{"report_id":"52293102-a029-494d-9ccb-1ba8fde56bb9","version":6,"status":"done","tags":[],"date":"2025-06-07T06:00:51Z","url":{"schema":"http","addr":"2115ck.cc/","fqdn":"2115ck.cc","domain":"2115ck.cc","tld":"cc"},"ip":{"addr":"198.16.60.60","port":0,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"title":"444992.xyz/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T06:00:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"777eee555eee.com","ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-05-12","domain_rank":0,"first_seen":"2025-06-02T14:58:58.189837Z","last_seen":"2025-06-02T14:58:58.189837Z","alert_count":1,"request_count":1,"received_data":795273,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"jklhgfg.varlt.com","ip":{"addr":"101.226.28.240","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2024-11-15","domain_rank":0,"first_seen":"2025-05-15T04:03:02.427058Z","last_seen":"2025-06-05T18:41:30.556159Z","alert_count":0,"request_count":1,"received_data":275991,"sent_data":431,"comment":"","tags":null,"fingerprints":null},{"fqdn":"txdy.2016os.com","ip":{"addr":"180.163.146.92","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2016-01-20","domain_rank":0,"first_seen":"2025-02-06T22:26:39.388119Z","last_seen":"2025-06-07T04:13:36.574903Z","alert_count":0,"request_count":1,"received_data":465033,"sent_data":429,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.fjyyedu.com","ip":{"addr":"123.6.18.20","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2015-12-30","domain_rank":0,"first_seen":"2025-04-16T03:14:18.953413Z","last_seen":"2025-06-06T04:49:38.322795Z","alert_count":0,"request_count":2,"received_data":709599,"sent_data":869,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vezknp-1005-ppp.oss-accelerate.aliyuncs.com","ip":{"addr":"47.254.187.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-03-26T08:12:48.39622Z","last_seen":"2025-06-05T16:09:11.212853Z","alert_count":0,"request_count":1,"received_data":79303,"sent_data":491,"comment":"","tags":null,"fingerprints":null},{"fqdn":"imgsa.baidu.com","ip":{"addr":"171.214.24.48","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":139015,"first_seen":"2017-01-29T16:54:01Z","last_seen":"2025-06-07T01:16:36.839323Z","alert_count":0,"request_count":2,"received_data":1793279,"sent_data":956,"comment":"","tags":null,"fingerprints":null},{"fqdn":"777eee888eee.com","ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-05-12","domain_rank":0,"first_seen":"2025-05-20T14:17:10.301349Z","last_seen":"2025-06-04T23:47:59.167596Z","alert_count":1,"request_count":1,"received_data":248076,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.835images20.com","ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2024-12-29","domain_rank":0,"first_seen":"2024-12-29T20:15:30.300763Z","last_seen":"2025-06-05T20:03:29.410021Z","alert_count":0,"request_count":1,"received_data":642612,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"444992.xyz","ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":13,"received_data":339793,"sent_data":5112,"comment":"","tags":null,"fingerprints":null},{"fqdn":"555sx.img1368680550.com","ip":{"addr":"156.231.117.216","port":443,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-05-05","domain_rank":0,"first_seen":"2025-05-11T12:42:19.106804Z","last_seen":"2025-06-01T23:17:44.663487Z","alert_count":0,"request_count":1,"received_data":367158,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.607images.com","ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2025-02-06","domain_rank":0,"first_seen":"2025-02-17T08:45:19.084943Z","last_seen":"2025-06-03T23:00:48.10299Z","alert_count":0,"request_count":1,"received_data":396206,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pg555222.img6212510042.com","ip":{"addr":"205.198.65.114","port":8585,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-04-09","domain_rank":0,"first_seen":"2025-05-17T19:25:17.301579Z","last_seen":"2025-06-02T22:58:25.663188Z","alert_count":0,"request_count":1,"received_data":560286,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"311050.xyz","ip":{"addr":"198.16.60.50","port":8899,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2025-04-18","domain_rank":0,"first_seen":"2025-05-11T12:42:18.314123Z","last_seen":"2025-06-05T20:03:29.1305Z","alert_count":0,"request_count":1,"received_data":215,"sent_data":536,"comment":"","tags":null,"fingerprints":null},{"fqdn":"333eee999eee.com","ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-05-12","domain_rank":0,"first_seen":"2025-05-15T23:53:25.032554Z","last_seen":"2025-06-01T23:02:54.094486Z","alert_count":0,"request_count":1,"received_data":519866,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"2115ck.cc","ip":{"addr":"198.16.60.60","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":552,"sent_data":872,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":8663,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2025-06-02T07:45:21.642968Z","alert_count":0,"request_count":2,"received_data":337694,"sent_data":962,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hhapk777.getehu.com","ip":{"addr":"61.160.192.102","port":443,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"domain_registered":"2024-07-01","domain_rank":0,"first_seen":"2025-02-25T00:44:22.621764Z","last_seen":"2025-05-31T06:09:58.35331Z","alert_count":0,"request_count":3,"received_data":527378,"sent_data":1338,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.looknewpoint.com","ip":{"addr":"154.19.69.23","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2020-03-31","domain_rank":0,"first_seen":"2025-05-23T02:47:56.979824Z","last_seen":"2025-06-01T21:40:08.370518Z","alert_count":0,"request_count":1,"received_data":679278,"sent_data":467,"comment":"","tags":null,"fingerprints":null},{"fqdn":"777eee333eee.com","ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-05-12","domain_rank":0,"first_seen":"2025-05-21T13:19:23.08728Z","last_seen":"2025-06-01T22:59:41.081108Z","alert_count":1,"request_count":1,"received_data":319715,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cbu01.alicdn.com","ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2008-06-25","domain_rank":44205,"first_seen":"2015-04-17T10:25:48Z","last_seen":"2025-05-31T11:31:41.770634Z","alert_count":0,"request_count":4,"received_data":1392416,"sent_data":1880,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dj4opyunomy06.cloudfront.net","ip":{"addr":"3.167.7.175","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-05-25T02:19:02.201957Z","last_seen":"2025-06-01T18:28:25.136618Z","alert_count":0,"request_count":1,"received_data":380038,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"apple-banana.oss-cn-shenzhen.aliyuncs.com","ip":{"addr":"112.74.1.166","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-01-18T21:57:04.474238Z","last_seen":"2025-06-01T23:17:44.494109Z","alert_count":0,"request_count":1,"received_data":52595,"sent_data":455,"comment":"","tags":null,"fingerprints":null},{"fqdn":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com","ip":{"addr":"3.5.237.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-04-11T23:54:49.232666Z","last_seen":"2025-06-05T19:59:43.151542Z","alert_count":0,"request_count":1,"received_data":45592,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"555jnc.img3174125953.com","ip":{"addr":"156.231.117.216","port":443,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-05-05","domain_rank":0,"first_seen":"2025-05-11T12:42:18.322644Z","last_seen":"2025-06-05T20:03:29.662828Z","alert_count":1,"request_count":1,"received_data":734357,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.blkj58.com","ip":{"addr":"138.199.46.65","port":443,"asn":60068,"as":"Datacamp Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-02-19","domain_rank":0,"first_seen":"2024-12-10T16:22:58.787373Z","last_seen":"2025-05-31T10:22:26.277421Z","alert_count":0,"request_count":1,"received_data":273826,"sent_data":461,"comment":"","tags":null,"fingerprints":null},{"fqdn":"666834.xyz","ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2022-02-19","domain_rank":0,"first_seen":"2022-11-28T15:06:04Z","last_seen":"2025-06-05T20:03:29.78396Z","alert_count":0,"request_count":10,"received_data":3531896,"sent_data":4481,"comment":"","tags":null,"fingerprints":null},{"fqdn":"yh526.tkzqv.com","ip":{"addr":"61.243.20.19","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2024-11-15","domain_rank":0,"first_seen":"2025-05-27T03:26:11.57199Z","last_seen":"2025-06-03T07:05:03.07765Z","alert_count":0,"request_count":1,"received_data":244775,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gif.fpaixfl.com","ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-05-15T23:53:25.04598Z","last_seen":"2025-06-06T03:23:29.691655Z","alert_count":0,"request_count":2,"received_data":708896,"sent_data":869,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xm55511.img9879125675.com","ip":{"addr":"205.198.65.114","port":8686,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-04-09","domain_rank":0,"first_seen":"2025-05-08T03:32:59.167445Z","last_seen":"2025-05-31T23:30:39.141188Z","alert_count":0,"request_count":1,"received_data":322321,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tu.iuchx.com","ip":{"addr":"112.29.207.189","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"2024-12-31","domain_rank":0,"first_seen":"2025-05-28T22:42:08.484352Z","last_seen":"2025-06-05T20:03:29.238272Z","alert_count":0,"request_count":1,"received_data":141905,"sent_data":440,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.40images1.com","ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2025-02-24","domain_rank":0,"first_seen":"2025-05-11T23:00:09.734778Z","last_seen":"2025-06-03T23:00:48.207594Z","alert_count":0,"request_count":1,"received_data":678024,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.537images23.com","ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2025-04-19","domain_rank":0,"first_seen":"2025-05-11T12:42:18.826719Z","last_seen":"2025-06-01T23:17:45.131475Z","alert_count":1,"request_count":1,"received_data":475026,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":8254,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-06-04T20:40:21.4787Z","alert_count":0,"request_count":2,"received_data":30877,"sent_data":1084,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-06-07T06:00:31Z","timestamp":1749276031,"ip_dst":{"addr":"112.74.1.166","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"172.18.0.22","port":36626,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-06-07T06:00:31.155312+0000\",\"flow_id\":547779415784270,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":36626,\"dest_ip\":\"112.74.1.166\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"apple-banana.oss-cn-shenzhen.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":4662,\"start\":\"2025-06-07T06:00:30.605006+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-06-07T06:00:31Z","timestamp":1749276031,"ip_dst":{"addr":"47.254.187.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.22","port":33198,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-06-07T06:00:31.769392+0000\",\"flow_id\":1145587323835473,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":33198,\"dest_ip\":\"47.254.187.151\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"vezknp-1005-ppp.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":6780,\"start\":\"2025-06-07T06:00:31.726097+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-07","alert":"Sinkholed","trigger":"537images23.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-06","alert":"Sinkholed","trigger":"777eee333eee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-07","alert":"Sinkholed","trigger":"777eee555eee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-06","alert":"Sinkholed","trigger":"777eee888eee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-07","alert":"Sinkholed","trigger":"img3174125953.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"2115ck.cc/","fqdn":"2115ck.cc","domain":"2115ck.cc","tld":"cc"},"ip":{"addr":"198.16.60.60","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9061dc8e9cf39b1cb21e433bd27e1ac7","sha1":"6ad2530209853f28bc813a90224bda486ec63137","sha256":"a66f7391f15f789832affbc06eb4be7dc16313a490f851bc21563c239ad5d3c0","sha512":"0555b450f2495a389c7a16da1fc87f720011e8ed948b861b954e5639da9744e5ccc4ba35896e22b5e35ca2ecd2c734a722c8bda49c8d4c2b860335b37f08bae3","ssdeep":"","tlshash":"32e086f3244185305afa325bab5377957d2255c72e51700550181c51a51cf8ec63de99","size":317,"data":"","first_seen":"2025-05-11T05:57:28.225098Z","last_seen":"2025-06-21T07:19:02.790158Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"392a013c1cdd19d09d6d7d16b6c2acbf","sha1":"fc8915f14ab32afa30c0201ac0be1b52a254e517","sha256":"725cf2e274f608fa6005912aac7349795cb75e2597c18abc76144e26324eee4e","sha512":"3a13aeeb65c3af4e84e63c7ee1828bbe904c59abece48314b388e92a14afeab44c3a607d88b86cfbbe3db709f6aa824d7b556a2555c64ad0291cedd20330a8d3","ssdeep":"","tlshash":"4fa022280a0ea0038c8232c00bce000202ee208000bf0a02ca08ec08c20f000030c0c0","size":70,"data":"","first_seen":"2023-03-07T12:21:12Z","last_seen":"2026-02-28T12:56:56.11229Z","times_seen":866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab9bcf482c41b8f1ccaca96676d57687","sha1":"50ecf31504357f9493fbde1bfb854f316549d6af","sha256":"7ad5535949841970f3f2cace9d725f931ee42ed31e61e8b91263f36c0bbbf292","sha512":"e2e00768ee0805eeee4bb7efdb2306c143898d6daa76cceceb4d1d879656052b6cf61cb3bc784025463c73c594f7c497aa660b36161eea5f856e74808ba47b51","ssdeep":"","tlshash":"ead05b00610cdd7473bdcbdd8d06669ad4a054739347d6bce86a447d09cbcd78075a17","size":273,"data":"","first_seen":"2024-07-04T07:59:35Z","last_seen":"2025-09-30T05:40:13.122657Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/static/js/home.js","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dace87b98369cd3a17614087ace567a7","sha1":"854eb995ab3a2ca08a785786c0ab1055eef1649d","sha256":"2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417","sha512":"c27abdad353ff3b5ef047690038e5a23e337f6aa15ca88abce98cf5c5865db1fb69a69f72ac2e44256f1dc9a3fe3564bb6212adadf0e6cd6aea4a64d8cb7f975","ssdeep":"768:qJqhbl1JbiPbhWODBb7z9n/bhb7m5gr9JQVT5E12r9luXT:qyODBNQUT","tlshash":"3c03724db697146450b3326a9f7b5a08df7b421f05008f49be7d00a41ff1a4eb616fad","size":39246,"data":"","first_seen":"2023-03-07T01:10:44Z","last_seen":"2026-03-18T14:17:29.255306Z","times_seen":551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"200227fb5725d57df146a731ca6c9945","sha1":"ac199f1ea4dede54edcd401008b4630e36596130","sha256":"0a92100ccb5f3788c50c13df059e73f3f7e630eeb57aa4545eaf325ddce27c81","sha512":"830d2c838a49d0b28056649a5f514c58cb69b5a9404d3d3a025c43b99d6dcaf2ce25259218e9d0af5ff636351fb226e0c831934aea1805ebf365691e462dcdc3","ssdeep":"","tlshash":"6ef0a04cf12a6a8020bef4bc5d7b930845ab51156b8288c800bb8cb2246647dd4a7e8f","size":445,"data":"","first_seen":"2024-07-04T07:59:35Z","last_seen":"2026-04-04T12:15:56.118273Z","times_seen":384,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"587d8148ec78f7c6f4aa7e7f0e382bf6","sha1":"58f09a7743a6b0586c8320232ea89d1cbb20e558","sha256":"e2d264ffefbcb451e8df1a6b35750fbfafdc5197de3d4073f23fcf85deec1839","sha512":"ab2bb08612ffe2b40a282b27482f730644def57e68429ac95ffd3e3e3f28714e80000d996b47062ea183937133a82db3080432377b768e52b39a3c0309380824","ssdeep":"","tlshash":"7ba0020df281afa0417135b85917124b89261c4b29951448a5651271481511de497d85","size":59,"data":"","first_seen":"2024-07-04T07:59:35Z","last_seen":"2026-04-04T12:15:56.119085Z","times_seen":380,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"82743622a1f67a6b2840a3b9b71ba852","sha1":"260ccb321757aa18183375b2833426d85a2a5a1c","sha256":"09be0054605c5fc4fbf7c7e08ed55106a681fb8d8f35c30cc388faa9deafd7e7","sha512":"972dc016697d83e38eac2126f2e8d063e4bd9e75db1ac42c5b6b0102c9b4a8519bf7bc848e5f996c3bfaf67286ecabebd86d96bcb7e1b67c3a1a6a47b42a7b62","ssdeep":"","tlshash":"ead02bcc70c74cec9ae32cc55d8b349d95790d563668d8600c401887388ae2715d17fd","size":287,"data":"","first_seen":"2025-06-07T06:00:57.496928Z","last_seen":"2025-06-07T06:00:57.496928Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/static/js/jquery.lazyload.min.js","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"89c45121934ed4664ff3ca811a008226","sha1":"848216f1d67cc7c6c6214db1a771f8c4653f06d6","sha256":"e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7","sha512":"61a33e6453c52798cf127e93c3163344cea18bdcf31eea042653903b4653b1e5408942d7b3e09b33ac73c667d1b0161d1438cbaee8d517518352c7c88a9bcc3c","ssdeep":"","tlshash":"1861768d7f527839f0567a9e831f3106663ed46f81814c54b0c9ece4ecec7951236d9a","size":3381,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-04T13:41:20.87158Z","times_seen":4359,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4fe9cbabc90fa0723c3be26530d5f99c","sha1":"182c1ae5dd3912002337ff47ae1d9815eaeb48d7","sha256":"b3ae50a3ac32c85a57ddb19f00761a86b4da7924c5bc948ff529277d23c83175","sha512":"65f56222dec168c080584bdd90141775dc54a26b75df9b453255b5966292c7484bdde679cb5255ffa9114cb31b71b727902f042071f716793b817437c8d98573","ssdeep":"","tlshash":"e7d0a71fb8193434574608b92cbbea8db572696c617de115848ddc514464eda0c3db98","size":240,"data":"","first_seen":"2025-05-11T05:57:28.223671Z","last_seen":"2026-04-04T12:15:56.12055Z","times_seen":285,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4cdb6b91393da4abd0b0eedff0a766ec","sha1":"0d0c6b15551f06f0f04ab5b5e505a8474dd29cec","sha256":"dfd9f4cf2a2b6fd8a7c752ae0df81649f9b278aa3cf6e3f46459ffeec6544c1a","sha512":"7239fd43788d87884b369da9262b7e2a72c512cf8fb752ef4838115928fa39a1eea1d9c7262358bba044ee87d18664c16f27ea2566d5d8be780cd25937d5cfec","ssdeep":"","tlshash":"9db012421412fa7fbd7406e0c262cb50402aa8ad5a860010c07e074250cd5253305f8f","size":96,"data":"","first_seen":"2023-03-07T15:45:17Z","last_seen":"2026-04-04T12:15:56.121894Z","times_seen":507,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-04T14:49:52.254537Z","times_seen":102327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/static/js/jquery.js","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T14:30:00.612383Z","times_seen":60607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-04T14:49:52.254537Z","times_seen":102327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7887f171a781a08a9fc1b8a997b61201","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8c30e032b982a3730ada92d14ba0bf4","sha1":"cba7a9cc9d120c494b035bd6a61324974aba6f51","sha256":"d3194dcf7f9380ba69d7e4b8769d6a8eedfb78d39abfb4ca7edf228db5d58f1e","sha512":"8ef05c803acbb2f19d595456469ee8cfec12427c24303e91cca95cdb53e5ee759957faf89ac14a7009dde15644719879287b085f0cfc651f492c79b12e19b947","ssdeep":"384:X1JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:X14VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"7cd2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29895,"data":"","first_seen":"2025-06-07T06:00:57.485671Z","last_seen":"2025-06-07T06:00:57.485671Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/20/950X60.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/03/20/950X60.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 127443\r\nlast-modified: Thu, 20 Mar 2025 07:38:11 GMT\r\netag: \"67dbc5e3-1f1d3\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":127443,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 950 x 60","md5":"718d0fcb7f21db8cfc9f716aadcd3271","sha1":"1833e7c4e1e1808b03f79f31aa5d43b1cd45d75c","sha256":"cc9e87c5ac3930d85784e60223049a1d61b3d36d903d77135d00f9ed8146c1fb","sha512":"dc606551d1dcaefd2f1e6828e08a0354fc0aaed20ce91047242f5532431d6e4e385073a7f5f5bab41387f61990d54d3926eb549ef5ebaca5e8f0af0497745ffa","ssdeep":"3072:kitLYmw9REXVHnZaAZaA5onqJPxJSADQeML002wIxf4XRG:kiN/RxoOxJPcZL002Zf4hG","tlshash":"62c302358c01780568859130ba7774dcb29d9d36c8293bdce178394e6ec1a2ffd786a7","first_seen":"2024-07-04T07:59:36Z","last_seen":"2025-07-17T02:51:43.131368Z","times_seen":83,"resource_available":false,"data":null}},"time_used":1829,"timings":{"blocked":443,"dns":1,"connect":160,"send":0,"wait":599,"receive":392,"ssl":223},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/06/04/46345453.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/06/04/46345453.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 464173\r\nlast-modified: Wed, 04 Jun 2025 07:04:58 GMT\r\netag: \"683ff01a-7152d\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":464173,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"d27b8cd38872d542d70d1d524d4d7027","sha1":"ebfe8bcf9b1a3020dadb9b511bbc166e9cfd9d18","sha256":"95e30681052b858f351ef14c5a7b3fe2571030242075bc5bd2e30e2eba245f7e","sha512":"a36b44c4121bd147a9c3beca5b189acada38545f9b5f82bab5e81f29869917e0595847c58d7d9ed14b12c7f8ad08d54404030852b5edec9b2bdcb2d778d138de","ssdeep":"12288:7YNG7zNHOhENDbRcb1P2jknohjz0A9YLipGDkRh:sNGpz42kqWLiY4r","tlshash":"6da4233c535c9d2d59f6391aa427b9c90e7d547b2ec20a2fbbe3b0c7271923c6048da5","first_seen":"2025-06-04T10:34:17.359338Z","last_seen":"2025-07-01T18:24:10.239411Z","times_seen":37,"resource_available":false,"data":null}},"time_used":2121,"timings":{"blocked":430,"dns":4,"connect":153,"send":0,"wait":157,"receive":1203,"ssl":174},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/28/900-200.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/03/28/900-200.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 288653\r\nlast-modified: Fri, 28 Mar 2025 14:19:20 GMT\r\netag: \"67e6afe8-4678d\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":288653,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 900 x 200","md5":"d413d6564f6db3f8f68e1091144e746e","sha1":"d8c18dfab88c752e8cd0e80ed02e1d046cb2ff48","sha256":"a879e3c0f2886280d3d46314de8be373316dfba832853018be2a81b92fefdc1c","sha512":"ec99749aadaf674dca51116e48bbe4dcf03b5115b7ed87d5331cc3728e26b863a3115dd6bb306095f1958ff64f3fa43491e20ea664b54fc760fbaba40a75a305","ssdeep":"6144:bbO40fuztbttC1OTXTdvN5dbSDDv1qfZpbEDWhS3WK/EQK7zKkF0:bbywbttaaTZzo3v1YzbEDjmwkF0","tlshash":"dc5423a42852863cde5a88b4bc38e62054914c3f5c8574027a79d47de772bfef2bcd68","first_seen":"2025-04-01T19:07:35.027354Z","last_seen":"2025-06-21T17:43:13.324654Z","times_seen":44,"resource_available":false,"data":null}},"time_used":2112,"timings":{"blocked":755,"dns":0,"connect":0,"send":0,"wait":647,"receive":710,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.fjyyedu.com/388-960x80.gif","fqdn":"img.fjyyedu.com","domain":"fjyyedu.com","tld":"com"},"ip":{"addr":"123.6.18.20","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:32.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.fjyyedu.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 15 Apr 2025 07:38:14 GMT","end":"Fri, 15 May 2026 07:38:13 GMT"},"fingerprint":{"sha1":"7F:43:AC:F1:18:6B:32:B2:0A:05:20:F3:78:B7:34:A7:CA:79:85:1E","sha256":"3C:21:F3:A8:C2:B2:11:F0:27:93:C3:94:DA:CE:4E:59:AB:E3:39:07:3C:34:6B:CA:E3:13:01:F6:33:BF:BA:88"}}},"request":{"raw":"GET /388-960x80.gif HTTP/1.1\r\nHost: img.fjyyedu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444992.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Sat, 07 Jun 2025 06:00:34 GMT\r\ncontent-type: image/gif\r\ncontent-length: 282970\r\nx-oss-request-id: 68010B0A1275A36C54A145EF\r\netag: \"AA45CC96703850EC0193212A950C0F10\"\r\nlast-modified: Sun, 23 Mar 2025 06:32:58 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4708328741112908902\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000103\r\ncontent-disposition: attachment\r\nx-oss-force-download: true\r\ncontent-md5: qkXMlnA4UOwBkyEqlQwPEA==\r\nx-oss-server-time: 3\r\nx-cache: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":282970,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"aa45cc96703850ec0193212a950c0f10","sha1":"093c3dc4d498a20afdb58d3f79df6bbafa922baa","sha256":"285347a74deb2ff669f9e3a1e15e7191c5a6239c8381b165ec87403eab4aa34f","sha512":"d082dd6084df251afe21702344efabfdb45697cb1f6a14d591710a6fb401834082e005a2ca8717cdb58499439747958904908488690b4426f5af4153448bdb8b","ssdeep":"6144:54/gyWTeMgaDdacs7A54iHsZ1VdQctaoZJ5d5bv6meKCeDST87yCds:53wcs7yfHsZy699dTNjDG87yCds","tlshash":"d6541305f7ce6024018b21764523b3eda504cdf052b7b0e6ebb92961c70d8faf865af9","first_seen":"2024-12-21T01:21:33.806485Z","last_seen":"2026-02-18T09:59:45.334722Z","times_seen":2497,"resource_available":false,"data":null}},"time_used":3646,"timings":{"blocked":1248,"dns":708,"connect":257,"send":0,"wait":982,"receive":150,"ssl":292},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/css/font-awesome.min.css","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.602Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/css/font-awesome.min.css HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 01 Jun 2020 03:59:16 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5ed47d14-716c\"\r\nExpires: Sat, 07 Jun 2025 18:00:28 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29036,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28870)","md5":"19cc6875b7666438bda4970947c6e2a5","sha1":"4274869de2b4e0c7583d229883ac3d15a93cca4f","sha256":"f88fda84c45d9b780d504c8107293791d480ea55076f526d33b3bd18a27e20e7","sha512":"03ab90fee9da95c4c188d94f6115ef35ccde7c4154721f583c3ee11a4749e9d5c669cf3f815832a291ace99519b5914736d6dd1ed3ec65d052b814435f335473","ssdeep":"384:8u5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8SQ/8dwwdG:nlr+Klk3Yi+fwYUf8l8SQ/eC","tlshash":"cfd250e8e54c01d66731c48bff81b36862baf73dd5844d98f01f690c29d22a522c5fb9","first_seen":"2025-04-08T10:14:40.140802Z","last_seen":"2026-04-04T12:15:56.111975Z","times_seen":349,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":112,"dns":2,"connect":160,"send":0,"wait":160,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/3391/1372/1372-960x60.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"61.160.192.102","port":443,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 May 2025 09:32:29 GMT","end":"Sat, 23 Aug 2025 09:32:28 GMT"},"fingerprint":{"sha1":"FE:0F:50:D0:06:97:B9:D1:9D:99:95:2B:40:19:F9:F3:85:79:AA:DF","sha256":"72:59:3E:0F:C6:8D:77:68:F6:EB:0F:3B:B2:FC:45:C9:51:59:F3:13:82:2A:E8:C7:B1:D5:3B:4B:18:BF:89:4F"}}},"request":{"raw":"GET /3391/1372/1372-960x60.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 352323\r\nstrict-transport-security: max-age=5184000\r\ndate: Mon, 26 May 2025 11:04:24 GMT\r\nexpires: Wed, 25 Jun 2025 11:04:24 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache14.l2cn3059[0,0,304-0,H], cache4.l2cn3059[0,0], kunlun2.cn6425[0,0,200-0,H], kunlun2.cn6425[9,0]\r\nlast-modified: Mon, 20 Jan 2025 07:20:27 GMT\r\nvary: Accept-Encoding\r\netag: \"678df93b-56043\"\r\nage: 1018566\r\nali-swift-global-savetime: 1748257464\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 26 May 2025 11:30:49 GMT\r\nx-swift-cachetime: 2590415\r\ntiming-allow-origin: *\r\neagleid: 3da0c00c17492760304012114e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":352323,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"435499d04011ec9133fa9d5527ec9e73","sha1":"24e8f809d0112ac9fdba7e9c95ccace634c857fd","sha256":"b0716b1b4d8d192f4f86466d96518463d17d7775ce20d0c515a94eace4e7b3e6","sha512":"d83f66edcd7043f241d274d9307d93fbf9f6597defb4f2aef33b8a64a728be499aa534561d1fe43cc5004e5f478bdd02dac16d8052870a3897df3a835d0ef568","ssdeep":"6144:ovQ8jwY95jRi6nG/qRnCZd/JRJgaqiJFktJHXfuEMMCS+JHiE2AW:oIwXRisEZxJ5qRXXfu5fS+0E2AW","tlshash":"177423888e370663a45c5eeed2ff2bb35e426ed2c0346f59a0b73b1a813355b590b1c5","first_seen":"2025-01-30T13:52:53.164441Z","last_seen":"2025-12-28T07:04:58.339202Z","times_seen":316,"resource_available":false,"data":null}},"time_used":2850,"timings":{"blocked":477,"dns":631,"connect":287,"send":0,"wait":721,"receive":434,"ssl":297},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/22/960X70.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/03/22/960X70.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 102783\r\nlast-modified: Sat, 22 Mar 2025 15:01:10 GMT\r\netag: \"67ded0b6-1917f\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102783,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 840 x 70","md5":"1da10991e0fab0cb6ac8bbbaff0bb8f5","sha1":"995587a43f6360e7b473d5cdec2b702e56f16058","sha256":"0d10a1c4fa5731e86d4403ada1be6ed14b92518db7ced0f68e6d978ffd06bc39","sha512":"166dcf7f4a6c4cf40a5cffe76b984e462e9123b51d3bb70f8f281f7013d5fafe7483d3e3f70c31ed417f166658edce09a2b12724bf07127cbf6fd5ec456fe08d","ssdeep":"1536:Uf8pU7kI39cCXG/uG/uGPCm5UotEyZWtTwcNZ4hVHz6xQgzrxQgzrT5Q3xSZ+:cY+kI3KC1mWo2YuwBlOBhQ3K+","tlshash":"b1a302e7be37362b43a797b03cc3215e0ad294811f51956ace1a4665e4332fd199ce3c","first_seen":"2023-12-25T03:17:51Z","last_seen":"2026-04-04T12:15:56.088328Z","times_seen":412,"resource_available":false,"data":null}},"time_used":1817,"timings":{"blocked":440,"dns":4,"connect":160,"send":0,"wait":605,"receive":380,"ssl":222},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/img/icon_seacrh.png","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:29.201Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/icon_seacrh.png HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/statics/css/stui_default.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 348\r\nLast-Modified: Mon, 23 Jul 2018 17:00:44 GMT\r\nConnection: keep-alive\r\nETag: \"5b5609bc-15c\"\r\nExpires: Mon, 07 Jul 2025 06:00:29 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"f77344071bd77c499961fe76810f9270","sha1":"90ee6dc9968c857f546c60943c68dbc1dba1b8cc","sha256":"c35811436039fbd6efc50c0bb111831d8bf6d9afbe92a46a038cd9efb34738af","sha512":"419706e2817c1d4357cd9cb27cce9d5fd01da92743f0837114c2c5cfdb45ab9e54dd3a9e14196800c678d7c09125ba31b8bc9c3ea2920e3a0e9af2b2acc5accc","ssdeep":"","tlshash":"26e0c0dfe781f63d8aea7921c74c08048c3b194e1b705d9c0d1e41b42e31519c9d6642","first_seen":"2023-05-12T08:10:23Z","last_seen":"2026-04-04T12:15:56.083929Z","times_seen":920,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":367,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"333eee999eee.com/060de9292e8f4438808994e979e23b36.gif","fqdn":"333eee999eee.com","domain":"333eee999eee.com","tld":"com"},"ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"333eee999eee.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 May 2025 06:14:43 GMT","end":"Tue, 12 Aug 2025 06:14:42 GMT"},"fingerprint":{"sha1":"08:DE:D8:D5:1D:D8:0C:8C:B7:C2:B2:8B:8E:8E:FC:B3:8B:30:47:3C","sha256":"9C:B5:A7:B9:7F:B6:1D:9C:C2:24:01:03:F9:E6:DF:2A:A9:1C:B1:00:36:A0:20:7A:B5:3E:52:47:D9:6D:75:B4"}}},"request":{"raw":"GET /060de9292e8f4438808994e979e23b36.gif HTTP/1.1\r\nHost: 333eee999eee.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 519540\r\nlast-modified: Thu, 03 Apr 2025 07:00:31 GMT\r\netag: \"67ee320f-7ed74\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":519540,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"60e1c0f876b706692c2cbe1acd30a930","sha1":"1c53805587aa5e9f1ac3330db493a71d1e079d1f","sha256":"8aabc04551c9ac6f90015d382ff43f2dc650ea9eb34e7eb00a1e6be92a6ae407","sha512":"6ef3cfb1cde9c7febb137f61862cc2502bbfaa0b11077d295c2e72fa4a2028dd34f2b487244d7dfff9c1c53fb6bd04e7a3de07bea1a217189a2c4cd5bda8df42","ssdeep":"12288:3BamBamBamBamtJtJtHBmImIm6/OkX+qmhrMM3/OkX+qmhfgggr:FffHULL6/VX+qm2M3/VX+qmk","tlshash":"ddb4122bce37e861d46fb30269bc062a811e654a1cbfb5507773ab77016a44cb0ddc6e","first_seen":"2024-10-04T17:54:07Z","last_seen":"2026-03-20T17:54:44.975598Z","times_seen":751,"resource_available":false,"data":null}},"time_used":2063,"timings":{"blocked":466,"dns":353,"connect":148,"send":0,"wait":298,"receive":638,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/i/33333/xxxpj-960-120.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"61.160.192.102","port":443,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 May 2025 09:32:29 GMT","end":"Sat, 23 Aug 2025 09:32:28 GMT"},"fingerprint":{"sha1":"FE:0F:50:D0:06:97:B9:D1:9D:99:95:2B:40:19:F9:F3:85:79:AA:DF","sha256":"72:59:3E:0F:C6:8D:77:68:F6:EB:0F:3B:B2:FC:45:C9:51:59:F3:13:82:2A:E8:C7:B1:D5:3B:4B:18:BF:89:4F"}}},"request":{"raw":"GET /i/33333/xxxpj-960-120.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 80238\r\nstrict-transport-security: max-age=5184000\r\ndate: Mon, 26 May 2025 11:04:24 GMT\r\nexpires: Wed, 25 Jun 2025 11:04:24 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache9.l2cn2629[0,0,304-0,H], cache46.l2cn2629[0,0], kunlun7.cn6425[0,0,200-0,H], kunlun2.cn6425[1,0]\r\nlast-modified: Sun, 18 May 2025 10:26:13 GMT\r\nvary: Accept-Encoding\r\netag: \"6829b5c5-1396e\"\r\nage: 1018566\r\nali-swift-global-savetime: 1748257464\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 26 May 2025 11:19:04 GMT\r\nx-swift-cachetime: 2591120\r\ntiming-allow-origin: *\r\neagleid: 3da0c00c17492760303332014e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":80238,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"5c2be7b35f6a5c74df659dde20744f7a","sha1":"7f1e34623f3153d271eb557cc08f811677f4fccc","sha256":"2ab332e13c5728d345d52e0fc05bb6098d038a80a03055714d43f08e1a90b9d6","sha512":"096275415c10f1be9fdf210ebdddeab80eef7aa0593dfa5a88e09f5620e3ec796407a5a61ba1d4c0d6fc09a9b9d8494a2ccb7816a3739fc0a9f78b9629e7cf66","ssdeep":"1536:47PcFQTDbP/P/4UUVIEkGSmPfB8OAjKuc4RPG9zb0sIlJCA8WE:HKj/4BVIrA8Zj4iGpbTeJCA8z","tlshash":"3273120e45026bc3fafe603a37e95f7b212a2a71b561b86d3e1bb56d3504d2d43271c0","first_seen":"2025-05-27T02:04:19.764362Z","last_seen":"2025-06-29T03:20:11.341901Z","times_seen":46,"resource_available":false,"data":null}},"time_used":2126,"timings":{"blocked":461,"dns":631,"connect":236,"send":0,"wait":243,"receive":272,"ssl":282},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.537images23.com:6699/images/cc960-80.gif","fqdn":"images.537images23.com","domain":"537images23.com","tld":"com"},"ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.537images23.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 19 Apr 2025 03:04:22 GMT","end":"Fri, 18 Jul 2025 03:04:21 GMT"},"fingerprint":{"sha1":"EC:F9:69:48:8A:E0:4C:3E:91:D9:6B:7E:F9:A4:FD:F1:38:AF:56:E1","sha256":"F5:2F:89:FC:0A:D7:05:A8:36:26:0A:AC:03:9C:12:BC:74:7F:4A:90:F3:51:8B:9F:C7:38:AC:98:B1:22:F9:E0"}}},"request":{"raw":"GET /images/cc960-80.gif HTTP/1.1\r\nHost: images.537images23.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 05:47:37 GMT\r\netag: \"672db7b7-73e90\"\r\nlast-modified: Sat, 07 Jun 2025 05:47:38 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 474768\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":474768,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"bcd29a0c575d452a77662e537168e3e0","sha1":"5c9065d710653a13657ac5ee8dab6b2e869d15d2","sha256":"cb3e2c5ff473d4cc41fc584935127947dff00e82b64293432c542e2f72a1831a","sha512":"5083a517190af083c61f21ce749c6725958083b17ea26851ecd422fda5486f5cea241b5f03c8b1955250800fd80439c68a3754feb27d3020bc5a8886e2e5cb25","ssdeep":"12288:hR5jbQLLbPReXFkpVfaTAlSMUFEng31W956goZABRJ:hRx8HbPEyVkAPj21W9QgoZA5","tlshash":"e3a42300483d7a25985a1ddc6ae88ffb18da755577e88c531ceb39c2b12f8f2d4a0d2d","first_seen":"2024-12-02T22:27:30.895702Z","last_seen":"2026-04-04T14:12:03.470264Z","times_seen":679,"resource_available":false,"data":null}},"time_used":4314,"timings":{"blocked":452,"dns":1025,"connect":239,"send":0,"wait":239,"receive":1176,"ssl":1171},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-07","alert":"Sinkholed","trigger":"537images23.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/06/03/960x60.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/06/03/960x60.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 56136\r\nlast-modified: Tue, 03 Jun 2025 08:39:47 GMT\r\netag: \"683eb4d3-db48\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56136,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"89334926d4d97c45643c8c15f6e6bc46","sha1":"6adcefc3b8614b07fd7705d6ec9654dec8a7893e","sha256":"71ea07f428407526623448c6271a47878c911f8f64c52f4a9faefd4675870d84","sha512":"de342d143b2428a69edeed01890b852f31327380f0c9ab2e0cfde88d49b2253413b181e33ca60f0ce973589279b4f1f2c5abdd54cd41eaf1320dabcdd145d238","ssdeep":"1536:dWX2RmkZoI+eTGD4vQazuo1iSXL2FOfJ9TQGpgS0/Qa8:VRNu2Gk2oYSb2UfTpAQa8","tlshash":"8743f13cda8f55c8f73bd0f9e9c9e2a64a44693123e81173d9925bedd46090400aefb2","first_seen":"2025-05-27T02:04:19.776614Z","last_seen":"2026-01-13T08:36:19.875397Z","times_seen":108,"resource_available":false,"data":null}},"time_used":1918,"timings":{"blocked":772,"dns":0,"connect":0,"send":0,"wait":647,"receive":499,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"555sx.img1368680550.com/8888/samsung/80.gif","fqdn":"555sx.img1368680550.com","domain":"img1368680550.com","tld":"com"},"ip":{"addr":"156.231.117.216","port":443,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"555sx.img1368680550.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 May 2025 05:50:13 GMT","end":"Sun, 03 Aug 2025 05:50:12 GMT"},"fingerprint":{"sha1":"49:FD:48:13:85:1C:91:60:F1:F1:B2:01:38:86:37:A9:82:FB:0C:C4","sha256":"E1:E9:EB:A3:25:19:B9:E6:B8:31:62:E7:1A:28:D9:DF:E6:64:9E:9F:90:4E:E8:9E:89:66:4A:C2:9A:B6:BC:5C"}}},"request":{"raw":"GET /8888/samsung/80.gif HTTP/1.1\r\nHost: 555sx.img1368680550.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 05:07:23 GMT\r\netag: \"6833726c-598ec\"\r\nexpires: Mon, 07 Jul 2025 05:07:23 GMT\r\nlast-modified: Sat, 07 Jun 2025 05:07:52 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 366828\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":366828,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"714842ca65ed8ea5d04ed6ddd316c792","sha1":"8368112f61e5604f03e8b339dcf24b41deaf8394","sha256":"cd7fbca0c60e9053c4d7f9943f41d5047da189f85724089766cca329b8a66ff7","sha512":"3f4788bc8dfc6391131910c33c2f7db56f1c9cbb839b90522eebf4922b1f8c2d183adc279bfa41d017b12a21e2ac55c0d9ed71dbea15db4920754019cd20940e","ssdeep":"6144:wAR4Fyvx8rgvx8rgvx8rgvx8rgvAUtrHTtrHTtrHTtrHGyyqNDrJKqNDrJKqNDrY:huyKEKEKEKE9lzlzlzlRbh9h9h9h8","tlshash":"437412718fee0550372c3b685a326e311c6ff4b5903c8a3b3f855075baa91eda486c67","first_seen":"2025-05-27T02:04:19.772207Z","last_seen":"2025-07-21T06:37:04.244699Z","times_seen":380,"resource_available":false,"data":null}},"time_used":4953,"timings":{"blocked":418,"dns":2279,"connect":244,"send":0,"wait":246,"receive":1293,"ssl":472},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2024/04/02/58ee3d6d55fbb2fb04d1c429094a20a44623dc17.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2024/04/02/58ee3d6d55fbb2fb04d1c429094a20a44623dc17.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 505775\r\nlast-modified: Tue, 02 Apr 2024 11:11:24 GMT\r\netag: \"660be7dc-7b7af\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":505775,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 750 x 80","md5":"c26316acdf7138cc40514fb1ebb4d1a3","sha1":"61900ab6b13d8aba5a92328c7b9ca4f869a9b487","sha256":"70e80e59f3946f02968c979b5b0759f383cac9d86398b62d565f4ed5d541fd00","sha512":"d16b58b68f3bf30456de27550364eba9c16865175f3778cb5198978d05b805733ecbaaea337b9ed7ba999631f7d11715eb74b3304ccfae0ee72920698ed3fb79","ssdeep":"12288:1FZ6ZQLKyiAOUAOlPTriDnZTriDnZTriDnZTrQoR8JXoR8JXoR8k:1FZ6ZQLZW4PsssxGWGWGk","tlshash":"25b412b7dcbaf2164d1be561362f721b4d9a046fbd2f361ebb909c49b8a117704c08c6","first_seen":"2024-04-18T08:55:23Z","last_seen":"2026-04-04T12:15:56.116668Z","times_seen":594,"resource_available":false,"data":null}},"time_used":2071,"timings":{"blocked":813,"dns":0,"connect":0,"send":0,"wait":663,"receive":595,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"777eee333eee.com/4ac4866a2b0a497f8ae48711157a6b67.gif","fqdn":"777eee333eee.com","domain":"777eee333eee.com","tld":"com"},"ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"777eee333eee.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 14 May 2025 00:00:00 GMT","end":"Tue, 12 Aug 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CF:6B:FD:9B:D4:91:6E:EC:A2:95:13:3B:19:E0:F7:C1:3A:93:CD:EB","sha256":"F3:F1:EF:22:7F:B9:D5:66:C5:0C:DE:98:8C:F3:85:26:FB:E1:19:DA:21:E6:87:92:25:FC:F9:A5:7C:52:65:2B"}}},"request":{"raw":"GET /4ac4866a2b0a497f8ae48711157a6b67.gif HTTP/1.1\r\nHost: 777eee333eee.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:31 GMT\r\ncontent-type: image/gif\r\ncontent-length: 319389\r\nlast-modified: Sat, 31 May 2025 06:15:15 GMT\r\netag: \"683a9e73-4df9d\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":319389,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"44a7a32e066fa57725e443555b90e10c","sha1":"d2c8d9e6ed563d89a31e1543d6fd94be784379c7","sha256":"c56f2d49626d9c82c3e0911d8f031b37abaa49a2b0c8b8fa9c1c75e769b94f23","sha512":"410c9c9fcbdfe730eb9c2d9f03d96c47ae5565726d0f3231326cf3db6e5ae08397dbce39ab2c43468ec7bcc9d109594fb4acbbab2cdf413fd99a2e0bb628b007","ssdeep":"6144:se89hv/+e89hv/+yGK3J4VRbsizkJ4VRb4MPmczSmokpa3TkBV4MPmczSmokpa30:DWX1WXTRZEz2jMOc0kMZMOc0kMJC","tlshash":"fc642382dd8712828a1a49f1051e4b0adc1a0d93fd71e7a1ed6b33fa7d7435c21fa4e8","first_seen":"2025-05-31T19:36:29.855697Z","last_seen":"2025-08-23T21:51:53.473291Z","times_seen":36,"resource_available":false,"data":null}},"time_used":3135,"timings":{"blocked":469,"dns":352,"connect":154,"send":0,"wait":221,"receive":591,"ssl":1347},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-06","alert":"Sinkholed","trigger":"777eee333eee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yh526.tkzqv.com/yhgifjiami/awesome/960x60-2.gif","fqdn":"yh526.tkzqv.com","domain":"tkzqv.com","tld":"com"},"ip":{"addr":"61.243.20.19","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yh526.tkzqv.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 26 May 2025 08:21:33 GMT","end":"Sun, 24 Aug 2025 08:21:32 GMT"},"fingerprint":{"sha1":"6A:0E:47:3C:78:B3:2A:E1:04:43:64:85:FC:8C:A8:D4:C9:12:34:D9","sha256":"5E:AC:D5:AC:A1:5B:9B:08:7A:9A:0A:8D:0D:0C:4F:F0:76:BD:DA:37:F8:22:54:35:61:3C:86:12:8D:68:D6:36"}}},"request":{"raw":"GET /yhgifjiami/awesome/960x60-2.gif HTTP/1.1\r\nHost: yh526.tkzqv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Jun 2025 06:00:32 GMT\r\ncontent-type: image/gif\r\ncontent-length: 244117\r\nserver: openresty\r\nlast-modified: Wed, 30 Apr 2025 02:41:41 GMT\r\nvary: Accept-Encoding\r\netag: \"68118de5-3b995\"\r\nexpires: Thu, 26 Jun 2025 07:02:49 GMT\r\nvia: CHN-GZguiyang-CUCC3-CACHE12[2],CHN-GZguiyang-CUCC3-CACHE12[0,TCP_HIT,1],CHN-JSyangzhou-GLOBAL1-CACHE114[7],CHN-JSyangzhou-GLOBAL1-CACHE90[0,TCP_HIT,1]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 019e95cb02b630cf14c4e06b084db743\r\nnginx-hit: 1\r\nage: 946620\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=5184000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":244117,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"d876263724d3fe5f61329423eee53459","sha1":"a6d1dc66287047dcd56e0c80804908415065c5ca","sha256":"4538c76a09daeab10ab79d131ba28198b833e6cc8ea12f1053e426400b8f1525","sha512":"884fafa6038a49ae1c28b18c97dd8ab6eb5a8eac1e3f70ea570e71e293acafc8019136d8e5c7304b19049b8f8676c59dacb8bfa468fc68974465ac2ccdee1ebf","ssdeep":"6144:X/cnFjLZ3MEH7gtrZiTzoLpaplwFx8LH6cNB:wFHG2QFW8iJH6+B","tlshash":"3134122bda4a36011db770e0f7324e021a56d7c16038e273a9fe3ee552672627dd3672","first_seen":"2025-05-11T05:57:28.16541Z","last_seen":"2025-06-07T06:00:57.459754Z","times_seen":15,"resource_available":false,"data":null}},"time_used":4649,"timings":{"blocked":461,"dns":2253,"connect":263,"send":0,"wait":307,"receive":944,"ssl":421},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.607images.com:6699/images/960x60-1.gif","fqdn":"images.607images.com","domain":"607images.com","tld":"com"},"ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.607images.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 May 2025 15:47:36 GMT","end":"Fri, 01 Aug 2025 15:47:35 GMT"},"fingerprint":{"sha1":"26:9F:3A:9C:98:6B:4E:86:DA:83:BE:69:97:1B:A7:C0:A7:9D:7B:6E","sha256":"19:EF:8D:59:63:0B:B8:E7:25:C8:17:38:E4:C9:BC:1F:39:AE:6D:54:22:4F:4B:15:68:80:6F:B2:33:5A:91:DD"}}},"request":{"raw":"GET /images/960x60-1.gif HTTP/1.1\r\nHost: images.607images.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 05:46:37 GMT\r\netag: \"67a5d15a-60aac\"\r\nlast-modified: Sat, 07 Jun 2025 05:46:37 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 395948\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":395948,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"8059e22f7e86e84ac0f3f65d456ae3c9","sha1":"1dd26cbfa77f9d41325b8268c121e02edd6643a6","sha256":"cee2efd7da7ba5f56fd37b2c734db6d97db93963db35eea1a6af42597922e63f","sha512":"a4ed69050a656895213b066021b2388f62d76c37be5161a73badc5ab698f1706623d7d89b627755504c971ff13123c905b1991faf7a1f752d26b5fe532c6f323","ssdeep":"12288:HZjhLotS1MqiJw8qJNckkylwI6qoG4er6JeUUo:5jxohqIlqTcEb6qoNeruwo","tlshash":"8484230abc0d0cb9fb9675982f727dd01eb868ce785d533a68c5399005e927db444af3","first_seen":"2025-02-22T07:16:05.389354Z","last_seen":"2026-04-04T13:30:05.79632Z","times_seen":1046,"resource_available":false,"data":null}},"time_used":4266,"timings":{"blocked":456,"dns":1117,"connect":260,"send":0,"wait":239,"receive":1126,"ssl":1020},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"777eee555eee.com/a61f77a18e1145a9ac6bf306fd7fa251.gif","fqdn":"777eee555eee.com","domain":"777eee555eee.com","tld":"com"},"ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"777eee555eee.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 14 May 2025 00:00:00 GMT","end":"Tue, 12 Aug 2025 23:59:59 GMT"},"fingerprint":{"sha1":"D3:72:5B:48:66:3B:79:6C:84:38:37:9C:C2:C6:2F:57:FA:BC:7C:F8","sha256":"E8:6C:B5:B7:49:11:27:68:81:4D:1E:4C:81:C8:55:95:92:E8:4C:29:29:FC:22:DD:AF:13:16:AD:0E:B6:82:E5"}}},"request":{"raw":"GET /a61f77a18e1145a9ac6bf306fd7fa251.gif HTTP/1.1\r\nHost: 777eee555eee.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:31 GMT\r\ncontent-type: image/gif\r\ncontent-length: 794947\r\nlast-modified: Sun, 20 Apr 2025 06:47:25 GMT\r\netag: \"6804987d-c2143\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":794947,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"fd4dc53c49dec4f03bfdee5e8cb17967","sha1":"32c1b4810a444f08814892309516c2cb21f350b2","sha256":"eb2c67124cdbcbfcd845a873260ca4868bb555e49693ddf1c61543fbdb33e3b5","sha512":"d2edef873a25d5643ce92be5047db013d52f3298d4f57daae5f2c8ad9634745219a880b13880524bae99a8f0b4080c18b645270a2fd00ba1f76a0f805249aede","ssdeep":"12288:l8FXVyKxlhWCyKxlhWCyKxlhWCyKtURXfHGfHGfHGfHGVBE+o+o+o+34i5GNUuPM:l8FljjjqR/OOOngCPgCPgCPgCPgd","tlshash":"00f422fd63357a56ba1254bec891aa25ff81e1391711742b2883bdca362237cb4d1cf4","first_seen":"2025-04-10T19:18:00.081449Z","last_seen":"2025-06-25T09:26:23.280137Z","times_seen":166,"resource_available":false,"data":null}},"time_used":4240,"timings":{"blocked":450,"dns":1976,"connect":150,"send":0,"wait":297,"receive":721,"ssl":645},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-07","alert":"Sinkholed","trigger":"777eee555eee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=97D5FD3399E2FE57\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1277378857\u0026si=7887f171a781a08a9fc1b8a997b61201\u0026su=http%3A%2F%2F2115ck.cc%2F\u0026v=1.3.2\u0026lv=1\u0026sn=15813\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2F444992.xyz%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:32.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /hm.gif?hca=97D5FD3399E2FE57\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1277378857\u0026si=7887f171a781a08a9fc1b8a997b61201\u0026su=http%3A%2F%2F2115ck.cc%2F\u0026v=1.3.2\u0026lv=1\u0026sn=15813\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2F444992.xyz%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Sat, 07 Jun 2025 06:00:32 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=391D4CEAE07D4BF7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T14:49:52.250845Z","times_seen":327084,"resource_available":true,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"2115ck.cc/","fqdn":"2115ck.cc","domain":"2115ck.cc","tld":"cc"},"ip":{"addr":"198.16.60.60","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-07T06:00:26.289Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 2115ck.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.0 200 OK\r\nConnection: close\r\nCache-Control: max-age=259200\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 423\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":423,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (423), with no line terminators","md5":"2232294fb48cadcfd7d9c8fad8e87c02","sha1":"5e2bb2dab36ae0737c5744439dfe4ff069592d60","sha256":"2fa6bb52f8e0fce38b81ab3babe3a0518a8c306f3f03db75244b133609f92e7a","sha512":"5088f1b1b48d128d1d6f94d61c0e14e368bf9c9709826715a6ea34cfb2bc3e83aa70abdb5866dcf4435eb963bf6c1703241381bb8d7da6487246d3210eedada9","ssdeep":"","tlshash":"6ce0ecf7289185306df53287db93bb552d1251c72a01b40150485ca5a51cf8ec63de99","first_seen":"2025-05-11T05:57:28.163433Z","last_seen":"2025-06-21T07:19:02.753589Z","times_seen":13,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":155,"dns":0,"connect":154,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/static/js/jquery.js","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.598Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/jquery.js HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 04 Aug 2016 14:39:10 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"57a3538e-169d5\"\r\nExpires: Sat, 07 Jun 2025 18:00:28 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T14:30:00.612383Z","times_seen":60607,"resource_available":true,"data":null}},"time_used":651,"timings":{"blocked":109,"dns":2,"connect":155,"send":0,"wait":162,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2024/06/08/6662eda7a97f0204d37e1da5.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2024/06/08/6662eda7a97f0204d37e1da5.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 700682\r\nlast-modified: Sat, 08 Jun 2024 04:02:45 GMT\r\netag: \"6663d7e5-ab10a\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":700682,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 750 x 80","md5":"7b25222bb9335d03824dabc0734f9ce7","sha1":"985ced82b60470ded947469bb9c1012ca87d8eb8","sha256":"f5e997f8942156a3166acd8e27cb128e32d36bca447909d1549ee189c98299b3","sha512":"479063bd22df7d31fde204f0b4f04800a56106af5b0013a5f93526a7bb71223ab9835de334af55d56fda7baf15396b601781677785424705a124c0160fa9d66a","ssdeep":"12288:yrw51cJ1cJ1cJ1cJ1u+5X+X+X+X+TBUs11Bs11Bs11Bs11Bs7:Cw5+J+J+J+JB71q1q1q1G","tlshash":"56e41243de8f4dc26d33686172d07b09abb234e46989dff436219f06f27b12698361d6","first_seen":"2024-07-04T07:59:35Z","last_seen":"2025-07-22T03:27:59.380077Z","times_seen":154,"resource_available":false,"data":null}},"time_used":2101,"timings":{"blocked":806,"dns":0,"connect":0,"send":0,"wait":663,"receive":632,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gif.fpaixfl.com/hk1991-960x80.gif","fqdn":"gif.fpaixfl.com","domain":"fpaixfl.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gif.fpaixfl.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 13 May 2025 08:25:46 GMT","end":"Fri, 12 Jun 2026 08:25:45 GMT"},"fingerprint":{"sha1":"11:B7:77:59:64:2F:0D:C2:C2:C9:B2:65:F4:5A:A0:50:AA:CC:F2:20","sha256":"C5:5E:2A:26:BE:AA:3D:91:5C:5C:AE:2A:BB:6E:03:42:82:05:56:B7:F0:5D:98:A1:2A:67:DB:72:98:95:7E:61"}}},"request":{"raw":"GET /hk1991-960x80.gif HTTP/1.1\r\nHost: gif.fpaixfl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: NgxFence\r\ndate: Sat, 07 Jun 2025 06:00:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.fjyyedu.com/hk1991-960x80.gif\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":425369,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":3823,"timings":{"blocked":449,"dns":2301,"connect":339,"send":0,"wait":335,"receive":1,"ssl":395},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN01oqVTW922AEo3fu1jP_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN01oqVTW922AEo3fu1jP_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 87689\r\ndate: Sun, 18 May 2025 15:34:50 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.011\r\ntraceid: a3b53a9a17475824900396222e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache15.l2de3[0,0,200-0,H], ens-cache5.l2de3[7,0], ens-cache9.se2[0,0,200-0,H], ens-cache7.se2[9,0]\r\naccess-control-allow-origin: *\r\nage: 1693540\r\nali-swift-global-savetime: 1747582490\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 22 May 2025 10:50:17 GMT\r\nx-swift-cachetime: 31207473\r\nvary: Accept\r\ns-rt: 9\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17492760304045625e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87689,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"cbb3ab85c1a3f7008747cafc64bc978c","sha1":"b8301698c308b6ac8fa4bb4b05439aabf982e7ec","sha256":"76f07af094179aca31d0691f5b1910aa397e7da2e89279044e7dc7307d06dc39","sha512":"9464c31e2e53c64c9a93e7892f89a63ce2785f4c7e70fd29a2fdb0c8cff756d97542329678de91d4ff6a54b2692a1c3a7e349dbfd80a270293da795079b8db3a","ssdeep":"1536:OFrtWfsMAWh+d+4WBk8S3oWJ0NM1zlDVFegwTcfgYr/k8/KJijguAa/oWGE4QHzH:atWfsvtW5NWxVszTcR0JUgzRUavN6YSP","tlshash":"ed83020a51d91ab21520cbaff3ac24f71b2a8333d5447c33ab9ef96b96400bc6077935","first_seen":"2025-05-30T02:20:34.281798Z","last_seen":"2025-08-25T21:22:14.994534Z","times_seen":303,"resource_available":false,"data":null}},"time_used":1835,"timings":{"blocked":437,"dns":1280,"connect":7,"send":0,"wait":39,"receive":18,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.looknewpoint.com/images/f33efac9-d8cd-42b3-8d69-703bf3a205b1","fqdn":"img.looknewpoint.com","domain":"looknewpoint.com","tld":"com"},"ip":{"addr":"154.19.69.23","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.looknewpoint.com","organization":""},"issuer":{"commonName":"WoTrus DV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Sun, 01 Jun 2025 00:00:00 GMT","end":"Mon, 01 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CF:56:E1:4D:BD:EC:9C:38:65:96:AD:97:BF:4D:D9:C5:9F:CF:6C:41","sha256":"BF:8D:60:21:B4:41:F2:37:5A:05:AE:25:79:29:C3:10:33:CA:C5:AB:18:34:1D:2F:49:B9:1F:32:EE:E3:AC:42"}}},"request":{"raw":"GET /images/f33efac9-d8cd-42b3-8d69-703bf3a205b1 HTTP/1.1\r\nHost: img.looknewpoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ndate: Sat, 07 Jun 2025 06:00:32 GMT\r\nlocation: https://cbu01.alicdn.com/img/ibank/O1CN01Kq6DZR1DbDji3Ipw9_!!6000000000234-1-cib.gif\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nx-cache: HIT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":678863,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":4276,"timings":{"blocked":434,"dns":1580,"connect":261,"send":0,"wait":309,"receive":1,"ssl":1690},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/06/04/960x300.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/06/04/960x300.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1054785\r\nlast-modified: Thu, 05 Jun 2025 00:56:33 GMT\r\netag: \"6840eb41-101841\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1054785,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 300","md5":"c4b8d4731d12fbbf9e5532d1f059226f","sha1":"40b756528de302dacc80fb0287c2619a472bc5a6","sha256":"d8fee63ba5533c374a1010d2e1f557658ca57af281d7785b3bd196956722e72e","sha512":"5cb73319baaf711092427838586bbdb6693d2f3af34be12b812bc5332d278765a8dd4942fe4f7f82bf077744efed89feeaa307af433830e151f723f36646b0ac","ssdeep":"24576:p3qWOTSEknf/X6Z/e5bPt7/hGTh59WOOOC0dieW6P0g1trmfFNydSycA:kWOCf6Z/ir0UCPh1Gvy4A","tlshash":"5d25332e01aae0a7dec7ad9216fb8d9439011c6fbe67ec147f17c689711913e1331b86","first_seen":"2025-06-05T23:00:03.457594Z","last_seen":"2025-06-24T07:37:47.431614Z","times_seen":27,"resource_available":false,"data":null}},"time_used":2262,"timings":{"blocked":432,"dns":4,"connect":156,"send":0,"wait":611,"receive":834,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-07T06:00:28.014Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://2115ck.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":68447,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60370), with no line terminators","md5":"085becc135809a09efec928d59d5244d","sha1":"7d1682c7af63e0b1333cad3ba9f243b48450aac4","sha256":"4500173c69f3905fa965347c2375c9172614e9b4fe4fe204566254a1c905e2fa","sha512":"5652827f44c4f577d0eaaf253b20f36b743a04d39a8f23e5cdc2f92efe8c0a093b46cb1df1b1e691adf63675f16d977f6b0f225f0876aa57b9d508afb1a2b2b3","ssdeep":"384:hMrsp/cmmIIPHSCoKiOMjl3Jb3QyeabBP64YGTH4RQ/5KSHhPahkbA51EJymQ3q8:66U3IIPHW6QPrHb6Y4ReHHhJJyZqv0","tlshash":"3e6341a28492253b52bbcadee19867df79d392dec2034d04fbfc225827ced55b01911e","first_seen":"2025-06-07T06:00:57.467162Z","last_seen":"2025-06-07T06:00:57.467162Z","times_seen":1,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":154,"dns":1,"connect":155,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/css/stui_default.css","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.595Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/css/stui_default.css HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 17 Nov 2020 14:36:35 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fb3dff3-28ad\"\r\nExpires: Sat, 07 Jun 2025 18:00:28 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10413,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"5a3c0ce9592915ab5b2d4b3482765e05","sha1":"45e21e6502ffbfbe428adfe164e191402167c7d0","sha256":"082d956e596273304f9d8544ec324c9a9a56e26123a56b0a076f5ec3f2973119","sha512":"c313d09c6cc4815f75916011cfab8367c353c114eea1bf0d2a1471c49b7fe070d10eac7310fda6b9d8c7d4301df789cd7edabfe30d9f58053bbbfe46907f8e50","ssdeep":"192:hvTUqr2artW7CxRlgXoSB6RDD7QM/LIWizgRVo:hLUqrLrtWClgXojzQM/LAzgk","tlshash":"cb223421d7002905b07f9faabdb3db9e63229063d3054efdbd513869d78e4e944b22c9","first_seen":"2025-04-08T10:14:40.167409Z","last_seen":"2026-04-04T12:15:56.107226Z","times_seen":348,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:31.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444992.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 273082\r\ndate: Sun, 13 Apr 2025 01:58:19 GMT\r\nlast-modified: Sat, 12 Apr 2025 11:47:07 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.031\r\ntraceid: a3b5fdad17445094993892372e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache34.l2fr1[270,270,200-0,M], cache19.l2fr1[271,0], ens-cache37.fr6[0,0,200-0,H], ens-cache27.fr6[1,0]\r\naccess-control-allow-origin: *\r\nage: 4766532\r\nali-swift-global-savetime: 1744509499\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 13 Apr 2025 01:58:19 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: a3b5fdaf17492760312786805e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":273082,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 80","md5":"e177d0a4d35da475cd7719317ff6b8f9","sha1":"bfd3b08a0bba91c7b03e7f67f1c2ce6c3c4f30c3","sha256":"291cdacbef5e7ea7ad0a0455bcac9c825fd0e27f50a05e0d37ad906c111e7a70","sha512":"90640282f3a18f753d4fc7b7d1b0b4b49d5ad94dfc621b2dfab781cfc62c06d5f4d4d64fdd3ac20a9c5574831da30bc2c15f4c48466b45ae27389071569f02c5","ssdeep":"6144:Zvdaf9xf9xf9xfmCAkkka3cIMpfcIMpfcIMpfcI3YzTUTUTUd:Z4f9xf9xf9xfmCAkkka3cJfcJfcJfckT","tlshash":"fb44f1f9c69b86f7f414c73aca7202d980d8c91bef87d28a3e2d06474b65b5a4704772","first_seen":"2025-04-13T04:07:52.734619Z","last_seen":"2025-06-12T21:21:56.532003Z","times_seen":244,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":34,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vezknp-1005-ppp.oss-accelerate.aliyuncs.com/siteadmin/upload/img/1904394283844902914.gif","fqdn":"vezknp-1005-ppp.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 06 May 2025 02:12:11 GMT","end":"Tue, 03 Feb 2026 06:31:07 GMT"},"fingerprint":{"sha1":"82:9E:ED:B3:E5:61:6D:0D:52:77:3B:4A:1E:DF:68:54:AE:39:DA:01","sha256":"6C:66:0F:9B:EB:BF:7F:11:60:E4:7F:B8:4C:F8:F9:9E:79:94:1F:1C:BC:21:10:12:C5:AF:50:F5:4B:90:80:11"}}},"request":{"raw":"GET /siteadmin/upload/img/1904394283844902914.gif HTTP/1.1\r\nHost: vezknp-1005-ppp.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sat, 07 Jun 2025 06:00:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 78724\r\nConnection: keep-alive\r\nx-oss-request-id: 6843D5804E6A6A302CDCA524\r\nAccept-Ranges: bytes\r\nETag: \"CB6137A04F0BF15ED4C4B9296D4CB00C\"\r\nLast-Modified: Tue, 25 Mar 2025 04:45:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9725466237501296877\r\nx-oss-storage-class: Standard\r\nCache-Control: max-age=86400\r\nx-oss-ec: 0048-00000111\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: y2E3oE8L8V7UxLkpbUywDA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":78724,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"cb6137a04f0bf15ed4c4b9296d4cb00c","sha1":"47b2a0310f9c1cad5b3fd0525e5bf50f79dfad9e","sha256":"fa32eb21e238418794aa858e55fa69910713babdb704fba45bee715f50678326","sha512":"20d89861493b05c05fba96baa615e1aba957baaeb4de9cbef0ea0df4c7151416ad4855f14e56c726048e16b142796e01cf1c04b264918e7fdc7bdaffae8144f3","ssdeep":"1536:uZ2yYpDKyoINa+ppk4UUtvxU9dRZrO2fHMnizUPU9g4bJB1X1wNnI8k2FZXT:smKT8a+Hk4UUJCDrrOKHgB4bBX1bPKZD","tlshash":"1573124a2596b137c601a2f03441b5238ad9626c860dc5930f87bfefb9ceac434f596a","first_seen":"2025-03-26T08:12:58.670988Z","last_seen":"2025-10-22T04:56:01.865044Z","times_seen":234,"resource_available":false,"data":null}},"time_used":3739,"timings":{"blocked":414,"dns":2631,"connect":20,"send":0,"wait":201,"receive":194,"ssl":279},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/img/favicon.ico","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:34.370Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/favicon.ico HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nCookie: Hm_lvt_7887f171a781a08a9fc1b8a997b61201=1749276033; Hm_lpvt_7887f171a781a08a9fc1b8a997b61201=1749276033; HMACCOUNT=97D5FD3399E2FE57\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:34 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 435\r\nLast-Modified: Thu, 25 Jul 2019 09:09:34 GMT\r\nConnection: keep-alive\r\nETag: \"5d3971ce-1b3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":435,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5a618bb8283df8869d378696553fc9f0","sha1":"69bf9563f4b780b2b1f13c98d70d7f6a6269c4cb","sha256":"0b03001b4c97bc38642fa793efb1de638bcfdad4606a5582ae4ac065668b78c5","sha512":"030c6bf58d180df80e88c95bb2100f2144eda9b5bbad472d273c2f3001f4906b91bbc0599fc58ed2fee01446c8585f557f3dca5136de83654d4aac0942b617f9","ssdeep":"","tlshash":"bce0237580490504b2144be18c171cd0fccd64dc22342cf6d336e27b002d862d0a9703","first_seen":"2023-06-10T10:31:18Z","last_seen":"2026-04-04T12:15:56.111276Z","times_seen":440,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xm55511.img9879125675.com:8686/8888/xm/508/80.gif","fqdn":"xm55511.img9879125675.com","domain":"img9879125675.com","tld":"com"},"ip":{"addr":"205.198.65.114","port":8686,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xm55511.img9879125675.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 May 2025 07:58:18 GMT","end":"Sat, 02 Aug 2025 07:58:17 GMT"},"fingerprint":{"sha1":"AD:A4:AA:E5:1F:F1:06:5A:2D:75:58:29:FE:DF:D0:87:70:5A:BA:72","sha256":"4A:5E:A9:53:F1:25:34:9A:5D:84:AC:FB:CC:10:D6:A6:79:62:79:07:CB:C2:D1:42:82:72:58:FD:76:99:72:8B"}}},"request":{"raw":"GET /8888/xm/508/80.gif HTTP/1.1\r\nHost: xm55511.img9879125675.com:8686\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 05:24:40 GMT\r\netag: \"66b3688a-4e9c7\"\r\nexpires: Mon, 07 Jul 2025 05:24:40 GMT\r\nlast-modified: Sat, 07 Jun 2025 05:25:10 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 321991\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":321991,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"8eb97ba562904f64f2af2389f0d3eda9","sha1":"d484a2e519bf260b9eb53cfa5605220cd47879f2","sha256":"e1d1188c5ea2f2e00d0bb7212087e87ab63c898e2795c95bd1ca8ee0d09725fc","sha512":"3dc76ebf8c5b24a977ccdfae07d5e12b91d2ca2e4a08d4db2f5f9278e83417e27b3c738bf15b18597b3eca766d2766df81c4e99c3435004c6aa2d888efff49b0","ssdeep":"6144:GYfxY0XuOEXuOEXuOEXuYA24yAiwYpsv92JDiq85S92JDiq85S92JDiq85S92JDH:PzNaNaNaDAOAfYvmfDmfDmfDhMDeMDep","tlshash":"e86402bb13074bc9dafa4dc519289bd6af0524642cb39c37408d746e132673faba1f94","first_seen":"2024-08-13T16:44:54Z","last_seen":"2026-04-04T12:15:56.097307Z","times_seen":2919,"resource_available":false,"data":null}},"time_used":3819,"timings":{"blocked":451,"dns":1183,"connect":166,"send":0,"wait":167,"receive":722,"ssl":1128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jklhgfg.varlt.com/960x60.gif","fqdn":"jklhgfg.varlt.com","domain":"varlt.com","tld":"com"},"ip":{"addr":"101.226.28.240","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jklhgfg.varlt.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 14 May 2025 00:00:00 GMT","end":"Mon, 11 Aug 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E4:21:7D:C4:0B:55:7E:94:B2:FB:91:E2:C1:F3:86:6A:BA:36:C4:35","sha256":"8C:DA:65:74:C1:D0:0E:BF:56:2D:92:C0:E1:0D:F0:06:0E:CC:78:3E:A8:17:6C:4E:3B:ED:CD:22:85:9C:F2:E9"}}},"request":{"raw":"GET /960x60.gif HTTP/1.1\r\nHost: jklhgfg.varlt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 275275\r\nstrict-transport-security: max-age=5184000\r\ndate: Mon, 26 May 2025 09:43:59 GMT\r\nlast-modified: Wed, 12 Feb 2025 08:43:52 GMT\r\nvary: Accept-Encoding\r\netag: \"67ac5f48-4334b\"\r\nexpires: Wed, 25 Jun 2025 09:43:59 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache37.l2cn2655[294,293,200-0,M], cache56.l2cn2655[296,0], vcache15.cn4757[0,0,200-0,H], vcache15.cn4757[1,0]\r\nage: 1023392\r\nali-swift-global-savetime: 1748252639\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 26 May 2025 09:43:59 GMT\r\nx-swift-cachetime: 2592000\r\ntiming-allow-origin: *\r\neagleid: 65e21ca317492760310596185e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":275275,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"7127035cd6db2fa0dec3f8ca1af80bc5","sha1":"2c5343e8a6526d84a9b58b5befabf9c235518619","sha256":"4c65a5970255884f5152194cfa8038294c28e6b75a7f4621d94d1e7cc88b12ce","sha512":"e99e349a773f2ac9257a53fbc4d8dc9398785b8e9678a2aec2f6cd9e1f4d49246a2839fbf6338371efa96b015452e41719ad81fb65847afdf8b33ad5d8512f12","ssdeep":"6144:M3LQF9JHXdupUeqWeqHMvBmInIXXOKRYjEB73iwTnHT0ER:MLEJ3d7eqWeqsAIIHjZ73i2oER","tlshash":"1c4422fc3535434fed9810ad4c6f4aaa827f25c415b1d07c5bba8eacbeed134298e016","first_seen":"2025-02-19T03:23:26.199931Z","last_seen":"2025-12-22T16:16:14.550849Z","times_seen":825,"resource_available":false,"data":null}},"time_used":3194,"timings":{"blocked":472,"dns":1042,"connect":291,"send":0,"wait":285,"receive":587,"ssl":515},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgsa.baidu.com/forum/pic/item/5d6034a85edf8db1e1e0674b4f23dd54574e74d6.jpg","fqdn":"imgsa.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"171.214.24.48","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /forum/pic/item/5d6034a85edf8db1e1e0674b4f23dd54574e74d6.jpg HTTP/1.1\r\nHost: imgsa.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: JSP3/2.0.14\r\ndate: Sat, 07 Jun 2025 06:00:31 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1405343\r\naccess-control-allow-origin: *\r\netag: 6d442fa9605ec3e5a284446b113e54ca\r\nexpires: Mon, 07 Jul 2025 06:00:31 GMT\r\nlast-modified: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1405343,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"6d442fa9605ec3e5a284446b113e54ca","sha1":"60d504de126bfa3007af96238bb73bd885407931","sha256":"3c0092d4722d18727aec53271bbaa4aae0ef6ea8eb631dcb6991e9b2228a38f0","sha512":"ffd72fac84a99d6c9865db87188a54b83b7ef9e51d6dc8ac5462a7020f314b512fcc0dfd341b8e01c95b3e79c609f781bfa3711e0c38303aa035a9dbb2a04e3c","ssdeep":"24576:ZROiKzfFuBROiKzfFuBROiKzfFuVccYbXbXbkH1D3zH1D3zH1Db/:ZiJkiJkiJIccCrrkxx5","tlshash":"5d5523df16d94e0381e73f71f8b3a22a357164c534623806be2eec75605f8c42d6aad6","first_seen":"2025-05-11T05:57:28.196379Z","last_seen":"2025-06-09T07:15:16.990539Z","times_seen":20,"resource_available":false,"data":null}},"time_used":6558,"timings":{"blocked":435,"dns":1,"connect":287,"send":0,"wait":602,"receive":3686,"ssl":1547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/img/logo_max.png","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:29.203Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/logo_max.png HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/statics/css/stui_default.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 12128\r\nLast-Modified: Tue, 23 Jul 2019 09:39:58 GMT\r\nConnection: keep-alive\r\nETag: \"5d36d5ee-2f60\"\r\nExpires: Mon, 07 Jul 2025 06:00:29 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 282 x 60, 8-bit/color RGBA, non-interlaced","md5":"8a21de57a55e1c08ab7c5eddec9a2b7f","sha1":"a7b8daee559f39d66dea3eae37db7a591a3b15b9","sha256":"10a3049a5095d48d7b7c0d52aec9a6ff8049f7e82c0f3c9253c2024326a6b2d8","sha512":"aff63a232528324f88800cf7425790fed44b707bf1e15ccd247206228d93228a5295784d5329fd7a5c98987dd85177f4e9ba536990cfa2117967458e1db2a80a","ssdeep":"192:/3QiC71w51vC+gZW5KsatFAzn3bvT29nOUTUblUNctkHQTVQifR2HKhtHutE/mCk:/o7+WW5KsGS3bvaRHOUK2HQTVNJ2HKDm","tlshash":"1942c070d45f33f5a049fc8c51b2fd545b080d0c79bad5b266883a9aae2d44da4bd207","first_seen":"2023-06-10T10:31:17Z","last_seen":"2026-04-04T12:15:56.10035Z","times_seen":428,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":378,"dns":0,"connect":0,"send":0,"wait":158,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/img/load.gif","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:29.211Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/load.gif HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/statics/css/stui_default.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:29 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6115\r\nLast-Modified: Tue, 23 Jul 2019 10:12:32 GMT\r\nConnection: keep-alive\r\nETag: \"5d36dd90-17e3\"\r\nExpires: Mon, 07 Jul 2025 06:00:29 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6115,"size_decoded":0,"mime_type":"image/gif","magic":"PNG image data, 220 x 325, 8-bit/color RGBA, non-interlaced","md5":"16b8fb3cdb755610f7c59b069df2a915","sha1":"f0ad3a325e2acecfa67d3fa245bdb020d1166b2c","sha256":"e5645d37867dd1e7a069d2991293057e384be9f661e0caa884ba9489aa53f3e4","sha512":"f90cc569e3359ecd20bffe26cb8627f7511fca1cea11a2e1e46dce24af25f2836e1086dcfb29f9fe396f355b8ad1d30beb715c37fba01d6c2056953241648fd1","ssdeep":"96:2T5HDj6mCZiEWy3ltH02Dvq6h9dVtmyqrGvjZwztTtxy:IHDj6yitU2zq6TqS7+zE","tlshash":"b4c16427946eef6c8b5aaca18bc84f81c30214d6224964cede631ccc2e97354a95fd5f","first_seen":"2023-06-10T10:31:17Z","last_seen":"2026-04-04T12:15:56.115403Z","times_seen":428,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":380,"dns":0,"connect":0,"send":0,"wait":160,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dj4opyunomy06.cloudfront.net/02xpj/960-80.gif","fqdn":"dj4opyunomy06.cloudfront.net","domain":"dj4opyunomy06.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.175","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:34.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /02xpj/960-80.gif HTTP/1.1\r\nHost: dj4opyunomy06.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 379539\r\ndate: Sat, 24 May 2025 14:56:41 GMT\r\nlast-modified: Sat, 24 May 2025 13:55:37 GMT\r\netag: \"fa63bdef408d1e0a61e6311af9e069e7\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 16015e09e0d70f7cc17ec5c4f52b310e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: zzEF51PUhF966WxcPniXZP95tFjCefuu1EIWodysP3A6TkHHS_etcw==\r\nage: 1177434\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":379539,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"fa63bdef408d1e0a61e6311af9e069e7","sha1":"c4be18e7f2193fcc7a9463885ce77ee086c57405","sha256":"881a393f908abe8383cc1513d673ce725084bdf848afb0b1335bc282c3365268","sha512":"d44ea5e8392aa12b03dd5e308abcb3467d506984d4f87d209064289272ba0139a6b88b29f67554500d9c6c86cb6846f237251a82df8c180ebfa62693fefee93d","ssdeep":"6144:j6qFLbwEUXWfMLbwEUXWfMLbwEUXWfMLbwEUXWfMLblr5Ti5nHnHnHnHW:eybfUmfgbfUmfgbfUmfgbfUmfgbpRidW","tlshash":"0884024bb377db11b755aa3d90a71531022a9e47808a0dce4ed37d0e3d460e5b792ef2","first_seen":"2025-05-27T02:04:19.789492Z","last_seen":"2026-03-18T21:02:57.982454Z","times_seen":66,"resource_available":false,"data":null}},"time_used":2605,"timings":{"blocked":25,"dns":2524,"connect":1,"send":0,"wait":3,"receive":25,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.2016os.com/960x60.gif","fqdn":"txdy.2016os.com","domain":"2016os.com","tld":"com"},"ip":{"addr":"180.163.146.92","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.2016os.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 May 2025 03:06:44 GMT","end":"Tue, 05 Aug 2025 03:06:43 GMT"},"fingerprint":{"sha1":"61:07:8C:1E:14:BF:27:10:42:75:E8:6A:3B:8D:D1:94:86:0C:B2:ED","sha256":"FD:31:AD:51:BB:D8:20:11:17:65:83:70:E0:73:88:B4:CC:EF:F6:F7:96:D8:8D:16:57:ED:1F:30:94:09:35:A4"}}},"request":{"raw":"GET /960x60.gif HTTP/1.1\r\nHost: txdy.2016os.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 464319\r\nstrict-transport-security: max-age=5184000\r\ndate: Sat, 24 May 2025 22:21:39 GMT\r\nexpires: Mon, 23 Jun 2025 22:21:39 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache28.l2cn8047[500,365,304-0,C], cache37.l2cn8047[366,0], kunlun9.cn7174[0,0,200-0,H], kunlun3.cn7174[1,0]\r\nlast-modified: Wed, 12 Feb 2025 08:43:46 GMT\r\nvary: Accept-Encoding\r\netag: \"67ac5f42-715bf\"\r\nage: 1150730\r\nali-swift-global-savetime: 1748125299\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 24 May 2025 22:21:39 GMT\r\nx-swift-cachetime: 2592000\r\ntiming-allow-origin: *\r\neagleid: b4a3921717492760298703874e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":464319,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"e4ccf9fc2a6f39a41bb95dd10e35367a","sha1":"9e9b4a1ea8962cd2230007038f81f4702d61f046","sha256":"255b5190719eede8ca1d86a2fa82544fa90b0e1a152596f6abb12fd0d1c3c430","sha512":"65d78963432442905e14c2e47b8cb563c1452d2fcf89449cac1ddae275ff6a1e7528254f155f072898dfe5bfa40b38ed7a4e107c23a3434c80065ed1c7417244","ssdeep":"12288:fNqwrPezG23ERb7pmSF8VrSWHfR8ZGFq9hKPty3FqaxMHy:fNJPezytLF8VZRw2Pty3oPy","tlshash":"bda4238b4918250b08f09c69237679e5c5ded394284534bb3b73aa04cb1e79ff613aa6","first_seen":"2024-12-25T12:10:48.904509Z","last_seen":"2025-08-12T09:07:02.202798Z","times_seen":536,"resource_available":false,"data":null}},"time_used":3434,"timings":{"blocked":1179,"dns":715,"connect":253,"send":0,"wait":232,"receive":792,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"777eee888eee.com/56433636234b4b348b321175de6d741c.gif","fqdn":"777eee888eee.com","domain":"777eee888eee.com","tld":"com"},"ip":{"addr":"104.160.179.249","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"777eee888eee.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 May 2025 06:14:27 GMT","end":"Tue, 12 Aug 2025 06:14:26 GMT"},"fingerprint":{"sha1":"82:A2:EF:12:ED:CB:A0:92:56:A6:26:A6:01:36:9F:7E:3A:C2:95:0D","sha256":"F7:49:B6:F6:38:D9:1F:01:D1:10:0F:66:AF:3A:8E:9E:F9:00:B6:F3:01:FC:18:4F:54:FB:53:15:7D:06:FA:56"}}},"request":{"raw":"GET /56433636234b4b348b321175de6d741c.gif HTTP/1.1\r\nHost: 777eee888eee.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:30 GMT\r\ncontent-type: image/gif\r\ncontent-length: 247750\r\nlast-modified: Mon, 19 May 2025 15:25:32 GMT\r\netag: \"682b4d6c-3c7c6\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":247750,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"bf45ced8b4605e903e32adaa5ed49f0a","sha1":"23ca5171786f9bac411811897c83c121ad36625d","sha256":"6f963bf3040e579028228ff831128caec5ec335e95ff4574291bcc5afb356e5a","sha512":"bf3396f0370b2caa5412c148e6f987df16f6248b4cee925f06297a51efe30dd754d58195a62c6a309181c487267f7556eec83df2b24edacd4954ed3f1188357d","ssdeep":"6144:2/jNgpdpF2mzo9AQzoCEm5RrQPscoCn2UG+c7:2EPP0WQ0C75RghJ27/7","tlshash":"2e3412bd1e1d5c32442d62f92dad2b3a0d12bd2e0a63d251e9d438c9fd90436d4bafb4","first_seen":"2025-02-10T23:58:32.403488Z","last_seen":"2025-08-08T22:46:21.30369Z","times_seen":32,"resource_available":false,"data":null}},"time_used":2649,"timings":{"blocked":456,"dns":1042,"connect":155,"send":0,"wait":307,"receive":468,"ssl":220},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-06","alert":"Sinkholed","trigger":"777eee888eee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/statics/css/img/fontawesome-webfont.woff2?v=4.6.3","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:29.281Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/css/img/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/statics/css/font-awesome.min.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:29 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 71896\r\nLast-Modified: Mon, 01 Jun 2020 04:00:13 GMT\r\nConnection: keep-alive\r\nETag: \"5ed47d4d-118d8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71896,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 71896, version 4.393","md5":"e6cf7c6ec7c2d6f670ae9d762604cb0b","sha1":"97e438cc545714309882fbceadbf344fcaddcec5","sha256":"7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73","sha512":"dd945face918edf20b7283b7416ae7b3735269945e3f3e379e770425024c1de1fcdc7cfb952381d295d0d1f58c8ab191fd29030f2051d10501557bd7bfbe3658","ssdeep":"1536:tA4xrPyfyECsyz2wCjYfhO/ORzc7erabg5Z06GEQMo:t3jayEC/2/OI/gcq+bg5C6G7","tlshash":"756302f87e71b01d5a306f74e56730e2491c9283e79593f8a8297cb681b2f493742c7a","first_seen":"2023-04-05T09:22:06Z","last_seen":"2026-04-04T14:29:27.550298Z","times_seen":32938,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":443,"dns":0,"connect":0,"send":0,"wait":160,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.fjyyedu.com/hk1991-960x80.gif","fqdn":"img.fjyyedu.com","domain":"fjyyedu.com","tld":"com"},"ip":{"addr":"123.6.18.20","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:32.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.fjyyedu.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 15 Apr 2025 07:38:14 GMT","end":"Fri, 15 May 2026 07:38:13 GMT"},"fingerprint":{"sha1":"7F:43:AC:F1:18:6B:32:B2:0A:05:20:F3:78:B7:34:A7:CA:79:85:1E","sha256":"3C:21:F3:A8:C2:B2:11:F0:27:93:C3:94:DA:CE:4E:59:AB:E3:39:07:3C:34:6B:CA:E3:13:01:F6:33:BF:BA:88"}}},"request":{"raw":"GET /hk1991-960x80.gif HTTP/1.1\r\nHost: img.fjyyedu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444992.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Sat, 07 Jun 2025 06:00:34 GMT\r\ncontent-type: image/gif\r\ncontent-length: 425369\r\nx-oss-request-id: 68429252B7AB94685BB3BBD7\r\netag: \"CB8BCCB6F3E07593B65FDFFB5979D729\"\r\nlast-modified: Fri, 06 Jun 2025 05:09:25 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3394078432234823469\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000103\r\ncontent-disposition: attachment\r\nx-oss-force-download: true\r\ncontent-md5: y4vMtvPgdZO2X9/7WXnXKQ==\r\nx-oss-server-time: 3\r\nx-cache: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":425369,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"cb8bccb6f3e07593b65fdffb5979d729","sha1":"6851550301ee9d3e930d12b643a003d90a18b09c","sha256":"15442321442aac95b2686f6e83346aad8de50516e5bce95b26df6df715c4a07f","sha512":"9d782a846476d2a62344699ff4029bf83720619df8942726febcc0cff2224192ec7082f658e53f6ab0ff2913abcbbc29a1216a10dba28e9ddb7ab1f15d21bb59","ssdeep":"12288:PGSMsBQyaZNDDJslHdhVYU7lF7OH8A2dxaeVQfxp:PZHfaZNPJsvXpRPA2dxoX","tlshash":"5394235e13d16cd68f76b01762aa013a2a019adc3d52f273bc1159f59b8f46cb13bec2","first_seen":"2025-06-06T16:34:57.023837Z","last_seen":"2025-07-21T15:28:52.226772Z","times_seen":428,"resource_available":false,"data":null}},"time_used":3444,"timings":{"blocked":1199,"dns":706,"connect":233,"send":0,"wait":267,"receive":758,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/06/05/xpj960u180.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/06/05/xpj960u180.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 94688\r\nlast-modified: Thu, 05 Jun 2025 07:46:45 GMT\r\netag: \"68414b65-171e0\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":94688,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 180","md5":"1f312318ea3d169fc4fe750c646f80d7","sha1":"6e9c43ab9ab91070699d7a4f63f0e9dba26a0f48","sha256":"25fbe087f0b3e3855605448dd542215a3f43be18d96ce62bdf72e45fb714db27","sha512":"e687417ee5bae896529e9f2f85b294fa16a33ae67313151043ffee3ed329a546cbb81a343e08350f12f8f07125e1bce27a6fbeb544e651b006b661709f67c3af","ssdeep":"1536:2wxZV4PPFN4MiBKO7FD9Koppi7moHrJ8T/CvM+qSV3s4aZlzOEKsgwkWwSPiOcDp:/xL+PABB9KofALJoEqfNZgEK7w/dPADp","tlshash":"bf9312d87350ecd306a234176698cfa78ca7d0c55c50e9deaccf8f56726ab460da3b24","first_seen":"2025-06-05T23:00:03.453185Z","last_seen":"2025-06-27T19:24:06.535362Z","times_seen":33,"resource_available":false,"data":null}},"time_used":1779,"timings":{"blocked":777,"dns":0,"connect":0,"send":0,"wait":663,"receive":339,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tu.iuchx.com/images/newyear/960hf.gif","fqdn":"tu.iuchx.com","domain":"iuchx.com","tld":"com"},"ip":{"addr":"112.29.207.189","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tu.iuchx.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 May 2025 06:01:03 GMT","end":"Mon, 25 Aug 2025 06:01:02 GMT"},"fingerprint":{"sha1":"06:33:25:3F:37:18:B1:52:03:9C:2F:F2:D5:C8:C3:3B:84:DC:F5:AE","sha256":"02:A3:C2:84:99:0A:2F:B3:58:2E:1D:4C:18:EA:98:84:E0:DC:D7:EB:9A:9F:53:3B:8E:08:92:8A:B9:17:3C:00"}}},"request":{"raw":"GET /images/newyear/960hf.gif HTTP/1.1\r\nHost: tu.iuchx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Jun 2025 06:00:35 GMT\r\nContent-Type: image/gif\r\nContent-Length: 141261\r\nConnection: keep-alive\r\nServer: openresty\r\nLast-Modified: Tue, 11 Mar 2025 13:15:11 GMT\r\nVary: Accept-Encoding\r\nETag: \"67d0375f-227cd\"\r\nExpires: Thu, 26 Jun 2025 09:55:24 GMT\r\nX-CCDN-Expires: 1655768\r\nvia: CHN-AHhuainan-CMPN1-CACHE28[4],CHN-AHhuainan-CMPN1-CACHE10[0,TCP_HIT,0],CHN-JSyangzhou-GLOBAL1-CACHE90[6],CHN-JSyangzhou-GLOBAL1-CACHE42[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 2592000\r\nX-CCDN-REQ-ID-46B1: 259df7e205f5c7f9742525b64a7489c4\r\nnginx-hit: 1\r\nAge: 936249\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":141261,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 360","md5":"746499c003fbefb5bab24954e4e820c5","sha1":"10340e08d494d9f0d0410ad09007c1802c14b52c","sha256":"008ba1aac71e3d79c0d3261631b76a8fbc572401bcfac8157842977c9747fd9a","sha512":"ff4d09e7c84b81cf0336528d61c90de5500232d0b1e632a3c79887c0bc0cd8ac487fe11a985294ea549adbd92f25a24572b16ec4e1274adda2f37f81726586d2","ssdeep":"3072:H0gogn2TilIroTELFnZXSFzMBNNGRCV+9X96pfdpn223fACMle0C7N:H0csiknZXScN0g+9X96pDnrvACMleFN","tlshash":"ddd3236678aaae746552872cb370935faf03a58f0752f41df9049e8e24d51cd0bec4f2","first_seen":"2025-03-15T20:40:34.176512Z","last_seen":"2025-08-03T15:57:47.6922Z","times_seen":69,"resource_available":false,"data":null}},"time_used":7646,"timings":{"blocked":422,"dns":5228,"connect":307,"send":0,"wait":622,"receive":741,"ssl":325},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/template/images/laba.png","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.684Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/laba.png HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 2105\r\nLast-Modified: Sat, 15 Aug 2020 11:45:58 GMT\r\nConnection: keep-alive\r\nETag: \"5f37caf6-839\"\r\nExpires: Mon, 07 Jul 2025 06:00:29 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2105,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 83 x 64, 8-bit/color RGBA, non-interlaced","md5":"2413ea57d1b48744057b73602e79734b","sha1":"c473b53a5ebb3c3f8b5328bd5d1d04a0a55ccc62","sha256":"3a4652637a0b8575db478c4c06cd14e62d8e5604b0177862674ffdf39180d23b","sha512":"78bb28ffedb1b10e396ebc21b21e23882282f3f28c7ba89129a00eaf5e3d4109e688d5cdd2e546494d5496abd75b7493c3a715300ce6fef8083a41c3a659ce2e","ssdeep":"","tlshash":"2941181219f00ab723df3066496358408b3e5bbfb5a2415c046628b0f1bbc7bb3eb14e","first_seen":"2023-06-10T10:31:17Z","last_seen":"2026-04-04T12:15:56.099152Z","times_seen":429,"resource_available":false,"data":null}},"time_used":571,"timings":{"blocked":409,"dns":0,"connect":0,"send":0,"wait":158,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/28/960-120.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 May 2025 20:27:40 GMT","end":"Thu, 14 Aug 2025 20:27:39 GMT"},"fingerprint":{"sha1":"07:AF:79:2B:CE:A0:B4:C0:F9:E2:DE:7F:2E:E5:92:78:04:4D:A8:C5","sha256":"0D:19:DE:DC:85:3E:40:AC:5B:23:0B:2C:07:91:BC:24:AE:B5:F7:01:16:42:33:90:3C:D1:E9:5B:48:63:20:94"}}},"request":{"raw":"GET /images/2025/03/28/960-120.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Jun 2025 06:00:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 133309\r\nlast-modified: Fri, 28 Mar 2025 14:19:24 GMT\r\netag: \"67e6afec-208bd\"\r\nexpires: Mon, 07 Jul 2025 06:00:29 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":133309,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"588f8a6bc2823c6e2b1bc2b8d28c4cf2","sha1":"3a13e77ce53ce6108759afbe7bc4a128876fb0f5","sha256":"fcaae4cf9008299986d9fc8ea60c9c1c459f2300ebc828368622fa934db23c1e","sha512":"7600d96b70c7ba5944e48781612f773b8b97ff5abd4324e2c7c265d1e395e9b085bf6b18287c9a34e90738274b28498dd90bf7d280bda210e1b0af05b077c362","ssdeep":"3072:ufjjpufL/2njerCmn/wkyyZRc1Yw3oWLfRDSO0vp:8jjGr2jeOm1pkYw9Lps","tlshash":"4ad3124e138f4a09a46ccb12f91997737a41efb8fdc8a94081bd2c71b5fb19b02465c9","first_seen":"2025-04-01T19:07:34.998393Z","last_seen":"2025-06-21T17:43:13.29341Z","times_seen":44,"resource_available":false,"data":null}},"time_used":1967,"timings":{"blocked":739,"dns":0,"connect":0,"send":0,"wait":663,"receive":565,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/i/33333/960-120.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"61.160.192.102","port":443,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 May 2025 09:32:29 GMT","end":"Sat, 23 Aug 2025 09:32:28 GMT"},"fingerprint":{"sha1":"FE:0F:50:D0:06:97:B9:D1:9D:99:95:2B:40:19:F9:F3:85:79:AA:DF","sha256":"72:59:3E:0F:C6:8D:77:68:F6:EB:0F:3B:B2:FC:45:C9:51:59:F3:13:82:2A:E8:C7:B1:D5:3B:4B:18:BF:89:4F"}}},"request":{"raw":"GET /i/33333/960-120.