.193.88.109:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://game168.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
51 kB (50770 bytes)
Hash
863cd568a8aba6b6d181351782b83117
7d8add25fbd56d714e79d9044389a7a5f1ddb89a
200c65850e6d66e00ce114ec3fb190227a11125eb70afdbbecea455401cb8f85

HTTP Headers

GET /forum/pic/item/eaf81a4c510fd9f95427e559632dd42a2834a4ca.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 26 Sep 2023 19:08:17 GMT
content-type: image/gif
content-length: 50770
access-control-allow-origin: *
etag: 863cd568a8aba6b6d181351782b83117
expires: Thu, 26 Oct 2023 19:08:17 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2

kycnxwxaztbrax.huayingshangmeng.com/gg/v960X120.gif

101.28.250.219

200 OK

511 kB

URL GET HTTP/2
kycnxwxaztbrax.huayingshangmeng.com/gg/v960X120.gif
IP
101.28.250.219:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://game168.top/
Certificate
IssuerSectigo Limited
Subjectkycnxwxaztbrax.huayingshangmeng.com
Fingerprint6C:32:B5:DE:0D:D2:85:5A:D4:D2:CE:FA:97:6C:2A:32:E2:CA:19:61
ValidityTue, 06 Jun 2023 00:00:00 GMT - Wed, 05 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
511 kB (511173 bytes)
Hash
7f8e54f5bb3fe281857e0da798179e5b
0e594fc69ffb829046b990dd687cc2bbce9debf4
1f8c24d721e77e2254ccb9f3d6827a6e90706d18b4d91198d06fbb5d8a30f854

HTTP Headers

GET /gg/v960X120.gif HTTP/1.1
Host: kycnxwxaztbrax.huayingshangmeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/gif
content-length: 511173
accept-ranges: bytes
age: 1011848
cache-control: 31536000
etag: "64c7d1dd-7ccc5"
expires: Sun, 15 Oct 2023 02:04:09 GMT
last-modified: Mon, 31 Jul 2023 15:23:09 GMT
x-bdcdn-cache-status: TCP_HIT
x-request-id: ec4bbb2411c1777425da00bde0d3a694
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-tt-trace-tag: id=5
date: Tue, 26 Sep 2023 19:08:16 GMT
via: cache02.hdcu03
access-control-max-age: 31536000
X-Firefox-Spdy: h2

kycnxwxaztbrax.huayingshangmeng.com/gg/d960X120.gif

101.28.250.219

200 OK

396 kB

URL GET HTTP/2
kycnxwxaztbrax.huayingshangmeng.com/gg/d960X120.gif
IP
101.28.250.219:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://game168.top/
Certificate
IssuerSectigo Limited
Subjectkycnxwxaztbrax.huayingshangmeng.com
Fingerprint6C:32:B5:DE:0D:D2:85:5A:D4:D2:CE:FA:97:6C:2A:32:E2:CA:19:61
ValidityTue, 06 Jun 2023 00:00:00 GMT - Wed, 05 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
396 kB (396292 bytes)
Hash
26f701f5c7c0c97324e168eead714804
a6b80563d141786bbccbda0d9b87d626c98ff775
7cbbfd17b999b51e96ec5401e704fb3d68a57cf34f3cc96cada7270c8e3f9209

HTTP Headers

GET /gg/d960X120.gif HTTP/1.1
Host: kycnxwxaztbrax.huayingshangmeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/gif
content-length: 396292
accept-ranges: bytes
age: 1011851
cache-control: 31536000
etag: "64c7d236-60c04"
expires: Sun, 15 Oct 2023 02:04:05 GMT
last-modified: Mon, 31 Jul 2023 15:24:38 GMT
x-bdcdn-cache-status: TCP_HIT
x-request-id: a2e5d1ef6cb0bd0822788bafa7d31086
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-tt-trace-tag: id=5
date: Tue, 26 Sep 2023 19:08:16 GMT
via: cache02.hdcu03
access-control-max-age: 31536000
X-Firefox-Spdy: h2

kycnxwxaztbrax.huayingshangmeng.com/gg/j960X120.gif

101.28.250.219

200 OK

605 kB

URL GET HTTP/2
kycnxwxaztbrax.huayingshangmeng.com/gg/j960X120.gif
IP
101.28.250.219:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://game168.top/
Certificate
IssuerSectigo Limited
Subjectkycnxwxaztbrax.huayingshangmeng.com
Fingerprint6C:32:B5:DE:0D:D2:85:5A:D4:D2:CE:FA:97:6C:2A:32:E2:CA:19:61
ValidityTue, 06 Jun 2023 00:00:00 GMT - Wed, 05 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
605 kB (605087 bytes)
Hash
ceb4f0a8807861b844eea69ff6a2655a
1eb4c1dbdf2c776d5a27b9040e1c11d8d370aea6
76a14ac63f70658712aa503325276edc222f171c9caf5be0c767892a811cfc4b