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 92697\r\nstrict-transport-security: max-age=5184000\r\ndate: Mon, 26 May 2025 11:04:24 GMT\r\nexpires: Wed, 25 Jun 2025 11:04:24 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache40.l2cn3160[0,0,304-0,H], cache29.l2cn3160[1,0], kunlun5.cn6425[0,0,200-0,H], kunlun2.cn6425[1,0]\r\nlast-modified: Wed, 14 May 2025 12:58:39 GMT\r\nvary: Accept-Encoding\r\netag: \"6824937f-16a19\"\r\nage: 1018566\r\nali-swift-global-savetime: 1748257464\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 26 May 2025 11:30:49 GMT\r\nx-swift-cachetime: 2590415\r\ntiming-allow-origin: *\r\neagleid: 3da0c00c17492760303412027e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92697,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"5d9fbd91fb90d0259be53a7537723035","sha1":"f0b95891b9779b3ee2a650452026bc4f3a2ec65e","sha256":"251cf28568739a9ca0ebe95941798c0ddc722e2539698e3d11f6531ac8c496e0","sha512":"b428e0c1e1206a9be8f8a5c7dac324a75363dad9d6059130f773854c6fc15931fd097f6611032c85f601eda850827052b7324755cb5f6a5f5471dc64b93597b6","ssdeep":"1536:93A0LajlL+ZtbiWp1ud+u9THHj+ID8/gOilHtOVRWt9QBS0bIBDOdc6sHhhkF6dt:JAj9Y5NmHqIDqv+OouIBD64XGSvOA","tlshash":"179312c3f11ba69a7934ac259d25628e5d789c0743e0eaa6c4f0877fcd9311687bb0f4","first_seen":"2025-05-27T02:04:19.746689Z","last_seen":"2025-06-18T09:12:06.901444Z","times_seen":29,"resource_available":false,"data":null}},"time_used":2388,"timings":{"blocked":463,"dns":631,"connect":258,"send":0,"wait":507,"receive":260,"ssl":265},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgsa.baidu.com/forum/pic/item/7e3e6709c93d70cf4bf5961dbedcd100baa12b96.jpg","fqdn":"imgsa.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"171.214.24.48","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /forum/pic/item/7e3e6709c93d70cf4bf5961dbedcd100baa12b96.jpg HTTP/1.1\r\nHost: imgsa.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: JSP3/2.0.14\r\ndate: Sat, 07 Jun 2025 06:00:31 GMT\r\ncontent-type: image/gif\r\ncontent-length: 387331\r\naccess-control-allow-origin: *\r\netag: 1af7636783e810495311e4f2116d0cb9\r\nexpires: Mon, 07 Jul 2025 06:00:31 GMT\r\nlast-modified: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":387331,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"1af7636783e810495311e4f2116d0cb9","sha1":"bedaad0a15e6638fe36e8290e52cca2b3811b978","sha256":"bac1935ade709c39455e990a1184f3bd94b46211008fedb089fc463d5a6b1417","sha512":"0bcf05d6c827353f989eeb4a36ccf2c3ba1c36c57f3f57ddd7d9f727212b41af6b6aee17a4f45500a678ac4cc37d0825b43769d5c213a6c79d99c3444d780b81","ssdeep":"6144:nksz9P8sz9P8sLxV7vqb7vqb7vungNdIR3bSTEgNdIR3bSTEgNdI6GrHvapUPvp7:nkokokE7v67v67vuncdIVuEcdIVuEcdg","tlshash":"718422d72c975f20b6f8347639fd916d0c20b0bc4d7a9642a9d230f953c182e94dada7","first_seen":"2025-05-27T02:04:19.744617Z","last_seen":"2025-09-20T04:20:20.956516Z","times_seen":101,"resource_available":false,"data":null}},"time_used":4066,"timings":{"blocked":461,"dns":1,"connect":296,"send":0,"wait":410,"receive":1357,"ssl":1537},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN01vYcveW1Bs33SC1a4X_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN01vYcveW1Bs33SC1a4X_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 219559\r\ndate: Sat, 10 May 2025 12:38:13 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.002\r\ntraceid: a3b5319917468806929347580e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache39.l2fr1[0,0,200-0,H], cache24.l2fr1[1,0], ens-cache36.fr6[0,0,200-0,H], ens-cache27.fr6[1,0]\r\naccess-control-allow-origin: *\r\nage: 2395337\r\nali-swift-global-savetime: 1746880693\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 10 May 2025 12:40:17 GMT\r\nx-swift-cachetime: 31535876\r\ntiming-allow-origin: *\r\neagleid: a3b5fdaf17492760305105995e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":219559,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"39541ff1709602b8b4cfc38c3bf8717a","sha1":"92763287ee6ff5aaa1892d9dce61f3127e7c3849","sha256":"69a1d12e34e6b2534126a9fd6edb79f53534ce68526b69d5c151e639c71d937b","sha512":"54fa3fbfb539b1a46060c1826d8e213538a2d3db0e35f7cd8e421d48dfeffb5144571975514299550524a0f82884773793ce0ba34d14bc3919808246236a4fda","ssdeep":"6144:qxYjTO8OdTO8Odvhxb/iGb/iGbQfiMwdtdt+:qufO8IO8ELT5T5Mw33+","tlshash":"422402cb26198479d9f2307725e8cb4fff8459670e2c746a09262111f87b3e16ec79b1","first_seen":"2025-04-10T19:18:00.067018Z","last_seen":"2025-10-15T16:52:30.483254Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2019,"timings":{"blocked":440,"dns":1279,"connect":33,"send":0,"wait":34,"receive":120,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN015CRcs922AEoFHLILv_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN015CRcs922AEoFHLILv_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 248504\r\ndate: Thu, 29 May 2025 04:44:06 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.002\r\ntraceid: a3b55ca417484938460107723e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache12.l2de3[0,0,200-0,H], ens-cache14.l2de3[2,0], ens-cache5.se2[0,0,200-0,H], ens-cache7.se2[3,0]\r\naccess-control-allow-origin: *\r\nage: 782184\r\nali-swift-global-savetime: 1748493846\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 29 May 2025 06:54:02 GMT\r\nx-swift-cachetime: 31528204\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17492760304695679e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":248504,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"5e2a988c376a15cd5821a5f8495570b7","sha1":"86db0ace1cb27d7f209c63074b0a21af8c461ba9","sha256":"10d642d405680f031488054e581f0fd7ffe02e406628e896b11f0678f6347d63","sha512":"bd3839db8418f9ac70232d7086c8b7b0fc2677a304916a7b0f982a21c16861c4d6130107402783660ed23ebd9b0fdc34541d7367fe4df481c1f13b48b5d71bd7","ssdeep":"6144:toa19M5ySdIBa1DblWCg4WpaHSMKWFK2z9S1+I:+KM5ddoEbtwaHLKW9z9A","tlshash":"bc34234ebc2507255b5c48e0079facb278627b1efb754712b8885cb4a323f51a89fd2d","first_seen":"2025-05-29T20:00:18.605656Z","last_seen":"2025-06-19T05:49:27.880103Z","times_seen":56,"resource_available":false,"data":null}},"time_used":1887,"timings":{"blocked":436,"dns":1280,"connect":24,"send":0,"wait":12,"receive":33,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/static/js/jquery.lazyload.min.js","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.689Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/jquery.lazyload.min.js HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 26 Jan 2022 08:38:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"61f10888-d35\"\r\nExpires: Sat, 07 Jun 2025 18:00:28 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3381,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3309)","md5":"89c45121934ed4664ff3ca811a008226","sha1":"848216f1d67cc7c6c6214db1a771f8c4653f06d6","sha256":"e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7","sha512":"61a33e6453c52798cf127e93c3163344cea18bdcf31eea042653903b4653b1e5408942d7b3e09b33ac73c667d1b0161d1438cbaee8d517518352c7c88a9bcc3c","ssdeep":"","tlshash":"1861768d7f527839f0567a9e831f3106663ed46f81814c54b0c9ece4ecec7951236d9a","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-04T13:41:20.87158Z","times_seen":4359,"resource_available":true,"data":null}},"time_used":337,"timings":{"blocked":179,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7887f171a781a08a9fc1b8a997b61201","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:29.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /hm.js?7887f171a781a08a9fc1b8a997b61201 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11289\r\nContent-Type: application/javascript\r\nDate: Sat, 07 Jun 2025 06:00:32 GMT\r\nEtag: 523680cd66664bca3d6e0b268a0a694d\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=97D5FD3399E2FE57; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (619)","md5":"f8c30e032b982a3730ada92d14ba0bf4","sha1":"cba7a9cc9d120c494b035bd6a61324974aba6f51","sha256":"d3194dcf7f9380ba69d7e4b8769d6a8eedfb78d39abfb4ca7edf228db5d58f1e","sha512":"8ef05c803acbb2f19d595456469ee8cfec12427c24303e91cca95cdb53e5ee759957faf89ac14a7009dde15644719879287b085f0cfc651f492c79b12e19b947","ssdeep":"384:X1JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:X14VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"7cd2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-06-07T06:00:57.485671Z","last_seen":"2025-06-07T06:00:57.485671Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3152,"timings":{"blocked":0,"dns":2162,"connect":228,"send":0,"wait":296,"receive":2,"ssl":463},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2115ck.cc/","fqdn":"2115ck.cc","domain":"2115ck.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-07T06:00:25.930Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 2115ck.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":163,"dns":8,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444992.xyz/static/js/home.js","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"172.247.148.3","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.600Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/home.js HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 28 Apr 2020 14:28:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5ea83d72-994e\"\r\nExpires: Sat, 07 Jun 2025 18:00:28 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39246,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators","md5":"dace87b98369cd3a17614087ace567a7","sha1":"854eb995ab3a2ca08a785786c0ab1055eef1649d","sha256":"2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417","sha512":"c27abdad353ff3b5ef047690038e5a23e337f6aa15ca88abce98cf5c5865db1fb69a69f72ac2e44256f1dc9a3fe3564bb6212adadf0e6cd6aea4a64d8cb7f975","ssdeep":"768:qJqhbl1JbiPbhWODBb7z9n/bhb7m5gr9JQVT5E12r9luXT:qyODBNQUT","tlshash":"3c03724db697146450b3326a9f7b5a08df7b421f05008f49be7d00a41ff1a4eb616fad","first_seen":"2023-03-07T01:10:44Z","last_seen":"2026-03-18T14:17:29.255306Z","times_seen":551,"resource_available":true,"data":null}},"time_used":427,"timings":{"blocked":109,"dns":1,"connect":158,"send":0,"wait":158,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pg555222.img6212510042.com:8585/8888/pg507/pg80.gif","fqdn":"pg555222.img6212510042.com","domain":"img6212510042.com","tld":"com"},"ip":{"addr":"205.198.65.114","port":8585,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pg555222.img6212510042.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 May 2025 07:58:22 GMT","end":"Sat, 02 Aug 2025 07:58:21 GMT"},"fingerprint":{"sha1":"61:48:91:4F:16:45:B7:10:BF:97:00:CF:DD:15:88:5F:BA:28:4C:36","sha256":"C9:BA:97:14:E2:F5:A9:3A:12:04:6A:F0:FF:68:02:3E:5A:BD:B1:E4:4F:79:0A:C5:61:61:FC:AF:D1:A3:96:B0"}}},"request":{"raw":"GET /8888/pg507/pg80.gif HTTP/1.1\r\nHost: pg555222.img6212510042.com:8585\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 04:21:41 GMT\r\netag: \"68188eb9-88b54\"\r\nexpires: Mon, 07 Jul 2025 04:21:41 GMT\r\nlast-modified: Sat, 07 Jun 2025 04:22:11 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 559956\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":559956,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"02449f7014fca4dfa9d5f399da12b4ad","sha1":"6b166e477f2abdc3de9c81c2aaf9fdaeb20308e2","sha256":"a8d9f157ba36d09879a605db3abe2ff4537c4f13fd6e446608cde279ad0eb30d","sha512":"ebe66453f6e4666c4f4047bdd0af9d8f96659a8f6958171294b8f98b084537ab404402bf349fa1a2547309a5a6b6fc84377cca1e39e2a04b4d7a78a1e58a8381","ssdeep":"12288:YgggUtmJcFfmJcFfmJcFfmJcFfC/PhPhPhPhPO9xkrxkrxkrf:YgggUgc4c4c4c8d","tlshash":"4dc4128dfe769723496331b8c34caa5284b7adf82c75c94761ebc0b4983614126fdc7a","first_seen":"2025-05-24T14:20:55.952511Z","last_seen":"2025-09-29T03:22:58.898419Z","times_seen":864,"resource_available":false,"data":null}},"time_used":3936,"timings":{"blocked":452,"dns":1724,"connect":166,"send":0,"wait":160,"receive":846,"ssl":587},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple-banana.oss-cn-shenzhen.aliyuncs.com/960x60.gxf","fqdn":"apple-banana.oss-cn-shenzhen.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"112.74.1.166","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-cn-shenzhen.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 03 Jan 2025 03:21:02 GMT","end":"Wed, 04 Feb 2026 03:21:01 GMT"},"fingerprint":{"sha1":"03:70:E9:00:74:25:16:B5:BF:FF:00:CD:AB:10:06:8B:47:77:44:19","sha256":"22:DE:75:E4:0A:86:BA:6F:6F:7E:CC:B4:00:6F:BA:50:83:66:18:D2:A6:E6:ED:60:40:43:7A:4F:76:26:13:DF"}}},"request":{"raw":"GET /960x60.gxf HTTP/1.1\r\nHost: apple-banana.oss-cn-shenzhen.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sat, 07 Jun 2025 06:00:32 GMT\r\nContent-Type: application/gxf\r\nContent-Length: 52039\r\nConnection: keep-alive\r\nx-oss-request-id: 6843D580A72E413937ABBD61\r\nAccept-Ranges: bytes\r\nETag: \"3E32BDB2CD2A16E8C98CBCEBA9FF16F1\"\r\nLast-Modified: Wed, 15 Jan 2025 10:22:46 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11493420569303131402\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: PjK9ss0qFujJjLzrqf8W8Q==\r\nx-oss-server-time: 8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52039,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"3e32bdb2cd2a16e8c98cbceba9ff16f1","sha1":"cd1f45f8f6ef778bc199b4d795ee172f3c4986da","sha256":"f05f7be16dee1385038f37c8d08e5dcbe03c2ffa5ecb2e40baade637bacb2ea3","sha512":"cd2c44d244147881e636dd046d4655f47f1ff206a86f87dc77014e2eece2db6bcf2c4056d5480de2f70570d68f0fb57a009dd51628edea112d627dd701952204","ssdeep":"1536:VpzSdNxbkulmlz5RcDRDfkIy4JSA3Va6YiXsYKL:iN4xSRTceZa6YwKL","tlshash":"7333f1e56e08e8419e3462c3aa66358bad460fe1bb38d1247577dc3ff801b54365b2d3","first_seen":"2025-01-13T23:24:54.853057Z","last_seen":"2026-02-19T21:08:23.326389Z","times_seen":100,"resource_available":false,"data":null}},"time_used":3659,"timings":{"blocked":443,"dns":1512,"connect":273,"send":0,"wait":281,"receive":3,"ssl":1147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com/siteadmin/upload/img/1821437871279833090.gif","fqdn":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com","domain":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com","tld":""},"ip":{"addr":"3.5.237.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-east-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 29 Apr 2025 00:00:00 GMT","end":"Sat, 18 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C0:8F:91:8B:87:39:95:A3:68:A0:79:E7:10:5F:99:19:57:79:6C:78","sha256":"10:D3:AB:F7:F9:42:F3:C4:99:B4:7A:FB:CE:3C:E7:04:5F:94:9E:A8:A1:85:D9:71:A9:40:81:7D:54:72:68:F4"}}},"request":{"raw":"GET /siteadmin/upload/img/1821437871279833090.gif HTTP/1.1\r\nHost: v7pyne-835-ppp.s3.ap-east-1.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: /4juEVT0q/xtnZT6qI0+r5766b1kf3wdAwchEUseHLMPJFs+mc2I/SliuQtwXnwbFE3LuMoMDJbKI77BcuTpwxDlJTAHzTel\r\nx-amz-request-id: 2X30K473E46A4RJ8\r\nDate: Sat, 07 Jun 2025 06:00:32 GMT\r\nLast-Modified: Fri, 16 Aug 2024 07:08:12 GMT\r\nETag: \"716f782a5ef40e97cd18860b2f632514\"\r\nx-amz-server-side-encryption: AES256\r\nCache-Control: s-maxage=86400,max-age=1800,public\r\nx-amz-meta-mtime: 1723792004.834520441\r\nAccept-Ranges: bytes\r\nContent-Type: image/gif\r\nContent-Length: 45085\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45085,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"716f782a5ef40e97cd18860b2f632514","sha1":"5de682c467be3b591a6e948ff7e1c66bc8738154","sha256":"5b6b478c99e05be341638c47e99dabd3bc28725e8d68118738a3e62c110434f4","sha512":"fbb098539f1388874cfc9f6c8c4bafa3d876de1128f9a4b669a7742a963841e2ed649cea34a8f0b3e1dd33eb8ba51adc9e1597f8f9f816b5bc639b0fef1811be","ssdeep":"768:Q6GyPrkU8fbYndxd8r311DPWOjpdDUmqUCxG2YieClzJ1yuvMPb1:Qly98TYnPd8r3Fj3UmqP6IHIt5","tlshash":"b213f1b661c40b29e0b24ee8ac0acde336991c45f326d74afe7da376552887f3710d14","first_seen":"2025-05-11T05:57:28.140034Z","last_seen":"2026-02-19T21:08:23.371131Z","times_seen":33,"resource_available":false,"data":null}},"time_used":3618,"timings":{"blocked":426,"dns":1796,"connect":267,"send":0,"wait":290,"receive":262,"ssl":570},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"555jnc.img3174125953.com/8888/jnc/jnc80.gif","fqdn":"555jnc.img3174125953.com","domain":"img3174125953.com","tld":"com"},"ip":{"addr":"156.231.117.216","port":443,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"555jnc.img3174125953.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 May 2025 05:50:14 GMT","end":"Sun, 03 Aug 2025 05:50:13 GMT"},"fingerprint":{"sha1":"36:C0:3F:F3:6C:0A:D3:B5:AC:EE:CC:C4:31:D0:B0:D4:4E:D3:19:3D","sha256":"BE:C4:86:B5:CB:21:77:B7:7B:4C:4D:42:71:E7:96:DC:89:03:48:D8:6D:5C:41:50:12:63:30:CD:1D:B0:DF:FB"}}},"request":{"raw":"GET /8888/jnc/jnc80.gif HTTP/1.1\r\nHost: 555jnc.img3174125953.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 05:33:02 GMT\r\netag: \"664dc89d-b334b\"\r\nexpires: Mon, 07 Jul 2025 05:33:02 GMT\r\nlast-modified: Sat, 07 Jun 2025 05:33:31 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 734027\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":734027,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"0fb098e34cbb802f261ed3126bf9e701","sha1":"cd79336a660e7fcca51c79deb880daf66a860b94","sha256":"b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150","sha512":"12ecd0fcc783c92d04e8883cfec8700a1f662d5b5b241ff09e2cf5abc5c42e1c49642f9c333ce456a8bd94e1a77c4d86b2fef3c6f0669cd90054ed44f7bc9237","ssdeep":"12288:aazR5YYYYsiMwOMwOMwOMwOMwOMwOeUWaaUWaaUWaaUWaaUWaaUWaaUWKejzBa0f:ZTYYYYYtUWaaUWaaUWaaUWaaUWaaUWas","tlshash":"4ff412aff58e18ca095e142773174f1964957086049178c787cdaf2ed287efb3a36938","first_seen":"2023-09-16T22:15:15Z","last_seen":"2026-04-04T13:30:05.838079Z","times_seen":2437,"resource_available":false,"data":null}},"time_used":5232,"timings":{"blocked":416,"dns":2359,"connect":245,"send":0,"wait":246,"receive":1595,"ssl":370},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-07","alert":"Sinkholed","trigger":"img3174125953.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"444992.xyz/","fqdn":"444992.xyz","domain":"444992.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-07T06:00:27.522Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 444992.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://2115ck.cc/\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":189,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.40images1.com:6699/images/960x80.gif","fqdn":"images.40images1.com","domain":"40images1.com","tld":"com"},"ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.40images1.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 May 2025 05:42:01 GMT","end":"Wed, 06 Aug 2025 05:42:00 GMT"},"fingerprint":{"sha1":"8F:3D:5A:79:23:BB:51:0C:94:30:5D:07:F7:0D:B1:79:DB:F5:7C:89","sha256":"FA:04:55:84:57:2A:2B:B9:64:73:6B:20:CF:D0:66:2F:83:DC:5A:7A:53:EF:60:52:8C:95:C0:A6:D9:3B:C4:82"}}},"request":{"raw":"GET /images/960x80.gif HTTP/1.1\r\nHost: images.40images1.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 04:05:05 GMT\r\netag: \"681c5318-a573e\"\r\nexpires: Mon, 07 Jul 2025 04:05:05 GMT\r\nlast-modified: Sat, 07 Jun 2025 04:05:05 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 677694\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":677694,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"b1ae838b623323851d4af0bdbc7287db","sha1":"fff6a733f6426f6d2606ba1f6946eb7f30e330ee","sha256":"1f6cde46fc978e62c5af75a45f601ade6fd380727643d3d99b1c2d5011106fb3","sha512":"f774ef3bc6ba6a5ea70ad8eadfa38a5a90e32ac7b8cbf408e16cff3c6b91ce935dc3015e99d3f03ec4aa8e4f955f0973a2fc2691215babacae83a3bd2c04c3fb","ssdeep":"12288:teCqOeCqOeCqOeCqtevievieviOhpoiWvUiWvUiWvUiWMLKEACHFsFCHFsFCHFsd:oRHRHRHRtevievieviJvIvIvIxMK2K26","tlshash":"f7e4230777c0cd25a2f8aed00fa4fa275e12c9847fe5196716822aeef3172fe459d841","first_seen":"2025-05-11T05:57:28.134847Z","last_seen":"2026-04-04T14:12:03.444781Z","times_seen":499,"resource_available":false,"data":null}},"time_used":2873,"timings":{"blocked":458,"dns":354,"connect":238,"send":0,"wait":240,"receive":1334,"ssl":248},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gif.fpaixfl.com/388-960x80.gif","fqdn":"gif.fpaixfl.com","domain":"fpaixfl.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gif.fpaixfl.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 13 May 2025 08:25:46 GMT","end":"Fri, 12 Jun 2026 08:25:45 GMT"},"fingerprint":{"sha1":"11:B7:77:59:64:2F:0D:C2:C2:C9:B2:65:F4:5A:A0:50:AA:CC:F2:20","sha256":"C5:5E:2A:26:BE:AA:3D:91:5C:5C:AE:2A:BB:6E:03:42:82:05:56:B7:F0:5D:98:A1:2A:67:DB:72:98:95:7E:61"}}},"request":{"raw":"GET /388-960x80.gif HTTP/1.1\r\nHost: gif.fpaixfl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: NgxFence\r\ndate: Sat, 07 Jun 2025 06:00:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.fjyyedu.com/388-960x80.gif\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":282970,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":3819,"timings":{"blocked":448,"dns":2301,"connect":334,"send":0,"wait":337,"receive":0,"ssl":399},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN01eDRouH1Bs33QbUWzs_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN01eDRouH1Bs33QbUWzs_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 217977\r\ndate: Sat, 10 May 2025 12:38:30 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5319917468807106141661e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache28.l2fr1[0,0,200-0,H], cache19.l2fr1[0,0], ens-cache17.fr6[0,0,200-0,H], ens-cache27.fr6[1,0]\r\naccess-control-allow-origin: *\r\nage: 2395320\r\nali-swift-global-savetime: 1746880710\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 10 May 2025 12:40:17 GMT\r\nx-swift-cachetime: 31535893\r\ntiming-allow-origin: *\r\neagleid: a3b5fdaf17492760305196004e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":217977,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"228152c32a6f95070687c75137e14a22","sha1":"e307843a355bee858bd9384f3e8eda6620729005","sha256":"230638b3c76e032b8e0a75045b9221b8f69727c415ace62477b05370def9fa5a","sha512":"d67cb64c4fb2ab9c0c7726af7a11152e0bc8efce6180458b6ef2073b567c9829152041647be287bacba1f5b8792f3e7a72875e4889f6a735c40a2b72b8acd61a","ssdeep":"6144:P9IbgCkIbgCkISNmyFfeUqFjqxoqFjqxoqFj+:PWb9Nb9NSNmyFGUejqxoejqxoej+","tlshash":"122402b5ed21032bf793c6bcbd79a4796598a1e3c7045631ac68cd0876d728783e14f2","first_seen":"2025-04-10T19:18:00.104522Z","last_seen":"2025-06-26T14:48:31.953778Z","times_seen":76,"resource_available":false,"data":null}},"time_used":2011,"timings":{"blocked":438,"dns":1279,"connect":34,"send":0,"wait":94,"receive":45,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.blkj58.com/images/91274636-75a7-4385-b3e7-cee240ce87ef","fqdn":"img.blkj58.com","domain":"blkj58.com","tld":"com"},"ip":{"addr":"138.199.46.65","port":443,"asn":60068,"as":"Datacamp Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.blkj58.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Jun 2025 05:47:00 GMT","end":"Sat, 30 Aug 2025 05:46:59 GMT"},"fingerprint":{"sha1":"87:6E:D9:04:7F:15:31:CE:22:F4:E4:CC:48:69:69:F9:B1:56:2C:2E","sha256":"BC:CD:FA:AC:11:CC:1B:CE:7A:83:11:B8:EF:8A:EB:3D:81:2D:B7:D8:CB:66:4F:2D:A4:09:6B:B7:C3:25:06:2B"}}},"request":{"raw":"GET /images/91274636-75a7-4385-b3e7-cee240ce87ef HTTP/1.1\r\nHost: img.blkj58.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 07 Jun 2025 06:00:31 GMT\r\ncontent-length: 0\r\nlocation: https://cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif\r\nserver: BunnyCDN-SG1-1274\r\ncdn-pullzone: 3585066\r\ncdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nstrict-transport-security: max-age=31536000\r\ncdn-proxyver: 1.28\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 302\r\ncdn-cachedat: 06/06/2025 14:39:02\r\ncdn-edgestorageid: 868\r\ncdn-requestid: 8be9a20967431bed6fc5015612a1ca79\r\ncdn-cache: HIT\r\ncdn-status: 302\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":273082,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":2610,"timings":{"blocked":436,"dns":1290,"connect":184,"send":0,"wait":184,"receive":0,"ssl":515},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN01Kq6DZR1DbDji3Ipw9_!!6000000000234-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:32.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN01Kq6DZR1DbDji3Ipw9_!!6000000000234-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444992.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 678863\r\ndate: Sun, 25 May 2025 08:29:37 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.005\r\ntraceid: a3b5fdaa17481617771061141e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache18.l2fr1[182,182,200-0,M], cache29.l2fr1[183,0], ens-cache25.fr6[0,0,200-0,H], ens-cache27.fr6[2,0]\r\naccess-control-allow-origin: *\r\nage: 1114255\r\nali-swift-global-savetime: 1748161777\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 25 May 2025 08:29:37 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: a3b5fdaf17492760329748369e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":678863,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"ef419020bddaddbdd254c143e2613a57","sha1":"10c961cabf485549e460c730be36e0beb8d23e5c","sha256":"14aebd8aa196b69181d4c33c148d5bed3d999e2d8b50d12b18a41be47448d536","sha512":"a9f524f7bdc67694389dac66f1992c0c6a91a1105a95f3e7a0b83c2055c6a78e37ded3643dfb1b4b94566d2c0a35d61236bece09846d517c5dd26501b19fab93","ssdeep":"12288:h8qv2D5n4KBTFlQ0a2igtnF0lDFFryoYHluC/lzxDkkyDJKuZcZzKHJkQZrwZd4p:b2Vn4KBTs0ZrnF09F03Fu0lzxQDIuWZU","tlshash":"b3e423c62968e198de3e2cb00a964a757890a1ce65b0dcf6d56a6405f3cf07f3fe1718","first_seen":"2025-05-27T02:04:19.782606Z","last_seen":"2025-08-31T20:07:04.266228Z","times_seen":337,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"311050.xyz:8899/?u=http://2115ck.cc/\u0026p=/","fqdn":"311050.xyz","domain":"311050.xyz","tld":"xyz"},"ip":{"addr":"198.16.60.50","port":8899,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-07T06:00:26.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"311050.xyz","organization":""},"issuer":{"commonName":"GeoSSL DV TLS CA","organization":"GeoSSL, Inc."},"validity":{"start":"Fri, 18 Apr 2025 06:16:56 GMT","end":"Sat, 18 Apr 2026 06:15:56 GMT"},"fingerprint":{"sha1":"79:B1:E6:2E:52:48:FE:B6:6E:A1:FF:5B:65:6C:8C:5F:F3:D2:40:F1","sha256":"1E:BE:EA:0C:03:FD:30:90:30:E9:D8:73:9B:82:28:EF:30:0A:0C:7A:02:18:C7:5A:93:74:0C:12:D4:E3:84:D5"}}},"request":{"raw":"GET /?u=http://2115ck.cc/\u0026p=/ HTTP/1.1\r\nHost: 311050.xyz:8899\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://2115ck.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 07 Jun 2025 06:00:28 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: http://444992.xyz\r\nX-Frame-Options: SAMEORIGIN\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":1402,"timings":{"blocked":547,"dns":23,"connect":156,"send":0,"wait":298,"receive":0,"ssl":375},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.835images20.com:6699/images/960-80.gif","fqdn":"images.835images20.com","domain":"835images20.com","tld":"com"},"ip":{"addr":"205.198.77.227","port":6699,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444992.xyz/","date":"2025-06-07T06:00:28.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.835images20.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Apr 2025 15:37:05 GMT","end":"Wed, 16 Jul 2025 15:37:04 GMT"},"fingerprint":{"sha1":"CB:A4:EE:87:E5:00:C5:E6:E4:B1:82:8B:32:0E:0C:24:0F:49:8A:BC","sha256":"DC:5A:F1:1D:DA:66:DC:3F:BF:64:9B:F8:53:C0:4E:99:69:7C:57:F6:0F:50:77:91:9E:F2:A0:DC:00:AA:51:B9"}}},"request":{"raw":"GET /images/960-80.gif HTTP/1.1\r\nHost: images.835images20.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444992.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\ndate: Sat, 07 Jun 2025 05:42:45 GMT\r\netag: \"6770fe82-9cd32\"\r\nlast-modified: Sat, 07 Jun 2025 05:42:45 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 642354\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":642354,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"2c643dfd108ed9a53c3fcd428cbe66d5","sha1":"3cbff6bb2c961fe0a94d8c54f4c30db6fe3fd701","sha256":"45514474bc5eef13da3c42acc96b21696d342522f173c435ef69b6a55f80df23","sha512":"3a0bd50bcf68d928b2a1b01780b0bd9e9fe0774a092479aa6bd81a9b095d4592622b4bc259f451026cf4fd257a7ecc0ab107ee87febe3295b47f1013b6cea98e","ssdeep":"12288:WqwphqwphqwphqwmqVrcLOPY2QqVrcLOPY2QqVrcLOPY2QqVrcLOPY2kGXgMXgMH:PUgUgUgJqVcLNqVcLNqVcLNqVcLRhXXM","tlshash":"cfd4238c52fb5cd042b0a8e548acd77f000d95f6496e44d3ab02f982ba4d6ebdd81e7d","first_seen":"2024-06-16T17:39:28Z","last_seen":"2026-04-04T14:12:03.459724Z","times_seen":1251,"resource_available":false,"data":null}},"time_used":4625,"timings":{"blocked":456,"dns":1147,"connect":248,"send":0,"wait":237,"receive":1365,"ssl":1159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}