HTTP Headers

GET /gg/j960X120.gif HTTP/1.1
Host: kycnxwxaztbrax.huayingshangmeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/gif
content-length: 605087
accept-ranges: bytes
age: 1011847
cache-control: 31536000
etag: "64c7d3a5-93b9f"
expires: Sun, 15 Oct 2023 02:04:09 GMT
last-modified: Mon, 31 Jul 2023 15:30:45 GMT
x-bdcdn-cache-status: TCP_HIT
x-request-id: 6915117c07878c6dd37abadd4aaf7f10
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-tt-trace-tag: id=5
date: Tue, 26 Sep 2023 19:08:16 GMT
via: cache02.hdcu03
access-control-max-age: 31536000
X-Firefox-Spdy: h2

game168.top/

104.21.87.4

200 OK

78 kB

URL GET HTTP/2
game168.top/
IP
104.21.87.4:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.5yyw.cn/config/203889906.exe
Certificate
IssuerGoogle Trust Services LLC
Subjectgame168.top
Fingerprint2C:B9:41:88:EE:05:F5:A4:D6:01:DD:46:25:4B:46:2F:E1:8B:8B:F6
ValiditySun, 17 Sep 2023 02:32:50 GMT - Sat, 16 Dec 2023 02:32:49 GMT

File type

Size
78 kB (78068 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: game168.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.5yyw.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 19:08:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN5ap8I%2FGVVJVFZH51NmOdqJdzoy%2F6CYliAcGat%2FPmYBRwvMhX%2Fo%2BKHUmcHf%2BV1Bcdl%2FGduEGBCpQTsh7nynBFjJkGVf7vaiXgpq3Ok3WRS8qcxNjC5Xhh%2Ftwtahuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80cdcb474f6d56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?f87907ecdd9f6db626a7e34aaba55e8d

103.235.46.191

200 OK

30 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?f87907ecdd9f6db626a7e34aaba55e8d
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://game168.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
ASCII text, with very long lines (619)
Size
30 kB (29779 bytes)
Hash
02bb17c3562c6a082921cd44d72fbcc7
75fc98fc3ef2d09cdfbbcc9509a4fd9200595ee3
aa280e0f03fa56e5195a2fd14ab54af364989412ecbd47f9272c40cc1d84f4f4

HTTP Headers

GET /hm.js?f87907ecdd9f6db626a7e34aaba55e8d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 26 Sep 2023 19:08:13 GMT
Etag: 4cd2c10d3fc0682f392e78417f0337a8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AE655F8EF5A1AF22; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

game168.top/template/m1938/css/style2.css

104.21.87.4

200 OK

32 kB

URL GET HTTP/3
game168.top/template/m1938/css/style2.css
IP
104.21.87.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectgame168.top
Fingerprint2C:B9:41:88:EE:05:F5:A4:D6:01:DD:46:25:4B:46:2F:E1:8B:8B:F6
ValiditySun, 17 Sep 2023 02:32:50 GMT - Sat, 16 Dec 2023 02:32:49 GMT

File type

Size
32 kB (32187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /template/m1938/css/style2.css HTTP/1.1
Host: game168.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 26 Sep 2023 19:08:12 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 14:20:48 GMT
vary: Accept-Encoding
etag: W/"644bd640-7dbb"
expires: Wed, 27 Sep 2023 06:08:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoN19Zpjfr3EvGHnEeNsMXcGw8mBixLPRYMSE5Lrp0xHaq%2BsExohNsT4jPyXGeetpBa7QhgQoMbx1yZwU%2BrkW0yJcx%2F8%2BmKSrqFjETdOo4N12vxyIztq6pX0um%2BG5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80cdcb52a8e6b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.linkpicture.com/q/0512_960x80.gif

104.21.235.181

200 OK

98 kB

URL GET HTTP/2
www.linkpicture.com/q/0512_960x80.gif
IP
104.21.235.181:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game168.top/
Certificate
IssuerLet's Encrypt
Subjectlinkpicture.com
Fingerprint0B:C0:0D:AE:9E:5E:46:C6:0F:A4:5D:14:F8:96:DF:F6:9D:AC:37:0D
ValiditySun, 13 Aug 2023 05:54:47 GMT - Sat, 11 Nov 2023 05:54:46 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
98 kB (98086 bytes)
Hash
11510055f728f48e97de96208c35545c
2e8623f5bbe7eff53060d84a300f7fe393cef775
b8ea6dd9328f61a854a74014c63d3009d90d501a5abac64ac366e8e7acefb766

HTTP Headers

GET /q/0512_960x80.gif HTTP/1.1
Host: www.linkpicture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game168.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 19:08:13 GMT
content-type: image/gif
content-length: 98086
last-modified: Fri, 12 May 2023 12:19:54 GMT
etag: "645e2eea-17f26"
x-powered-by: PleskLin
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4231
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BOw2otqOrX%2BiAxKlZlwrAlRR4KcmBWlULSCf5OBZNlvf5q%2BMHRkDBTLK46ytVftO0I%2BEyD7hHgNC%2Bb66K39uiv8N1JuoIJfQEcLsiFAkBginzQPC8iA%2FG7c4w%2Bm2wd5bH6rjFUd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80cdcb573862886b-LHR
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations