newtonmagazine.com/zt/thdbh
38.11.127.7301 Moved Permanently 0 B URL User Request GET HTTP/1.1 newtonmagazine.com/zt/thdbh
IP 38.11.127.7:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zt/thdbh HTTP/1.1
Host: newtonmagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.newtonmagazine.com/zt/thdbh
Content-Type: text/html
www.newtonmagazine.com/zt/thdbh
38.11.127.7200 OK 785 B URL User Request GET HTTP/1.1 www.newtonmagazine.com/zt/thdbh
IP 38.11.127.7:80
File type JavaScript source, ISO-8859 text, with CRLF line terminators
Hash 289e2af58e2ab9762af976f7ade95f0b
bc830a849c36e0f822d2b58634a9c373aac8f7b0
ea20dc33f087b5dde1242b2be62dfb22f84e3a4f529b1b5ffb6752181e14e5bf
GET /zt/thdbh HTTP/1.1
Host: www.newtonmagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:16 GMT
Content-Length: 785
Content-Type: text/html
Server: nginx
www.newtonmagazine.com/common.js
38.11.127.7200 OK 2.7 kB URL GET HTTP/1.1 www.newtonmagazine.com/common.js
IP 38.11.127.7:80
Requested by http://www.newtonmagazine.com/zt/thdbh
File type JavaScript source, ASCII text, with very long lines (523), with CRLF line terminators
Hash dfbfbf732056f399b726e25d4ff6782e
5b676413483b544df15186312f5781dde28c9b4b
cf9fdbcbe72f9cf16b73f6976ab772ec03ad5ffc38361bc64d9e4a3b41286d45
GET /common.js HTTP/1.1
Host: www.newtonmagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/zt/thdbh
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:16 GMT
Content-Length: 2668
Content-Type: application/x-javascript
Server: nginx
www.newtonmagazine.com/tj.js
38.11.127.7200 OK 520 B URL GET HTTP/1.1 www.newtonmagazine.com/tj.js
IP 38.11.127.7:80
Requested by http://www.newtonmagazine.com/zt/thdbh
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 0cc0be2716e8fc27bc15f479cf70c646
ac1aae7258ab7076c3e069e5e1d333180505dcd3
cb52d6669686289e00931b479a4e4abb78d18ec94fc75d023e0df4bb0667d42f
GET /tj.js HTTP/1.1
Host: www.newtonmagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/zt/thdbh
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:16 GMT
Content-Length: 520
Content-Type: application/x-javascript
Server: nginx
www.newtonmagazine.com/favicon.ico
38.11.127.7200 OK 785 B URL GET HTTP/1.1 www.newtonmagazine.com/favicon.ico
IP 38.11.127.7:80
Requested by http://www.newtonmagazine.com/zt/thdbh
File type JavaScript source, ISO-8859 text, with CRLF line terminators
Hash 289e2af58e2ab9762af976f7ade95f0b
bc830a849c36e0f822d2b58634a9c373aac8f7b0
ea20dc33f087b5dde1242b2be62dfb22f84e3a4f529b1b5ffb6752181e14e5bf
GET /favicon.ico HTTP/1.1
Host: www.newtonmagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/zt/thdbh
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:17 GMT
Content-Length: 785
Content-Type: text/html
Server: nginx
107.149.199.61:38689/
107.149.199.61200 OK 10 kB IP 107.149.199.61:38689
Requested by http://www.newtonmagazine.com/zt/thdbh
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 41be8c3a653a89b854ee1aa1dd010b15
873842e89babac072ea10a9a17a72269f166badf
5380d02830af89f63cc2fe077559487e88350c3b053e6ed2cae808cdddcff60b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 10420
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:80
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by http://www.newtonmagazine.com/zt/thdbh
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 07 May 2024 08:29:15 GMT
Etag: "4078521116"
Expires: Wed, 07 May 2025 08:29:15 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=87D1E208ADFBB045B0FB39CFFD8F0EA9:FG=1; max-age=31536000; expires=Wed, 07-May-25 08:29:15 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.newtonmagazine.com/zt/thdbh
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 07 May 2024 08:29:15 GMT
Etag: "4078521116"
Expires: Wed, 07 May 2025 08:29:15 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CFC768D2FDAC49FAE579B6D491DE37C7:FG=1; max-age=31536000; expires=Wed, 07-May-25 08:29:15 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
107.149.199.61:38689/template/m1938pc/css/ate.css
107.149.199.61200 OK 4.5 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/css/ate.css
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 507a51f8b1d147fcf60eb2a898690259
e630900e6a1a0434719c5bdaf655362313e7e33c
9a9afeb3b64f2b7ccce5b842929a2fed579e24450e6c436386e7956b2de8e12a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:10 GMT
etag: "126e5-5e5ddfa188f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4527
content-type: text/css
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/css/zui.css
107.149.199.61200 OK 25 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/css/zui.css
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type assembler source, Unicode text, UTF-8 (with BOM) text
Hash 5660a22ccd545550e17c4ac22fe72135
a35b2c5e39c20cc8a1f6ded28a7adb521cc49a3f
aff7ebc6015eb363a857aeb10e4f104f2adf868573874d3db2fab2aa93e866c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 16 Sep 2023 13:41:03 GMT
etag: "1bf31-6057a0f69b9c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 25171
content-type: text/css
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/tb.js
107.149.199.61200 OK 638 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/tb.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash b146900509848b4f3e2ef9ef4a0550eb
5392b0160d82b8f15385e41907bb0c648da20cf9
8cc4da1a8877509f8c688a2cc567e4d6b4eef966937506d6821668a8df917c42
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/tb.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 May 2024 09:14:58 GMT
etag: "97e-617c580e757fd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 638
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/qq1.js
107.149.199.61200 OK 2.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq1.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash cebd97e4760ccee013e5010628e69711
2ed46d7e7604cc6aec9f3de411476993c67f1d4c
9f199a8f279b96b9dffe2d7f7f40d8747a103f7227561eac73e0e5e1c9d8e10d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq1.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 08:06:38 GMT
etag: "32fd-617d8aa58bb3b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2019
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/dht.js
107.149.199.61200 OK 1.3 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/dht.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash 82fd867a84919c2526f9f3cf7b5cdc7b
55c1ea6aa394a863df78171efd8e21db412f4c7b
57ad01d1ff9441e40d7dab6381459cea154994d7c2485d40bf88b2f5132ec94c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/dht.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 May 2024 05:09:10 GMT
etag: "2e33-617c211d6ee1b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1320
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/images/1.gif
107.149.199.61200 OK 254 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/images/1.gif
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type GIF image data, version 89a, 16 x 17
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Aug 2023 11:58:21 GMT
etag: "fe-6029050003140"
accept-ranges: bytes
content-length: 254
content-type: image/gif
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/dh.js
107.149.199.61200 OK 1.1 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/dh.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash e33e7e7b6adb5394db67b044fe00ab0f
06001bd2189a04e508bebc88d5073c15bf94a11b
4ce7efd5cd07bc027cbffceb8bb967c4a85089db453c88394f8a9ccfad313cfc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 May 2024 05:09:10 GMT
etag: "28d9-617c211d6ea33-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1087
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/sp.js
107.149.199.61200 OK 636 B URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/sp.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 9f5f07272f1a76a347423cb76cb56dbd
5f6dbfb05b9288acde1555a720432e6f254c93b1
ef02692a9a1489fffa9049448a5c468c21fb59eba7571f47c508e9b016d78f66
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/sp.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 12:04:27 GMT
etag: "789-61777679aa8c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 636
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/bctp.js
107.149.199.61200 OK 1.2 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/bctp.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash b02e5c4446b457f021c292506cf25321
de05964ac37690205793f0b1f8ca3ac15d42d4b7
b1aef63f2d2d561fa9e8148ef775981608128eb129fa4b8ad65f01460ceed1b5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/bctp.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 04:48:00 GMT
etag: "177a-617d5e3f9a378-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1226
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/qq2.js
107.149.199.61200 OK 2.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq2.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (302)
Hash 7cb2cd0c70945dc93efe17d163f064bd
ee4c42fcb8b317ae8d9cc55a471d820a57d21190
79fbaa4bdbfcbc5ba40f00936e4d54b8b2c4c5bf93f1f49f9c896d53d27cf3c5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq2.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 May 2024 05:09:10 GMT
etag: "2777-617c211d6e263-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2002
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/qq3.js
107.149.199.61200 OK 1.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq3.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 34120cfa2e9fdc2ffbfde82eb5342cc8
04aa70119690ec0c34e98f941116287ffbdb71fc
0814f0f832b2331306121688edb09f646ba346b3aa68c3b4c52b3291af3f4a7c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq3.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 06:42:38 GMT
etag: "196e-617d77df20ec7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1003
content-type: text/javascript
date: Tue, 07 May 2024 08:29:15 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e704c69ac705f46d1e51c39b832a4067
183.240.98.228200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?e704c69ac705f46d1e51c39b832a4067
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by http://www.newtonmagazine.com/zt/thdbh
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (616)
Hash 82cf7c262402a81d4bacd36eea2cfefd
83878e05a5214ee84608ba8c4318c5d715882865
e5bb957b59dc6350edced13ef5f81c0dd2b5ce7168d329de8a429f60eef178c9
GET /hm.js?e704c69ac705f46d1e51c39b832a4067 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 07 May 2024 08:29:15 GMT
Etag: 7761c1cccbbfced8094f19a85a7fc931
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FC9C8CA45A4DD78D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?1597dbc0d180c4192c37e9004d428ec7
183.240.98.228200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?1597dbc0d180c4192c37e9004d428ec7
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by http://www.newtonmagazine.com/zt/thdbh
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (615)
Hash ffbd68f43b5e7690a88dd481b59ffe7a
1cd47a0477f8da1ec9d08174bbccec59c7ac092b
fbe0e8adc1f7df3143ae9de2fefc40ed456c119b972108e266af684e5d65e693
GET /hm.js?1597dbc0d180c4192c37e9004d428ec7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Tue, 07 May 2024 08:29:15 GMT
Etag: 2219d61e70fee4d832f47b840fea0bb5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5665F6553D5D9F24; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
107.149.199.61:38689/template/m1938pc/ads/gg.jpg
107.149.199.61200 OK 14 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/gg.jpg
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 960x51, components 3
Hash aaa12973bfefffcf6680081350d345a4
0231169877cf780337619db83e7591cba019854b
4124a6e1c9baa8735275f7d5be1f06a1cc8eaca18e52c14050ff41b8d00db127
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/gg.jpg HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Feb 2024 12:49:54 GMT
etag: "35b0-610516e964080"
accept-ranges: bytes
content-length: 13744
content-type: image/jpeg
date: Tue, 07 May 2024 08:29:16 GMT
server: Apache
X-Firefox-Spdy: h2
img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
47.246.44.250200 OK 2.7 kB URL GET HTTP/2 img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
IP 47.246.44.250:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT
Hash 78cdf5f8995a77bde017c9afb00ff09c
892a0c961a111310a1c6a76f611edcfe0f5472d3
3724b8fd47d02379fa76d99f3ef90b3f3c108de19d4f0ae9899352dc7ffbebd3
GET /imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/avif
content-length: 2725
date: Sun, 14 Apr 2024 00:57:57 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: HIT
request-time: 0.002
traceid: a3b55c9517130562768888849e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: jpg2avif
cache-control: max-age=31536000
ali-swift-global-savetime: 1713056277
via: cache16.l2us1[0,0,200-0,H], cache6.l2us1[0,0], ens-cache15.se2[0,0,200-0,H], ens-cache19.se2[1,0]
access-control-allow-origin: *
age: 2014279
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 14 Apr 2024 01:02:13 GMT
x-swift-cachetime: 31535744
s-rt: 3
vary: Accept
timing-allow-origin: *
eagleid: 2ff62ca717150705562995874e
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.newtonmagazine.com/zt/thdbh
112.34.113.148200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.newtonmagazine.com/zt/thdbh
IP 112.34.113.148:80
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by http://www.newtonmagazine.com/zt/thdbh
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.newtonmagazine.com/zt/thdbh HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 07 May 2024 08:29:16 GMT
107.149.199.61:38689/template/m1938pc/images/video-play.png
107.149.199.61200 OK 1.6 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/images/video-play.png
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 07:27:16 GMT
etag: "61f-5e5ddfa741d00"
accept-ranges: bytes
content-length: 1567
content-type: image/png
date: Tue, 07 May 2024 08:29:16 GMT
server: Apache
X-Firefox-Spdy: h2
107.149.199.61:38689/template/m1938pc/ads/dh.js
107.149.199.61200 OK 1.1 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/dh.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Hash e33e7e7b6adb5394db67b044fe00ab0f
06001bd2189a04e508bebc88d5073c15bf94a11b
4ce7efd5cd07bc027cbffceb8bb967c4a85089db453c88394f8a9ccfad313cfc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 May 2024 05:09:10 GMT
etag: "28d9-617c211d6ea33-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1087
content-type: text/javascript
date: Tue, 07 May 2024 08:29:16 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1682508302&si=e704c69ac705f46d1e51c39b832a4067&v=1.3.0&lv=1&sn=19606&r=0&ww=1280&u=http%3A%2F%2Fwww.newtonmagazine.com%2Fzt%2Fthdbh&tt=%E4%BC%8A%E7%8A%81%E9%A9%B9%E5%8F%AD%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1682508302&si=e704c69ac705f46d1e51c39b832a4067&v=1.3.0&lv=1&sn=19606&r=0&ww=1280&u=http%3A%2F%2Fwww.newtonmagazine.com%2Fzt%2Fthdbh&tt=%E4%BC%8A%E7%8A%81%E9%A9%B9%E5%8F%AD%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by http://www.newtonmagazine.com/zt/thdbh
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1682508302&si=e704c69ac705f46d1e51c39b832a4067&v=1.3.0&lv=1&sn=19606&r=0&ww=1280&u=http%3A%2F%2Fwww.newtonmagazine.com%2Fzt%2Fthdbh&tt=%E4%BC%8A%E7%8A%81%E9%A9%B9%E5%8F%AD%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 08:29:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AEAE783E2407B787; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?f5f73e5916871afe97c68215440d54e7
183.240.98.228200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?f5f73e5916871afe97c68215440d54e7
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (615)
Hash f9405d0511864f0db66107c5e9c46640
bb50fbca545690b825e669d6c64ed20c9a0550c8
35c7d80d9aa5cf506d89414329403a922083afa6bf3805d6f6028ccead8b821f
GET /hm.js?f5f73e5916871afe97c68215440d54e7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Tue, 07 May 2024 08:29:16 GMT
Etag: c01a327850e68ac01201d2d7da0e3d6b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=426ADF48A711C1B1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
107.149.199.61:38689/template/m1938pc/ads/qq1.js
107.149.199.61200 OK 2.0 kB URL GET HTTP/2 107.149.199.61:38689/template/m1938pc/ads/qq1.js
IP 107.149.199.61:38689
Requested by https://107.149.199.61:38689/
Certificate IssuerSectigo Limited
Subject107.149.199.61
FingerprintEB:FA:83:91:F2:FE:28:21:73:AC:B6:D9:41:A2:BF:13:F4:B6:3F:31
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash cebd97e4760ccee013e5010628e69711
2ed46d7e7604cc6aec9f3de411476993c67f1d4c
9f199a8f279b96b9dffe2d7f7f40d8747a103f7227561eac73e0e5e1c9d8e10d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/m1938pc/ads/qq1.js HTTP/1.1
Host: 107.149.199.61:38689
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 08:06:38 GMT
etag: "32fd-617d8aa58bb3b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2019
content-type: text/javascript
date: Tue, 07 May 2024 08:29:16 GMT
server: Apache
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=976841811&si=f5f73e5916871afe97c68215440d54e7&su=http%3A%2F%2Fwww.newtonmagazine.com%2F&v=1.3.0&lv=1&sn=19607&r=0&ww=1280&u=https%3A%2F%2F107.149.199.61%3A38689%2F&tt=Welcome-91%E6%8A%96%E9%98%B4%E8%A7%86%E9%A2%91
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=976841811&si=f5f73e5916871afe97c68215440d54e7&su=http%3A%2F%2Fwww.newtonmagazine.com%2F&v=1.3.0&lv=1&sn=19607&r=0&ww=1280&u=https%3A%2F%2F107.149.199.61%3A38689%2F&tt=Welcome-91%E6%8A%96%E9%98%B4%E8%A7%86%E9%A2%91
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=976841811&si=f5f73e5916871afe97c68215440d54e7&su=http%3A%2F%2Fwww.newtonmagazine.com%2F&v=1.3.0&lv=1&sn=19607&r=0&ww=1280&u=https%3A%2F%2F107.149.199.61%3A38689%2F&tt=Welcome-91%E6%8A%96%E9%98%B4%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 08:29:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4F2D72D64688BB8D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1947723328&si=1597dbc0d180c4192c37e9004d428ec7&v=1.3.0&lv=1&sn=19606&r=0&ww=1280&u=http%3A%2F%2Fwww.newtonmagazine.com%2Fzt%2Fthdbh&tt=%E4%BC%8A%E7%8A%81%E9%A9%B9%E5%8F%AD%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1947723328&si=1597dbc0d180c4192c37e9004d428ec7&v=1.3.0&lv=1&sn=19606&r=0&ww=1280&u=http%3A%2F%2Fwww.newtonmagazine.com%2Fzt%2Fthdbh&tt=%E4%BC%8A%E7%8A%81%E9%A9%B9%E5%8F%AD%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by http://www.newtonmagazine.com/zt/thdbh
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1947723328&si=1597dbc0d180c4192c37e9004d428ec7&v=1.3.0&lv=1&sn=19606&r=0&ww=1280&u=http%3A%2F%2Fwww.newtonmagazine.com%2Fzt%2Fthdbh&tt=%E4%BC%8A%E7%8A%81%E9%A9%B9%E5%8F%AD%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newtonmagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 08:29:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4BA826AA32F81731; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img.hgimg01.com/upload/vod/20240429-1/916f9ceafb799344f64c89e47d2f7907.jpg
209.142.71.124200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/916f9ceafb799344f64c89e47d2f7907.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 953x536, components 3
Hash 80083be7d376464d94d9bffa6d22fdd4
9dbb7c877313fdb9cd786fa21ae9435c61f4e0ef
37a719745e01a29e05fa3d10c4b7994a7b605bfb86c5c167c74dd4e18b403853
GET /upload/vod/20240429-1/916f9ceafb799344f64c89e47d2f7907.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 77749
last-modified: Mon, 29 Apr 2024 13:25:36 GMT
etag: "662f9fd0-12fb5"
expires: Wed, 29 May 2024 13:26:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/a6404d101ff39b52b5c2f2887a5e302f.jpg
209.142.71.124200 OK 65 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/a6404d101ff39b52b5c2f2887a5e302f.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 957x535, components 3
Hash 788db8a1824a3fc116c5f7ab2ae026b6
888440e59b2f4e87a176fc2caed2048c8e2eeba6
1669db38c4de240e7658caa58d40d962aeb286c497356d71fbd011f9f8618774
GET /upload/vod/20240429-1/a6404d101ff39b52b5c2f2887a5e302f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 65444
last-modified: Mon, 29 Apr 2024 13:25:34 GMT
etag: "662f9fce-ffa4"
expires: Wed, 29 May 2024 13:26:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/9fffd720ef6f58748136fac192edcf7d.jpg
209.142.71.124200 OK 60 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/9fffd720ef6f58748136fac192edcf7d.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 720x400, components 3
Hash 554c86b5a46fe7f5d32d1948a25dca1d
679708c9c4be46930824ef69ecabe388d3581f08
f608bfe1ac43f79a422e9aca6728e33f1668fc4a2b41a04c1f46833ba1d164e0
GET /upload/vod/20240429-1/9fffd720ef6f58748136fac192edcf7d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 60092
last-modified: Mon, 29 Apr 2024 13:25:29 GMT
etag: "662f9fc9-eabc"
expires: Wed, 29 May 2024 13:26:17 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/9bb4f4fdb8b7111323f2e2a2ff3ab437.jpg
209.142.71.124200 OK 57 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/9bb4f4fdb8b7111323f2e2a2ff3ab437.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 718x402, components 3
Hash 347b0ceb2689591a2c8d64780fce8234
5d58ce0c3e95a208a7f52071fb1020799524f3f1
09d7129fd62a2cd452736816c433979ca66da99749bbb8623b80b3416cc4c143
GET /upload/vod/20240429-1/9bb4f4fdb8b7111323f2e2a2ff3ab437.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 57234
last-modified: Mon, 29 Apr 2024 13:25:28 GMT
etag: "662f9fc8-df92"
expires: Wed, 29 May 2024 13:25:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/cc3814d45617d46039a179e1e0297669.jpg
209.142.71.124200 OK 60 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/cc3814d45617d46039a179e1e0297669.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 169454804be86be852b54ea22cacbb82
c8b29315a0b6042f67e649d7c9b68ff4cb3eac5f
c7b6bb2f4054b289aca0677543a518e83a0c686b1079f19931d162c65228ddad
GET /upload/vod/20240506-1/cc3814d45617d46039a179e1e0297669.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 60048
last-modified: Mon, 06 May 2024 05:54:21 GMT
etag: "6638708d-ea90"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/34e54cb51813a70f39f9145682a791aa.jpg
209.142.71.124200 OK 56 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/34e54cb51813a70f39f9145682a791aa.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 69bb007cd56b58898fb7b445d65a7a55
27b82bbdefe0a913168589a289e134cc9c09a823
40fc6a9f24eaaaa28ae510ae543325bf22f05e7d1e2b46ce1b07deb2f3a502e6
GET /upload/vod/20240506-1/34e54cb51813a70f39f9145682a791aa.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 56192
last-modified: Mon, 06 May 2024 05:54:10 GMT
etag: "66387082-db80"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/8b8a768e6e7e6782c5113d15da94a1e3.jpg
209.142.71.124200 OK 56 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/8b8a768e6e7e6782c5113d15da94a1e3.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 7a2bd9e400cc6e23d20cae1aac36cbb8
c7242efe40d10eaac5cef64cc53ebc773079013b
c364f92f755cc9621d7df15f1c27b7031083728a4181f528b618b3a9e9ae70f2
GET /upload/vod/20240506-1/8b8a768e6e7e6782c5113d15da94a1e3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 55584
last-modified: Mon, 06 May 2024 05:54:04 GMT
etag: "6638707c-d920"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/601f5f53783873cb8a59435e317c6953.jpg
209.142.71.124200 OK 22 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/601f5f53783873cb8a59435e317c6953.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 587x331, components 3
Hash a9a3cdf0038c79f48aa57a160a6caf3a
e7798d7c090964cd55ce973c756f17a7be9226a0
130f75070be0670f0cbb65225c6058d385ac504d2bc51b5c0284752662dff1cd
GET /upload/vod/20240506-1/601f5f53783873cb8a59435e317c6953.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 22470
last-modified: Mon, 06 May 2024 05:52:43 GMT
etag: "6638702b-57c6"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/86a32eb9aab232351a5cfb8a6678faf4.jpg
209.142.71.124200 OK 36 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/86a32eb9aab232351a5cfb8a6678faf4.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x476, components 3
Hash 1aac4394fb50de0021e9a1b241882191
d5d2442b7686858f9e8a388e60c4eca660dd975e
3945e86f646d25c547120f21ea9db75cd6dbad7f9572ccb2f87d216234b3aecd
GET /upload/vod/20240505-1/86a32eb9aab232351a5cfb8a6678faf4.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 36228
last-modified: Sun, 05 May 2024 05:35:04 GMT
etag: "66371a88-8d84"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/d5000141fbff33fff64b626c184eab86.jpg
209.142.71.124200 OK 33 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/d5000141fbff33fff64b626c184eab86.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x476, components 3
Hash 74fcc94acb18360fa68a3a034b4014a0
9a9d434fcd3b875d56dff9f2a6de286d21bd5073
acabf81d611d3b1759f0375f68a5f234e28c70b9f5f81a753193b3b6801ee217
GET /upload/vod/20240505-1/d5000141fbff33fff64b626c184eab86.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 33154
last-modified: Sun, 05 May 2024 05:35:01 GMT
etag: "66371a85-8182"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/a32b08d0e2d173d0d8aab4cd0070cf4c.jpg
209.142.71.124200 OK 33 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/a32b08d0e2d173d0d8aab4cd0070cf4c.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x476, components 3
Hash 74fcc94acb18360fa68a3a034b4014a0
9a9d434fcd3b875d56dff9f2a6de286d21bd5073
acabf81d611d3b1759f0375f68a5f234e28c70b9f5f81a753193b3b6801ee217
GET /upload/vod/20240505-1/a32b08d0e2d173d0d8aab4cd0070cf4c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 33154
last-modified: Sun, 05 May 2024 05:35:00 GMT
etag: "66371a84-8182"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/c54ca428181f92ffeaa215d7cd1d3ab5.jpg
209.142.71.124200 OK 45 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/c54ca428181f92ffeaa215d7cd1d3ab5.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1024x576, components 3
Hash 06ab28170cf30816a79d81ba900e3ced
bf711cc0a38e19ca041c8054fa113c7d9395272e
0e9141a6f9b64c74fa8da784cacf2afdd9c2a1bbb67ebeb6c20f65db58a3bebf
GET /upload/vod/20240506-1/c54ca428181f92ffeaa215d7cd1d3ab5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 45312
last-modified: Mon, 06 May 2024 05:52:48 GMT
etag: "66387030-b100"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/529f6fe4cb9152dd17c2f5694662587d.jpg
209.142.71.124200 OK 56 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/529f6fe4cb9152dd17c2f5694662587d.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 64afd41d06f5be86d7d8e4d759f94102
bdf3bf49561949bdb92131dd9c97761eafa9cb50
92cd3d81a89b71dbe8a5cb0dac23b5d6079693e37acc4982f873682bc46cb196
GET /upload/vod/20240506-1/529f6fe4cb9152dd17c2f5694662587d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 56480
last-modified: Mon, 06 May 2024 05:52:47 GMT
etag: "6638702f-dca0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/407c26227d846521129de8c5b9e4f99d.jpg
209.142.71.124200 OK 63 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/407c26227d846521129de8c5b9e4f99d.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 84d4773ad6a843a6243def431782ecdc
5f6df8bf2909de1f6878a63e16fb7dc8753190f0
daccb61761b592e55caa4eaba386fbcd46986a536014d77b3a09a814ca814cef
GET /upload/vod/20240506-1/407c26227d846521129de8c5b9e4f99d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 63408
last-modified: Mon, 06 May 2024 05:52:45 GMT
etag: "6638702d-f7b0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/3a84cfe37fda3a5bd0672e822e343859.jpg
209.142.71.124200 OK 46 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/3a84cfe37fda3a5bd0672e822e343859.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 852x480, components 3
Hash 8f5b1105afb6b13be6857f1afd733c8d
ec317cbd31ba20ee2a69f032a1d2de0f0a7bc2c9
4b8c612c3eb6d9dcfef8c0f43b223185963c95a8b4b04bbaee788465d536a8ec
GET /upload/vod/20240505-1/3a84cfe37fda3a5bd0672e822e343859.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 46400
last-modified: Sun, 05 May 2024 05:35:28 GMT
etag: "66371aa0-b540"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/b688fbd44a2824771f0dccb4d07e0820.jpg
209.142.71.124200 OK 69 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/b688fbd44a2824771f0dccb4d07e0820.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 956x532, components 3
Hash c44cfeba5ce4440b75ffda99d23b291e
ec19ec1cd101fd283f74d1f9301de53ca27e75cb
93b18766aa48b09c78a8ec66cc903cbaef4f2026079467d6b968410bfb712e78
GET /upload/vod/20240429-1/b688fbd44a2824771f0dccb4d07e0820.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 69211
last-modified: Mon, 29 Apr 2024 13:25:31 GMT
etag: "662f9fcb-10e5b"
expires: Wed, 29 May 2024 13:26:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/7ed7b44702c68ca3b390cea64a3b0cff.jpg
209.142.71.124200 OK 77 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/7ed7b44702c68ca3b390cea64a3b0cff.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 956x533, components 3
Hash 1361f705701b662259b5347328182f7c
ba003563691b96c9cc939d49ded64639ad84047d
cc8d58fbbc28e6f79ab4d3bd673ade78ff65ea02906b9a3c974aaaeb431ff26c
GET /upload/vod/20240429-1/7ed7b44702c68ca3b390cea64a3b0cff.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 76737
last-modified: Mon, 29 Apr 2024 13:25:30 GMT
etag: "662f9fca-12bc1"
expires: Wed, 29 May 2024 13:26:17 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/3630122c0edf7f163777360749a7fbb1.jpg
209.142.71.124200 OK 73 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/3630122c0edf7f163777360749a7fbb1.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 955x532, components 3
Hash 7b98dd8be3ba352167c8669ee587eb7e
2e332729f07c5cf1767705cef95f97324844cba8
868f390131f99ea43f4b4974f727d6e00c73200dcc838ebb23a5d63513dcd5d1
GET /upload/vod/20240429-1/3630122c0edf7f163777360749a7fbb1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 72801
last-modified: Mon, 29 Apr 2024 13:25:27 GMT
etag: "662f9fc7-11c61"
expires: Wed, 29 May 2024 13:25:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/e561e088252704347aafa5a7dcb7c041.jpg
209.142.71.124200 OK 72 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/e561e088252704347aafa5a7dcb7c041.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 960x533, components 3
Hash b645f1337db3face9cb97837767eaaf1
dc8c9dde4ed6d4591f6e4c418fdcaee8941f6648
c562aee8b6d5ed210ab10a99a0f32ebf551b13b6f55e50202be84639a9964fc3
GET /upload/vod/20240429-1/e561e088252704347aafa5a7dcb7c041.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 72535
last-modified: Mon, 29 Apr 2024 13:25:26 GMT
etag: "662f9fc6-11b57"
expires: Wed, 29 May 2024 13:25:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/13da24f6b879f07220ae4da759e1bf7e.jpg
209.142.71.124200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/13da24f6b879f07220ae4da759e1bf7e.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 957x531, components 3
Hash 406be91c35e1b5f26f57e38ef6feb489
8f75d92445583e06973a2e5729a9e758818de84e
01ede5eaabd3c71dba1a3732bcbf5e5ef5543af6a7478a9d64464c55ba2db9ea
GET /upload/vod/20240429-1/13da24f6b879f07220ae4da759e1bf7e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 78201
last-modified: Mon, 29 Apr 2024 13:25:25 GMT
etag: "662f9fc5-13179"
expires: Wed, 29 May 2024 13:25:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/73129bd3ffd4e6563d1905a7336ed957.jpg
209.142.71.124200 OK 81 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/73129bd3ffd4e6563d1905a7336ed957.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 951x532, components 3
Hash 46b5ed54c9d57faf06fcbcc8a95c1201
07ec96b6d2912bc71ce347db9c8714c8dd715702
090de0935a7b7807a294b05ded06fd90f73ff8c5577a486f4ba3f17b624d4857
GET /upload/vod/20240429-1/73129bd3ffd4e6563d1905a7336ed957.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 80997
last-modified: Mon, 29 Apr 2024 13:25:23 GMT
etag: "662f9fc3-13c65"
expires: Wed, 29 May 2024 13:25:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/2cd1ea7aaea5973d11fd9e759844c7e3.jpg
209.142.71.124200 OK 98 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/2cd1ea7aaea5973d11fd9e759844c7e3.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash 46f8a511dac8dbee7a3ebd1dc510c0cc
2e0fd8fb4abc924d456629e4b32ce841e795d1e2
66c2096577618a7a7b0c9dd70a30357a70ad744aedeeefe60784aed3b01aae05
GET /upload/vod/20240506-1/2cd1ea7aaea5973d11fd9e759844c7e3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 97920
last-modified: Mon, 06 May 2024 05:54:26 GMT
etag: "66387092-17e80"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/dd20ef56e077f72145c3f9dd5d716526.jpg
209.142.71.124200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/dd20ef56e077f72145c3f9dd5d716526.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash ff6b268dd61edf59a15df1dd4062ea75
d56f318313fcb1e5f55e0efa0d5f0bc5a3883d5d
0bffea2bd0f6f1edebf66d0f77a8a7cf47a5e130440558750004c41a288706e0
GET /upload/vod/20240506-1/dd20ef56e077f72145c3f9dd5d716526.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 77536
last-modified: Mon, 06 May 2024 05:54:24 GMT
etag: "66387090-12ee0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/23bd4826cd7b587e8ceef842fa88046c.jpg
209.142.71.124200 OK 68 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/23bd4826cd7b587e8ceef842fa88046c.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 87319a68ed3f03083207ea51f1fef75b
0a801237f58bdb57959285c0cc786c186e139e39
fa16b4e553f39f02d8fb23a5c3b5fee0f575a29b6bebe54182f97bd017561f1e
GET /upload/vod/20240506-1/23bd4826cd7b587e8ceef842fa88046c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 68112
last-modified: Mon, 06 May 2024 05:54:06 GMT
etag: "6638707e-10a10"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/7b5ea98a2eacf271b8fec034f0701ed1.jpg
209.142.71.124200 OK 70 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/7b5ea98a2eacf271b8fec034f0701ed1.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash fbdfd6d1737fb79b90d6950af70c26ec
6a46ae8652dffb6913e13ccff53646002f741e48
8124c975ab28b057602aa5df39e0c5e64adf1df69fbbcb27e86be83674cfe105
GET /upload/vod/20240506-1/7b5ea98a2eacf271b8fec034f0701ed1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 70400
last-modified: Mon, 06 May 2024 05:54:05 GMT
etag: "6638707d-11300"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/8e784f22f550d27b1a115d2aef99239f.jpg
209.142.71.124200 OK 77 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/8e784f22f550d27b1a115d2aef99239f.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash a5432fa711b19745fbdf85099e870e5e
c8867454fa2e02e9058f4d2728798e5a81f77218
9ecb3d05bc8d89782434b49e55c702b5a1e4b3e0f8a2ebc2dfb154245465068b
GET /upload/vod/20240506-1/8e784f22f550d27b1a115d2aef99239f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 77170
last-modified: Mon, 06 May 2024 05:52:39 GMT
etag: "66387027-12d72"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/a577b2fdbc2d6c5eb7dbd5ef326389b5.jpg
209.142.71.124200 OK 83 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/a577b2fdbc2d6c5eb7dbd5ef326389b5.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash b12bdd0348784d829e32d11b1f85d914
597fb3f829ed7a5aaf73923b4e4dc9dc55e3cb12
b4dfbad5cd799c6e3610501816522b10d51fdcde314065ee4b8d2c79f699d6a1
GET /upload/vod/20240506-1/a577b2fdbc2d6c5eb7dbd5ef326389b5.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 83061
last-modified: Mon, 06 May 2024 05:52:38 GMT
etag: "66387026-14475"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/9c29a3b7c4be534caf953bfe102454ee.jpg
209.142.71.124200 OK 80 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/9c29a3b7c4be534caf953bfe102454ee.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 1146ef0f058443505f641f776656d494
18dd233b8b9dcad3a718c1bf8628a187ef3f3456
302287930906c88fd0703dfbdb5ba74955c9b69cce0317bbe08cf617faebd2e3
GET /upload/vod/20240506-1/9c29a3b7c4be534caf953bfe102454ee.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 79699
last-modified: Mon, 06 May 2024 05:52:36 GMT
etag: "66387024-13753"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/0f74a8e35513685a7441fcac323c9a8c.jpg
209.142.71.124200 OK 117 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/0f74a8e35513685a7441fcac323c9a8c.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1704x956, components 3
Size 117 kB (117267 bytes)
Hash 1c6b4380f0242137dd823fd1679306d1
13d4bfb9bdf19708264580df3e0e86306a291a57
d4a7f8232421df979184bc8e88a76a774d8ac715215b940f709bfd71b4fe4bc1
GET /upload/vod/20240506-1/0f74a8e35513685a7441fcac323c9a8c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 117267
last-modified: Mon, 06 May 2024 05:52:33 GMT
etag: "66387021-1ca13"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/b5e87f49b89b0a75aad73fce70a6093e.jpg
209.142.71.124200 OK 106 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/b5e87f49b89b0a75aad73fce70a6093e.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1912x1064, components 3
Size 106 kB (106038 bytes)
Hash ab0c7ac9f5f357e1e35edceffef5217c
bbc56095db73844f279399029f68675d4c0e9ae0
8a95c5e357233d37d86ffbfbc4f3bcda1571bd9f49b42964dbdd4fc19e6be207
GET /upload/vod/20240505-1/b5e87f49b89b0a75aad73fce70a6093e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 106038
last-modified: Sun, 05 May 2024 05:35:03 GMT
etag: "66371a87-19e36"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/d61b7cc9a807fec0ff4571d88316bf2e.jpg
209.142.71.124200 OK 125 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/d61b7cc9a807fec0ff4571d88316bf2e.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3
Size 125 kB (124634 bytes)
Hash 1864a28d5dd1c7b98dff41e437f19a93
9e5da597b076cb52224366ae937b1ac8fd51d1c9
77591701404829c32bf7c9145bf92cf1d2fed76add1924ab883b23303e3ffa4b
GET /upload/vod/20240505-1/d61b7cc9a807fec0ff4571d88316bf2e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 124634
last-modified: Sun, 05 May 2024 05:35:02 GMT
etag: "66371a86-1e6da"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
jindie.luorun1.top/jj417/640-160.gif
23.225.89.138200 OK 258 kB URL GET HTTP/2 jindie.luorun1.top/jj417/640-160.gif
IP 23.225.89.138:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 640 x 160
Size 258 kB (258064 bytes)
Hash 434c508c4291f2ef2f456d52b022d702
38ed0c146b88577190ff88130f536d54cf9f78c1
21de3ee4dde190176e1b84e1cbefa5312e6a9ae8480c3cfec3541a76e5978248
GET /jj417/640-160.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:18 GMT
content-type: image/gif
content-length: 258064
last-modified: Tue, 16 Apr 2024 20:17:12 GMT
etag: "661edcc8-3f010"
expires: Wed, 05 Jun 2024 16:29:07 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/53c4ba408e278f026b53d73b69ac9279.jpg
209.142.71.124200 OK 128 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/53c4ba408e278f026b53d73b69ac9279.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 128 kB (128032 bytes)
Hash ea0d85893d4f08bcd76548141110873e
23b23a1e238ed6c2999b137d2bc638923efd4f2a
64b6df7e95940ee4673802225f4a4a0a2c65c85d5cbd5f740b04ea988afc70b8
GET /upload/vod/20240506-1/53c4ba408e278f026b53d73b69ac9279.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 128032
last-modified: Mon, 06 May 2024 05:53:05 GMT
etag: "66387041-1f420"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
jindie.luorun1.top/jd/100.gif
23.225.89.138200 OK 244 kB URL GET HTTP/2 jindie.luorun1.top/jd/100.gif
IP 23.225.89.138:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 100 x 100
Size 244 kB (243627 bytes)
Hash 8d6565c0cf3f9b644e5f06b712119837
e25b360314e01be8ab80c0fd2fadd162ed6b6014
fe67a8e4c1f45b49ba996319872278ee3f5ff508c63a6ad205ac051a4c86de78
GET /jd/100.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:18 GMT
content-type: image/gif
content-length: 243627
last-modified: Wed, 03 Apr 2024 05:43:56 GMT
etag: "660cec9c-3b7ab"
expires: Wed, 05 Jun 2024 16:29:07 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/6c7bcd73aabac06630c2fe4b614c83be.jpg
209.142.71.124200 OK 100 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/6c7bcd73aabac06630c2fe4b614c83be.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 100 kB (100464 bytes)
Hash eda7272a54f0d4c428e0f73eb8e6d297
58308ea90baf95f65d0f4ecddbbbcbfc809f966c
2078b948c5567eeedc593feae1ef7222d12be9a1c1595ff6130e9fc70e8af1dc
GET /upload/vod/20240506-1/6c7bcd73aabac06630c2fe4b614c83be.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 100464
last-modified: Mon, 06 May 2024 05:53:04 GMT
etag: "66387040-18870"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
jindie.luorun1.top/tu/300-200.gif
23.225.89.138200 OK 264 kB URL GET HTTP/2 jindie.luorun1.top/tu/300-200.gif
IP 23.225.89.138:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 600 x 360
Size 264 kB (264185 bytes)
Hash 580d4c7a30e55329d2c02ca1fecf0b35
82d9954027229e4bfafe45f4e9c8a0525f5eb6c9
25bd3d949f0e4a7b1196aeb95fe1e23c31826914d4fe3a8b0e0ad471fb92b40e
GET /tu/300-200.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:18 GMT
content-type: image/gif
content-length: 264185
last-modified: Fri, 26 Jan 2024 09:29:02 GMT
etag: "65b37b5e-407f9"
expires: Wed, 05 Jun 2024 16:29:07 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/d4c8c8a781400c83691ef3685bb0969d.jpg
209.142.71.124200 OK 123 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/d4c8c8a781400c83691ef3685bb0969d.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 123 kB (122608 bytes)
Hash 001bba41e98ba183bf8946c7dc55b459
1a2006c0087ef41914e6174b10bb9ec570b7a619
c80c427136a8247009492f537ca865373fa60e112d538742394c95813b7a302b
GET /upload/vod/20240506-1/d4c8c8a781400c83691ef3685bb0969d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 122608
last-modified: Mon, 06 May 2024 05:53:00 GMT
etag: "6638703c-1def0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
jindie.luorun1.top/jj417/300-200.gif
23.225.89.138200 OK 538 kB URL GET HTTP/2 jindie.luorun1.top/jj417/300-200.gif
IP 23.225.89.138:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectjindie.luorun1.top
FingerprintB8:72:83:CE:FD:E3:7E:65:1F:F1:1E:12:D7:C7:D5:A3:63:53:48:CE
ValidityMon, 22 Apr 2024 12:23:11 GMT - Sun, 21 Jul 2024 12:23:10 GMT
File type GIF image data, version 89a, 300 x 200
Size 538 kB (538466 bytes)
Hash 360a35c33859b87a4f8078f3e31eddb7
c56ecf9ef564adb903fa9eb34613f3b1af2022f7
c3a2cf1bb01b17826730f3ddaf8f20523500ad684b152a3e30a1b0e14e201b02
GET /jj417/300-200.gif HTTP/1.1
Host: jindie.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:18 GMT
content-type: image/gif
content-length: 538466
last-modified: Tue, 16 Apr 2024 20:17:10 GMT
etag: "661edcc6-83762"
expires: Wed, 05 Jun 2024 16:29:07 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/ba55420449e3effff6c987b76a9a6717.jpg
209.142.71.124200 OK 81 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/ba55420449e3effff6c987b76a9a6717.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash bbedcd32f93a740837e487b097c4acbd
ccb7615678e2c96f93bd648193aba78923ea501d
2c73fd294346753c49e5bc66fa26dea6e568e5a4aa70465fd8c380323ff38401
GET /upload/vod/20240506-1/ba55420449e3effff6c987b76a9a6717.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 80784
last-modified: Mon, 06 May 2024 05:52:51 GMT
etag: "66387033-13b90"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/d8a1511ed4fb0d82ec96deede792bd95.jpg
209.142.71.124200 OK 87 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/d8a1511ed4fb0d82ec96deede792bd95.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash e8cba7defecf5f077ba84f64af626308
67082faa5a4fb6b24b6288f07723096ea60bc18f
9e9ce3c0360c567d4c1a243d58de8eac00a8a6fccdf5d2a5b78358cf54c602d0
GET /upload/vod/20240506-1/d8a1511ed4fb0d82ec96deede792bd95.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 86784
last-modified: Mon, 06 May 2024 05:52:48 GMT
etag: "66387030-15300"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/235025ef6ceb236c775b2d4690a26292.jpg
209.142.71.124200 OK 88 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/235025ef6ceb236c775b2d4690a26292.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Hash b8ed753010ad541ef0768fbf779d919a
d78a66773e07c8d94005fd1787f89230a1feab69
cd6f4637af64fcdae97aeae926020c261c88b9887c08784200b5f22ead66586b
GET /upload/vod/20240506-1/235025ef6ceb236c775b2d4690a26292.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 87984
last-modified: Mon, 06 May 2024 05:52:46 GMT
etag: "6638702e-157b0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/222eded7992e2248d184f8315b3121c9.jpg
209.142.71.124200 OK 102 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/222eded7992e2248d184f8315b3121c9.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 102 kB (101680 bytes)
Hash b2ceed56afd0e5e98834d8e5386c3b35
ebff63fef34384858591f7c372b6414171a24212
ec3f2327ada8def32d639211018aeff792439033fb0456b39489c6af8841cd26
GET /upload/vod/20240505-1/222eded7992e2248d184f8315b3121c9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 101680
last-modified: Sun, 05 May 2024 05:35:29 GMT
etag: "66371aa1-18d30"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/5cdbac10bc732c0e41886ec94a763772.jpg
209.142.71.124200 OK 125 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/5cdbac10bc732c0e41886ec94a763772.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 125 kB (124976 bytes)
Hash 107bfce9bd2844fab04d4ada1adcdc79
09ac9c476a139ade301d1b0d92249ad9c950786e
a4a0b47af8808d3e107d8fb05b74e4d81f5666a7b4d4866de0f19f243dcc5697
GET /upload/vod/20240505-1/5cdbac10bc732c0e41886ec94a763772.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 124976
last-modified: Sun, 05 May 2024 05:35:27 GMT
etag: "66371a9f-1e830"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/e14ca811da81bd7acaf47b7132dca5c2.jpg
209.142.71.124200 OK 124 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/e14ca811da81bd7acaf47b7132dca5c2.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 124 kB (124416 bytes)
Hash 623eaa9c8ada4c334c1adfc1345cf581
175978f5d81e79fbc43819de9fa6c415ac725e9f
360f4d23eaf28f51abc44288810985daafe31ef924dc3e47086a435812e71556
GET /upload/vod/20240505-1/e14ca811da81bd7acaf47b7132dca5c2.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 124416
last-modified: Sun, 05 May 2024 05:35:16 GMT
etag: "66371a94-1e600"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/5484a4b13c802dc7ec7bd7e1c04ab538.jpg
209.142.71.124200 OK 105 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/5484a4b13c802dc7ec7bd7e1c04ab538.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 105 kB (105040 bytes)
Hash a9ad8ca12d876ada9f39632b7605151a
c63e16522e38414fc5009fc6944a86d87d4c0b53
e4f393b596fc5097f76871c5dad112e2040217f042c9d9c58f6da0c485002036
GET /upload/vod/20240505-1/5484a4b13c802dc7ec7bd7e1c04ab538.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 105040
last-modified: Sun, 05 May 2024 05:35:15 GMT
etag: "66371a93-19a50"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/df15e3c5c5dfd2d20cc077ffabe596f1.jpg
209.142.71.124200 OK 104 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/df15e3c5c5dfd2d20cc077ffabe596f1.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 104 kB (104320 bytes)
Hash 3a93bc5b0ee4e03b728cdffa53f4790f
56819a439afcac8153cc828007d3019b6e96c806
7f6ae249ed806bb2872759fbd3ffa9c22a8dbd6c690e24c3abbdd22627333ca5
GET /upload/vod/20240505-1/df15e3c5c5dfd2d20cc077ffabe596f1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 104320
last-modified: Sun, 05 May 2024 05:35:14 GMT
etag: "66371a92-19780"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/aaf81a45fdb17175a269cf46d0b824c0.jpg
209.142.71.124200 OK 70 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/aaf81a45fdb17175a269cf46d0b824c0.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 958x535, components 3
Hash d91aaef76b415c957ab512661845adbf
55447b26cfc9406c1aa846447ff52ff76195b62d
8a691b4f48c910e20ad23835eaff1f55f2db3e3f90624bce6c047dcfe0f68dbf
GET /upload/vod/20240429-1/aaf81a45fdb17175a269cf46d0b824c0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 69993
last-modified: Mon, 29 Apr 2024 13:25:41 GMT
etag: "662f9fd5-11169"
expires: Wed, 29 May 2024 13:26:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/f59e1371b9600a65b8fd6f72f3a2baf1.jpg
209.142.71.124200 OK 82 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/f59e1371b9600a65b8fd6f72f3a2baf1.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 955x532, components 3
Hash dcb1faf73b1d88baf2c62383376d0704
18fc7bc45934a2a84ed6cadb7bf497ff148e0ecd
7409b2e1d91f1e03ece09f060fcbdce597247a453c29fbe77f4eab3a725c9318
GET /upload/vod/20240429-1/f59e1371b9600a65b8fd6f72f3a2baf1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 81649
last-modified: Mon, 29 Apr 2024 13:25:40 GMT
etag: "662f9fd4-13ef1"
expires: Wed, 29 May 2024 13:26:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/08b0637796850e91da8d4c16c74fce9d.jpg
209.142.71.124200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/08b0637796850e91da8d4c16c74fce9d.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 952x532, components 3
Hash 44da1f7312e785d7469efe5a2e7fdc20
b993ab155c8c47a0f0173e459892969a73badf11
91890cd0dc86f8e5a955e6e9f671bb96e73baaea2ca4a357363cfb8e27b13e74
GET /upload/vod/20240429-1/08b0637796850e91da8d4c16c74fce9d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 77869
last-modified: Mon, 29 Apr 2024 13:25:35 GMT
etag: "662f9fcf-1302d"
expires: Wed, 29 May 2024 13:26:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/a417c73fdbe4d18eb9cfa5b16f90198a.jpg
209.142.71.124200 OK 82 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/a417c73fdbe4d18eb9cfa5b16f90198a.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 952x532, components 3
Hash 2f07da3f93a1fe652db81f6cd34f07dc
f26c1d5d7337a474167cd081b92c94091a5ae260
2e0b70c56204e89c4d4954896b25ddf5f0409b14ba11c86aebc8cf88dca463ef
GET /upload/vod/20240429-1/a417c73fdbe4d18eb9cfa5b16f90198a.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 81461
last-modified: Mon, 29 Apr 2024 13:25:39 GMT
etag: "662f9fd3-13e35"
expires: Wed, 29 May 2024 13:26:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240429-1/fd4aca22efa89a01419c96b60da03bee.jpg
209.142.71.124200 OK 71 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240429-1/fd4aca22efa89a01419c96b60da03bee.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 952x532, components 3
Hash bc7e2d30457eb790c6c60f4aa639891c
db3ac8baf2f50fe3b771feb2b3d3e0a8057a332e
9b3e27c1c38f2ae31418ef9ba5b08ff940829ef1509406707f1086c8f0d015d3
GET /upload/vod/20240429-1/fd4aca22efa89a01419c96b60da03bee.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 71330
last-modified: Mon, 29 Apr 2024 13:25:38 GMT
etag: "662f9fd2-116a2"
expires: Wed, 29 May 2024 13:26:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/2c27a99d2bd4d62d3547ea09aeafe812.jpg
209.142.71.124200 OK 160 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/2c27a99d2bd4d62d3547ea09aeafe812.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 160 kB (159696 bytes)
Hash a47866a3cd531862c1e3209a1e2808ef
6205f72d428013130e0f84ef6be8091e5543ffbe
747180f3d357141313e7645722956a15b3d005d296fa23adea418deb8bd21b0d
GET /upload/vod/20240506-1/2c27a99d2bd4d62d3547ea09aeafe812.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 159696
last-modified: Mon, 06 May 2024 05:54:27 GMT
etag: "66387093-26fd0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/e7e5ab3ee09f7b0e83ad72ee2c5d0cde.jpg
209.142.71.124200 OK 140 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/e7e5ab3ee09f7b0e83ad72ee2c5d0cde.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 140 kB (140528 bytes)
Hash 86861b9737206a9c41f6ab1e3bbafddb
de6caf5e119d3cbb2f07e541dc033e84aab15a75
00fdfeb47a098be93483f694d5553638e5e398099626d8e6873ff647bf7947f4
GET /upload/vod/20240506-1/e7e5ab3ee09f7b0e83ad72ee2c5d0cde.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 140528
last-modified: Mon, 06 May 2024 05:52:44 GMT
etag: "6638702c-224f0"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/690aeef826c6fc31e3ff170eb3e1719a.jpg
209.142.71.124200 OK 147 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/690aeef826c6fc31e3ff170eb3e1719a.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3
Size 147 kB (147278 bytes)
Hash 920e41360daab67ca5529b135ac9821f
1e539f9b29bb3c0f4a2ec828736f9e6c416e0770
34077e66e0a2cac171dee2201b3989e6057fa06655cf8ae1bfd46e59a6e9a60c
GET /upload/vod/20240505-1/690aeef826c6fc31e3ff170eb3e1719a.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 147278
last-modified: Sun, 05 May 2024 05:35:00 GMT
etag: "66371a84-23f4e"
expires: Tue, 04 Jun 2024 06:31:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/4ec778bfd9f2afecb3fed77b9644bafb.jpg
209.142.71.124200 OK 183 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/4ec778bfd9f2afecb3fed77b9644bafb.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3
Size 183 kB (183040 bytes)
Hash 91c1a5d5290eedbb8a2c2d175a49585e
2033eeae9cd4c7b3dbf9b478f32f3918037d3d0b
3f1d8014560423bfd806098463ffa55354bd506923d2f834f3daffc84917957c
GET /upload/vod/20240506-1/4ec778bfd9f2afecb3fed77b9644bafb.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 183040
last-modified: Mon, 06 May 2024 05:52:49 GMT
etag: "66387031-2cb00"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/7e29f534ffdc78b59e41bd97cd0f5ef8.jpg
209.142.71.124200 OK 388 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/7e29f534ffdc78b59e41bd97cd0f5ef8.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 388 kB (387569 bytes)
Hash 029ea0bc7dc7742925a3474d71ea4597
0a670c4c463ad16a24c9978bf9bac965ab1a64c2
70cd82deb5c9e4ddd51b1430f876b40600681ff1104fd2f98444873d10e897ab
GET /upload/vod/20240505-1/7e29f534ffdc78b59e41bd97cd0f5ef8.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 387569
last-modified: Sun, 05 May 2024 05:37:22 GMT
etag: "66371b12-5e9f1"
expires: Tue, 04 Jun 2024 07:22:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/a5f83e8fda2e0eb6c06b331ea259657e.jpg
209.142.71.124200 OK 345 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/a5f83e8fda2e0eb6c06b331ea259657e.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 345 kB (344848 bytes)
Hash a18ac983955cee6a7d0472a822c74c05
2a1efc0fd42bec55d6ec189e715fe7adca8b9a45
701d2dac59569fb8435d8ab4dfe4fb7f613e09d77bf542ca3a5e4995fcd6c50e
GET /upload/vod/20240505-1/a5f83e8fda2e0eb6c06b331ea259657e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 344848
last-modified: Sun, 05 May 2024 05:37:20 GMT
etag: "66371b10-54310"
expires: Tue, 04 Jun 2024 07:22:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/0a5f99731388db7bad7a6505850cc84e.jpg
209.142.71.124200 OK 404 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/0a5f99731388db7bad7a6505850cc84e.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 404 kB (403546 bytes)
Hash 779ca49859f37c8e91305c287f638cc8
501b5e54a8b5910283a9a71171c8535e4291d604
a489753dddeca1242795900ebace2f69a49ab4848bd8eca4f336f058cd45f144
GET /upload/vod/20240505-1/0a5f99731388db7bad7a6505850cc84e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 403546
last-modified: Sun, 05 May 2024 05:37:19 GMT
etag: "66371b0f-6285a"
expires: Tue, 04 Jun 2024 07:22:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/29a9a4367d0e668c0b54671b14c68906.jpg
209.142.71.124200 OK 271 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/29a9a4367d0e668c0b54671b14c68906.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2872x1616, components 3
Size 271 kB (271028 bytes)
Hash fcf0d1ef8d1a829e8c3ae3776cb142ac
fd27fba4bb9369c8ae941e1cfbf22ec46243493a
05797677bde2707df1b7716bd39cf8f3d8fc3add850bc431235982e47547c013
GET /upload/vod/20240506-1/29a9a4367d0e668c0b54671b14c68906.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 271028
last-modified: Mon, 06 May 2024 05:52:40 GMT
etag: "66387028-422b4"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/a8e64e94455ff2972fa193fa5775b665.jpg
209.142.71.124200 OK 256 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/a8e64e94455ff2972fa193fa5775b665.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2872x1616, components 3
Size 256 kB (255888 bytes)
Hash af6a50781164dc860ccb87a59d8ba4a7
a710f82f068cdfcfed3216a6ac63cbc556882292
20f63866e8dea03cea2c5607926d86fd8560c20c34aaae374ade1a208b294166
GET /upload/vod/20240506-1/a8e64e94455ff2972fa193fa5775b665.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 255888
last-modified: Mon, 06 May 2024 05:52:30 GMT
etag: "6638701e-3e790"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/2c47c263ba07f0eddd3d26f6522bca76.jpg
209.142.71.124200 OK 436 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/2c47c263ba07f0eddd3d26f6522bca76.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 4320x2428, components 3
Size 436 kB (435538 bytes)
Hash 1515fe4ff63dc5c964356b53ffb48369
ddea796a6f6df015125fd3b3a3f058ac1d356faf
a4d1e9279c2411ed2c63d6adeb4129baec1288bb3aab596d5c7929b9a97e6cd2
GET /upload/vod/20240506-1/2c47c263ba07f0eddd3d26f6522bca76.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 435538
last-modified: Mon, 06 May 2024 05:52:37 GMT
etag: "66387025-6a552"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/75dcc0ca6612a63242c84fe16c84c30f.jpg
209.142.71.124200 OK 268 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/75dcc0ca6612a63242c84fe16c84c30f.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, baseline, precision 8, 2872x1616, components 3
Size 268 kB (267898 bytes)
Hash a93d1c6c35a0282e9b980e1dd03a29e5
8221503b4238cf36d5738784c184d525083b58d5
2f999aba6b2ea71ea8e1ea7656465b47c828d0911756048ef33e8a5517f0ab31
GET /upload/vod/20240506-1/75dcc0ca6612a63242c84fe16c84c30f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 267898
last-modified: Mon, 06 May 2024 05:52:35 GMT
etag: "66387023-4167a"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/c7447807037e8d06e9c06971d839372f.jpg
209.142.71.124200 OK 340 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/c7447807037e8d06e9c06971d839372f.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 340 kB (339657 bytes)
Hash 4e357334485e8fd410b9b7b4c74a543e
9900caf17321a2e51afd668096f47e5e6adec632
7398596622ddc98406e3c6f205bda7a3ed7d258b23b41b94c5c857635294831f
GET /upload/vod/20240506-1/c7447807037e8d06e9c06971d839372f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 339657
last-modified: Mon, 06 May 2024 05:54:29 GMT
etag: "66387095-52ec9"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240506-1/cb460ce20154cce6f595ce5038151ad1.jpg
209.142.71.124200 OK 380 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240506-1/cb460ce20154cce6f595ce5038151ad1.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 380 kB (380083 bytes)
Hash 2c02b77862aedab57b58b7a5558e11ef
3c4efd9bd903575e0019f0a7d5f2edaed2c18cf6
719678d3e9267ad9441fbe0019ec5384ea1cccd57f2a963f06c5bf52e1b64613
GET /upload/vod/20240506-1/cb460ce20154cce6f595ce5038151ad1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 380083
last-modified: Mon, 06 May 2024 05:54:23 GMT
etag: "6638708f-5ccb3"
expires: Wed, 05 Jun 2024 06:42:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ofr614.com/images/6630f3345d556db1e0402332.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.ofr614.com/images/6630f3345d556db1e0402332.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectofr614.com
Fingerprint14:39:36:A2:F3:D9:E3:86:91:2D:9E:15:EA:0B:0F:D7:09:A7:65:C3
ValidityTue, 30 Apr 2024 10:03:59 GMT - Mon, 29 Jul 2024 10:03:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f3345d556db1e0402332.gif HTTP/1.1
Host: www.ofr614.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/7e3e6709c93d70cf59568830bedcd100baa12b5a.jpg
X-Firefox-Spdy: h2
www.eql814.com/images/6630f1795d556db1e040231b.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.eql814.com/images/6630f1795d556db1e040231b.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecteql814.com
Fingerprint5A:EF:EE:AC:F8:6C:8A:F7:90:4C:76:54:F2:7B:24:D6:82:9D:02:52
ValidityTue, 30 Apr 2024 10:02:05 GMT - Mon, 29 Jul 2024 10:02:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f1795d556db1e040231b.gif HTTP/1.1
Host: www.eql814.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg
X-Firefox-Spdy: h2
www.imageoss.com/images/2023/12/21/200x200b14df1813e2b8d3a.gif
172.67.172.31200 OK 52 kB URL GET HTTP/2 www.imageoss.com/images/2023/12/21/200x200b14df1813e2b8d3a.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 200 x 200
Hash b45620b8a25740037c5663ce95529462
62ed76c344823f7bae749d2fc6934ca75ec410b8
3ae29c912e67b54241f7b9ed884f64865617096371573d4f50444c4c0e7d7e37
GET /images/2023/12/21/200x200b14df1813e2b8d3a.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 51512
last-modified: Thu, 21 Dec 2023 03:35:06 GMT
etag: "6583b26a-c938"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 564011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0lUcfvhYTfLDHBWgsshGy6OaiOpRxs%2FvSQwqxYMYzvYbkRO9SMEf%2FU3UIJocxHQhzfquZ70nzXIrUYt1cwcCZGKHtkMkKy8x9Pz3vZ1YsZBUPv7cy%2B3lQi3DrDCy6ZB7vmL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77b7e450b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/6008e2a8eadae9f79ae59643c4e27743.jpg
209.142.71.124200 OK 528 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/6008e2a8eadae9f79ae59643c4e27743.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 528 kB (528235 bytes)
Hash 58766ccc17d53a464c1970ef1f47610c
cf94f3b4ed1c6930b92a80e49aa9ce8496360f6a
c4a2f2b90ae07c44436cd996a9a071466b59606498c13d6b7e36c181fe5311c3
GET /upload/vod/20240505-1/6008e2a8eadae9f79ae59643c4e27743.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 528235
last-modified: Sun, 05 May 2024 05:37:26 GMT
etag: "66371b16-80f6b"
expires: Tue, 04 Jun 2024 07:22:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2023/12/21/200x200812419f870f4082b.gif
172.67.172.31200 OK 54 kB URL GET HTTP/2 www.imageoss.com/images/2023/12/21/200x200812419f870f4082b.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 200 x 200
Hash 761cdfaf3ecbc9c2acc7a61e1ba78294
2555856cc6d94d8c004ad1d27922b77b98ab3150
32bdf8d86f56a1cfae43312bb4d7601c925d44b2e894cfe8ee0256d2aa203542
GET /images/2023/12/21/200x200812419f870f4082b.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 53996
last-modified: Thu, 21 Dec 2023 03:35:06 GMT
etag: "6583b26a-d2ec"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 520275
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ob9HYo0gmYsN6dqPBEkSjmnujLMh%2FZtHAkocBG92wBA7UfBa%2FiWmaDfQuRo%2BeDQmgiEGsl99pDk4G3%2F4wqJqkMqoIRSbrhuTOw2CzkWxpow7CQAjBzMiTSjVYIWik%2FVyur2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77b7e410b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2023/12/21/200x200d76d09f4c7492b75.gif
172.67.172.31200 OK 53 kB URL GET HTTP/2 www.imageoss.com/images/2023/12/21/200x200d76d09f4c7492b75.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 200 x 200
Hash 6de8cc732d9dde1007bc8898e1c625ad
0b5f3387fa79a1a79d88fc71a4371946adef26b7
7989cebb5c79b3a797e15d8669441d166205ac4607c9b9e0ab3743e63f958739
GET /images/2023/12/21/200x200d76d09f4c7492b75.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 52597
last-modified: Thu, 21 Dec 2023 03:35:05 GMT
etag: "6583b269-cd75"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 564011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VA4LXiKePixjEAC%2FWXWMRSD5DrX62ANaA8%2BlSfo23bwEEJg1y%2FMx1jHKO05MdsQNyqCGqvkfnggZeRiQYzyxV8XfRi6nP18kKNIgHckt%2B9%2BrnwcbYhJu42Gnb5voMvPBV45z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77b7e440b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/05/07/150-17e009a74d7d764f2.gif
172.67.172.31200 OK 59 kB URL GET HTTP/2 www.imageoss.com/images/2024/05/07/150-17e009a74d7d764f2.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 150 x 150
Hash cb7ed2cddfd87e48f2ac30b32ab91049
fee39c6733e42d547294d01efe849389798ea744
68800044a7d96856376fa6f4557a86178b68f1454e66da29503edce2fe941594
GET /images/2024/05/07/150-17e009a74d7d764f2.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 59002
last-modified: Tue, 07 May 2024 06:16:15 GMT
etag: "6639c72f-e67a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NiaZBnxd1xQTSj9oTzTfqwcM2VG9mklrgMmgjn99rfuumUPbREBP9IVoQyLdz904UQq9GPdjbK2nH%2BxSz9qBoeaOwn%2BFfDuSunWXsLvR1IDOD2BlukMBEeiwuT0HEtBRiLIZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77b7e490b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/91f67ec2553a5d015f171c720f839ece.jpg
209.142.71.124200 OK 413 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/91f67ec2553a5d015f171c720f839ece.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x540, components 3
Size 413 kB (412672 bytes)
Hash d94276458e3e1aab3711dab4a0af3fd4
c1ebb1587cba34619fe7ca85fd04e9bc96c4a7d3
f12a1095ee1e750ca44bbb96b5327dcd6b2b698b7e1d790d446511ba691784bb
GET /upload/vod/20240505-1/91f67ec2553a5d015f171c720f839ece.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 412672
last-modified: Sun, 05 May 2024 05:37:25 GMT
etag: "66371b15-64c00"
expires: Tue, 04 Jun 2024 07:22:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/29/100-meiji0557e7389ab23451.gif
172.67.172.31200 OK 194 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/29/100-meiji0557e7389ab23451.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 100 x 100
Size 194 kB (193643 bytes)
Hash dde55b5dcef2c765e36e6cdaf782493b
b4131e1f90f7209540f4cd4b8e5aabc905870de2
4687634e63e2150e202ed134eecfa6d67adbc7b584b10ceb0daf7402a3fd6d7c
GET /images/2024/03/29/100-meiji0557e7389ab23451.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 193643
last-modified: Fri, 29 Mar 2024 09:03:13 GMT
etag: "660683d1-2f46b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 564011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BTdDxJNl6M8houeMig9pHUSgOwAxaJpoRUizCkIx%2BA%2By%2BLRykHVm4dUm%2BZRbp%2FwRJ4yXFpbwZp5z6dZt82XP9wyRL6Yo1YfuTl9wu0d0mVC61gJum16nf%2F75EdE0m5NGJy5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77b7e3e0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20240505-1/3b5d8390702c7a66f1d93910644ddff0.jpg
209.142.71.124200 OK 496 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20240505-1/3b5d8390702c7a66f1d93910644ddff0.jpg
IP 209.142.71.124:443
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 960x506, components 3
Size 496 kB (495938 bytes)
Hash fc6545d71e707089399663d771059898
eceddd7d71e19a4a3b592860424c492edd7a64f8
60cbacb1044ea7bf958f85c9eefe83e4a21fedf13216bd64d0f96881f7c0ef17
GET /upload/vod/20240505-1/3b5d8390702c7a66f1d93910644ddff0.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:05 GMT
content-type: image/jpeg
content-length: 495938
last-modified: Sun, 05 May 2024 05:37:24 GMT
etag: "66371b14-79142"
expires: Tue, 04 Jun 2024 07:25:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/05/07/150.a8462de6e982fc91.gif
172.67.172.31200 OK 81 kB URL GET HTTP/2 www.imageoss.com/images/2024/05/07/150.a8462de6e982fc91.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 150 x 150
Hash ec5bcfd45b9056b8870790361ea9409b
e7e37d4b4d57f3370e3f6ec5876bc443fb38f64e
4259a0f2e650fd059fa5335a7da3d87d81678b9cb3ba2ebf3a0c09974ffa9b76
GET /images/2024/05/07/150.a8462de6e982fc91.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 81429
last-modified: Tue, 07 May 2024 06:09:40 GMT
etag: "6639c5a4-13e15"
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzghazfsmBWxaoqsifleX%2FdDzHnvQRWrRuT8Z%2ByDHY%2FST4EOGDfdVgDAo0HruPF17elk7XEErVkz8dvnXfl8d1Evp22fIDoy4jmMq3mvd5G%2FPTBZhEl4jYEOVKC%2FWuRjR%2B7d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77b7e4c0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
k228.oss-cn-hangzhou.aliyuncs.com/ky640350a.gif
118.31.232.201200 OK 101 kB URL GET HTTP/1.1 k228.oss-cn-hangzhou.aliyuncs.com/ky640350a.gif
IP 118.31.232.201:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectcn-hangzhou.oss.aliyuncs.com
FingerprintBA:B1:7D:10:E5:EF:BD:A3:65:22:81:6E:73:E8:F1:B9:DB:ED:27:15
ValidityMon, 19 Feb 2024 05:01:07 GMT - Sat, 22 Mar 2025 05:01:06 GMT
File type GIF image data, version 89a, 640 x 350
Size 101 kB (100742 bytes)
Hash 03cc7683b9b0f118dd4901fc574d2f25
e54a72c1b8f9888e60644fb8cf5a3c50a157e0b2
91f32d96c583417fff1ce449ebd0e8d39df6a00cf399fc162c502fed588d5b30
GET /ky640350a.gif HTTP/1.1
Host: k228.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Content-Length: 100742
Connection: keep-alive
x-oss-request-id: 6639E660A7013035321A8969
Accept-Ranges: bytes
ETag: "03CC7683B9B0F118DD4901FC574D2F25"
Last-Modified: Sat, 21 Oct 2023 16:01:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10513043892878654593
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: A8x2g7mw8RjdSQH8V00vJQ==
x-oss-server-time: 5
xxxx6686.app/320x180.gif
137.220.142.24200 OK 59 kB IP 137.220.142.24:443
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerGoDaddy.com, Inc.
Subjectxxxx6686.app
Fingerprint20:B8:90:00:B6:9C:E2:70:81:35:4F:2E:B3:19:8E:D6:1D:92:36:8B
ValidityMon, 25 Mar 2024 05:32:34 GMT - Tue, 25 Mar 2025 05:32:34 GMT
File type GIF image data, version 89a, 320 x 180
Hash 801a70fe82f04902739e9aaf09d41989
8c873de0ccfd0326f0dade75107346553fa98664
0a04c4e412dcbc6b1ce486675aaee649d62afeb00c1ce2b7f4bfa461aa08e169
GET /320x180.gif HTTP/1.1
Host: xxxx6686.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 59012
last-modified: Tue, 19 Sep 2023 08:21:49 GMT
etag: "65095a1d-e684"
expires: Thu, 06 Jun 2024 08:29:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/18/960x100aebb6bc1b7faf83f.gif
172.67.172.31200 OK 151 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/18/960x100aebb6bc1b7faf83f.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 960 x 100
Size 151 kB (151286 bytes)
Hash 26c9594e2d6be0cdc43d9e070a7c7cfd
cf79f9fe171dc524ae4453d5f2a272727a6a04c6
07e31dbcfcd8215cd0b8a07de5bb286cf3a185969e9763990050261bf9805d25
GET /images/2024/03/18/960x100aebb6bc1b7faf83f.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 151286
last-modified: Mon, 18 Mar 2024 04:30:43 GMT
etag: "65f7c373-24ef6"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 571903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jzDXijNTGaGUQNN18vEA108tqBOEgkUHz%2BlGF1tNS8Y4zD8iX8DweOX07YZdjwijuAcjn87%2FcShoKgRXQuCRO0Y6lPhc8F59563q4OFNBbRS4FQJ3AdKEQiiVKZ9KE3FIuW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77de9db0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
wuniang.luorun1.top/wn/960-120.gif
23.225.89.136200 OK 231 kB URL GET HTTP/2 wuniang.luorun1.top/wn/960-120.gif
IP 23.225.89.136:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectwuniang.luorun1.top
Fingerprint6E:18:AE:F6:08:FF:75:8E:23:EC:09:A1:67:66:9E:CD:C8:3C:DD:EF
ValidityWed, 01 May 2024 13:31:12 GMT - Tue, 30 Jul 2024 13:31:11 GMT
File type GIF image data, version 89a, 960 x 120
Size 231 kB (230880 bytes)
Hash d73b4f9d812406db8f20cdc132ca6d4c
5aaaeb89a212a0b38f99df39d52026ec5ae87f19
9125a22b22f10d9a46a68971edb1443b3792969728ce4f9000893fc12c4be3b4
GET /wn/960-120.gif HTTP/1.1
Host: wuniang.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 230880
last-modified: Wed, 01 May 2024 14:19:23 GMT
etag: "66324f6b-385e0"
expires: Wed, 05 Jun 2024 16:29:05 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/02/100-qjb4248da05c23a983.gif
172.67.172.31404 Not Found 3.2 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/02/100-qjb4248da05c23a983.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 160 x 120
Hash fc3acd5ab534ff63c125732b8e6d262c
186a7fcb1cbe1523584bad964bbff6c794f02ff7
acc8db295b2e1bf50cf1d7eef9f7d7966a551ea03ef88eacbabbed7f69323111
GET /images/2024/03/02/100-qjb4248da05c23a983.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 3232
etag: "6281e1e6-ca0"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 564011
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDDZ54GRASBftMmsuuXmKZK7P%2BEKzunsn%2FcBSj829J04%2BVVBpY8laEOC%2BErGaGCis5KwLgrS2XqYCacXu3flTG36gSH9QilTPwR9S7OsLO2mtyItyjMdZKWkG%2ByVy9pDmxHz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77dd9d30b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/22/3188-spk0263401a3a49846f.gif
172.67.172.31200 OK 57 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/22/3188-spk0263401a3a49846f.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 220 x 150
Hash f9848e6a6f8b3d0a4dc5e169f686b788
d23d2a71f28ed49517b5368194aa77473eb2cf8c
69d4a58346213eb0c5cf464a1e95b8fcccce304baefe9d01d9f57d79283d7be2
GET /images/2024/03/22/3188-spk0263401a3a49846f.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 57011
last-modified: Fri, 22 Mar 2024 07:12:59 GMT
etag: "65fd2f7b-deb3"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 564042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoW%2Fzyu15bs7SrnG3hLKXKL8vhitloskirxPFiJxE7JE1h1KepRZeBnmgr3oNqhR8qxlH4zr6QMicII5lHtygpg6s6dAtIE7zHOG1nF9ynkKLcRjJho1UrX0SrNk9AK8elVf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77eeb5e0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
wuniang.luorun1.top/wn/300-200.gif
23.225.89.136200 OK 175 kB URL GET HTTP/2 wuniang.luorun1.top/wn/300-200.gif
IP 23.225.89.136:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectwuniang.luorun1.top
Fingerprint6E:18:AE:F6:08:FF:75:8E:23:EC:09:A1:67:66:9E:CD:C8:3C:DD:EF
ValidityWed, 01 May 2024 13:31:12 GMT - Tue, 30 Jul 2024 13:31:11 GMT
File type GIF image data, version 89a, 300 x 200
Size 175 kB (174759 bytes)
Hash b475e727cc3eb2f8029618ed9799fab8
95f91c0545f9aa5411cf757bc2cc58de327b191f
6956250b0838a5f9afcb6c1f30919f6fddc5336860a6aabb783bab7b7a39a952
GET /wn/300-200.gif HTTP/1.1
Host: wuniang.luorun1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 174759
last-modified: Wed, 01 May 2024 14:19:18 GMT
etag: "66324f66-2aaa7"
expires: Wed, 05 Jun 2024 16:29:09 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/03/22/960-12015e2ddbb9f2d03d5.gif
172.67.172.31200 OK 384 kB URL GET HTTP/2 www.imageoss.com/images/2024/03/22/960-12015e2ddbb9f2d03d5.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 960 x 120
Size 384 kB (383938 bytes)
Hash a2936963cf1a500939a7b27853e56d05
fdfaaceeda659b280173e6e96e2c5ffa6ff64ee6
cf696f895986d551342f9ea7339ab1c1932dd0cfca727299899ec3410e3d1c97
GET /images/2024/03/22/960-12015e2ddbb9f2d03d5.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 383938
last-modified: Fri, 22 Mar 2024 06:43:08 GMT
etag: "65fd287c-5dbc2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 571904
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gL2i6eN0ulMZdb4vHI%2FjQoT%2BifcuVvMzrPusSlm1i%2FY5aBaGeSqNOr3t305VgtuQPfXAA90a8E%2BkIVYeOyqK%2FYRZ3xZiIn%2BF0PIMMD0YrHt6acmRZ9H7UjQGGjbgMJNqlve2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77f6c020b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/04/08/ky3188-960-120ab0d0d1a0d8e1049.gif
172.67.172.31200 OK 523 kB URL GET HTTP/2 www.imageoss.com/images/2024/04/08/ky3188-960-120ab0d0d1a0d8e1049.gif
IP 172.67.172.31:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
Fingerprint22:E5:D9:26:5F:EF:F4:BB:5F:C4:89:75:69:9A:66:FA:B2:BF:44:CB
ValidityFri, 03 May 2024 20:37:34 GMT - Thu, 01 Aug 2024 20:37:33 GMT
File type GIF image data, version 89a, 960 x 120
Size 523 kB (522890 bytes)
Hash 027d2389d6fe2ed3848963e9d7419b73
89537905b7520431b6c4845c4c47f281cf925178
eeab0a236c934dc5f5a656fbf001a40fb39031e2a8c54abb46f49625f7fbc661
GET /images/2024/04/08/ky3188-960-120ab0d0d1a0d8e1049.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 522890
last-modified: Mon, 08 Apr 2024 05:37:47 GMT
etag: "661382ab-7fa8a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 566124
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWRzrBOZAJ3kvc1%2BPzRCRdJVmzHPtDl4yNCmXtRifTfo7Flo7V8wZr7fowGNXVwJjlzhW7Y8jcFezYaby4qixkIB9%2BWUy%2BwX0eFFClPTgVUoaUq%2BAEWoyngGPolIFXKbVKXD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd77f8c4a0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
150.139.142.18 600 B IP 150.139.142.18:0
ASN #136195 Qingdao, Shandong Province, P.R.China.
Hash dd02dc1eba900db32d7b3e1d22e99cc1
ef53f6a94117f377389ae0fdc0967ee0cd3c3060
ab544ca4fb843377a732b72ebcf79bf53d153ddf68e7a5da329893de37a67087
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
cf-cache-status: EXPIRED
accept-ranges: bytes
date: Tue, 07 May 2024 08:29:21 GMT
request-id: 6639e6618138ad20ca0a1d08ec632fa5
x-ccacdn-proxy-id: scdpinlb6
cf-ray: 87fcb6980e0ce6d6-HKG
expires: Mon, 13 May 2024 23:08:30 GMT
etag: "ef53f6a94117f377389ae0fdc0967ee0cd3c3060"
cache-control: max-age=3600
age: 2743
last-modified: Mon, 06 May 2024 23:08:31 GMT
x-frame-options: SAMEORIGIN
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca52, HIT from zj-shaoxing1-ca16
via: n63-135-153.bdcdn-qdct.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 171507056136a6ee2f8d7df21c52d3991e03ecf8b0
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=25, edge;dur=0
shtv3.xyz/template/sihaitv/ads/hf8.gif
188.114.96.1200 OK 119 kB URL GET HTTP/2 shtv3.xyz/template/sihaitv/ads/hf8.gif
IP 188.114.96.1:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectshtv3.xyz
FingerprintC5:ED:CC:54:2B:B5:51:E3:26:58:A6:01:36:00:C4:FC:0C:91:80:76
ValidityFri, 19 Apr 2024 12:21:31 GMT - Thu, 18 Jul 2024 12:21:30 GMT
File type GIF image data, version 89a, 980 x 90
Size 119 kB (119225 bytes)
Hash d0416b3e83f544ca607f76d17cbcad9d
68efaf49a87bc1764c0bcd397297cf3351c0d96e
59c2dcb3a1607dcc0e106cfc52c644e335184eea53d513c17b9c89e897ab4b05
GET /template/sihaitv/ads/hf8.gif HTTP/1.1
Host: shtv3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 119225
last-modified: Thu, 07 Mar 2024 15:07:59 GMT
etag: "65e9d84f-1d1b9"
expires: Thu, 30 May 2024 20:23:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 561957
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54ESzVVDtr3X%2FAAyrPaWK0xfv%2FqNF%2FBo8HgikjEB1eFYhXtN7S%2FL6y%2BRz83wOQjxdjujwV1XH6r39UmnUgDsSFqf1TsEIhTz%2F6NIuX%2Bi7kqyK074Sp1U8vzOaI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd780a84b568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
104.21.66.6200 OK 141 kB URL GET HTTP/2 sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
IP 104.21.66.6:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectimgclh.com
Fingerprint5E:47:41:BD:54:79:7A:E5:8A:08:61:55:D2:A3:F0:19:89:8F:FC:D3
ValidityTue, 26 Mar 2024 05:00:44 GMT - Mon, 24 Jun 2024 05:00:43 GMT
File type GIF image data, version 89a, 960 x 100
Size 141 kB (140774 bytes)
Hash f0e441ef3131255acdf935206c0d3635
03e14b2f6c54d3342f389fe5d773ee05e8b809fd
8d23939f6175a7229124ae55c8cd5920f2550138ee3ca273d4c708787d3090af
GET /imgs/2023/04/03/8fc08c0346fcc0a4.gif HTTP/1.1
Host: sta2.imgclh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 140774
last-modified: Mon, 03 Apr 2023 09:16:52 GMT
etag: "642a9984-225e6"
expires: Thu, 30 May 2024 18:39:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 568169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MypRxBS8RJ9yyKsdEWEQmBlFnz7r0GwcpKB%2Fd99z8cKUZkUB%2F6wSMx692qKzLhUg9hx1ua86PWoBvyH7GmjOfPEnxPWxaFMxZ9xJr%2FpX5gRZSVbNLcjVkSLA6TLBVKppLdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd7807a4256a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
jt.112248.vip/jingtai/szgg/wnsrx2/300X200.gif
156.251.244.229200 OK 32 kB URL GET HTTP/2 jt.112248.vip/jingtai/szgg/wnsrx2/300X200.gif
IP 156.251.244.229:443
Requested by https://107.149.199.61:38689/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectjt.112248.vip
FingerprintD6:BF:E7:D1:42:CD:34:09:BF:54:11:1D:09:83:B6:50:C3:D6:1C:90
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 20 Jan 2025 23:59:59 GMT
File type GIF image data, version 89a, 300 x 200
Hash 5cf3667ef2768065c0bd055b7e275a7a
2e124af60fe8811bb472d8031fc0c6452bc9dae7
096abff376fbc1c1abec82803ed46eda80e96cce19a5eb974390518daa4eb76b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /jingtai/szgg/wnsrx2/300X200.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 31870
last-modified: Tue, 30 Apr 2024 04:55:27 GMT
etag: "663079bf-7c7e"
expires: Thu, 30 May 2024 11:40:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
xxxx6686.app/960x100.gif
137.220.142.24200 OK 79 kB IP 137.220.142.24:443
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerGoDaddy.com, Inc.
Subjectxxxx6686.app
Fingerprint20:B8:90:00:B6:9C:E2:70:81:35:4F:2E:B3:19:8E:D6:1D:92:36:8B
ValidityMon, 25 Mar 2024 05:32:34 GMT - Tue, 25 Mar 2025 05:32:34 GMT
File type GIF image data, version 89a, 960 x 100
Hash 12c2a5335258e731f3c5f6127b16c22e
8f6740310b97fe07c983f0ef1ca24352e0a2deed
f1bb45aaeaeab16bf28d53a1a82ea51bdbcdb24a3c77970008c8b5a5cac74d7b
GET /960x100.gif HTTP/1.1
Host: xxxx6686.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:20 GMT
content-type: image/gif
content-length: 78562
last-modified: Tue, 19 Sep 2023 08:21:59 GMT
etag: "65095a27-132e2"
expires: Thu, 06 Jun 2024 08:29:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.175532.com/images/6627adfdeac85a2d39a1b275.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 img.175532.com/images/6627adfdeac85a2d39a1b275.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject175532.com
FingerprintA6:07:C1:E6:BD:A9:3D:37:1A:94:A5:AC:0E:C7:E8:B6:7E:48:90:02
ValidityTue, 07 May 2024 04:04:51 GMT - Mon, 05 Aug 2024 04:04:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6627adfdeac85a2d39a1b275.gif HTTP/1.1
Host: img.175532.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg
X-Firefox-Spdy: h2
img.175532.com/images/6627adf9eac85a2d39a1b274.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 img.175532.com/images/6627adf9eac85a2d39a1b274.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject175532.com
FingerprintA6:07:C1:E6:BD:A9:3D:37:1A:94:A5:AC:0E:C7:E8:B6:7E:48:90:02
ValidityTue, 07 May 2024 04:04:51 GMT - Mon, 05 Aug 2024 04:04:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6627adf9eac85a2d39a1b274.gif HTTP/1.1
Host: img.175532.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg
X-Firefox-Spdy: h2
m1170.top/9bef4285c9ea4840fabcc5335deef3b4.gif
107.148.40.25 334 kB URL GET m1170.top/9bef4285c9ea4840fabcc5335deef3b4.gif
IP 107.148.40.25:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm1170.top
Fingerprint5C:AE:EA:6E:22:90:AF:20:2D:0A:72:D3:46:BD:EB:86:77:47:02:6D
ValidityMon, 25 Mar 2024 18:09:57 GMT - Sun, 23 Jun 2024 18:09:56 GMT
File type gzip compressed data, from Unix
Size 334 kB (334191 bytes)
Hash 667e9efcc34397ed0522b780600caf93
3a831af2fa73b21c8210c5bd36fc375a09183c5f
cfff9b2cdd098487c1f7248d8eff544954821368b4f0f29ba389b703f0f6b02f
GET /9bef4285c9ea4840fabcc5335deef3b4.gif HTTP/1.1
Host: m1170.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 05:34:48 GMT
etag: W/"6631efcd-51c75"
expires: Thu, 06 Jun 2024 05:34:48 GMT
last-modified: Tue, 07 May 2024 06:15:05 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
k228.oss-cn-hangzhou.aliyuncs.com/ky96080a.gif
118.31.232.201200 OK 432 kB URL GET HTTP/1.1 k228.oss-cn-hangzhou.aliyuncs.com/ky96080a.gif
IP 118.31.232.201:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectcn-hangzhou.oss.aliyuncs.com
FingerprintBA:B1:7D:10:E5:EF:BD:A3:65:22:81:6E:73:E8:F1:B9:DB:ED:27:15
ValidityMon, 19 Feb 2024 05:01:07 GMT - Sat, 22 Mar 2025 05:01:06 GMT
File type GIF image data, version 89a, 960 x 80
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky96080a.gif HTTP/1.1
Host: k228.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 6639E6604292EA3532A79472
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sat, 21 Oct 2023 16:01:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 3
amxpj66.oss-cn-hangzhou.aliyuncs.com/baiban/960x120bai.gif
121.199.204.252200 OK 346 kB URL GET HTTP/1.1 amxpj66.oss-cn-hangzhou.aliyuncs.com/baiban/960x120bai.gif
IP 121.199.204.252:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectcn-hangzhou.oss.aliyuncs.com
FingerprintBA:B1:7D:10:E5:EF:BD:A3:65:22:81:6E:73:E8:F1:B9:DB:ED:27:15
ValidityMon, 19 Feb 2024 05:01:07 GMT - Sat, 22 Mar 2025 05:01:06 GMT
File type GIF image data, version 89a, 960 x 120
Size 346 kB (346227 bytes)
Hash 3faaf4d733b02b3ce252ab650ecf0a92
d52eab486d1e947939ff413fccc3e652c5dfec9f
796617008d668e7edc96be14dc251c4198e1f9625d7fe878356b84daf0557d1f
GET /baiban/960x120bai.gif HTTP/1.1
Host: amxpj66.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Content-Length: 346227
Connection: keep-alive
x-oss-request-id: 6639E6605C0069383948FA02
Accept-Ranges: bytes
ETag: "3FAAF4D733B02B3CE252AB650ECF0A92"
Last-Modified: Sat, 27 Apr 2024 07:44:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3650339023916675773
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: P6r01zOwKzziUqtlDs8Kkg==
x-oss-server-time: 1
cpa790tp.oss-ap-southeast-1.aliyuncs.com/960x100.gif
47.79.48.190200 OK 132 kB URL GET HTTP/1.1 cpa790tp.oss-ap-southeast-1.aliyuncs.com/960x100.gif
IP 47.79.48.190:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectap-southeast-1.oss.aliyuncs.com
Fingerprint2F:C3:37:0B:BC:D3:76:FF:78:50:B2:F2:D2:55:C0:56:A6:ED:29:9B
ValidityThu, 14 Sep 2023 03:16:06 GMT - Tue, 15 Oct 2024 03:16:05 GMT
File type GIF image data, version 89a, 960 x 100
Size 132 kB (132295 bytes)
Hash 47f92724a7246f1d56c568face7830cb
e84b8aee8c5cf59cfe18d83500d1a92cce7635af
4fb6fc36628a575d08a3deb8211f07dedfb5e892bd45bc0252877de58aa4a201
GET /960x100.gif HTTP/1.1
Host: cpa790tp.oss-ap-southeast-1.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Content-Length: 132295
Connection: keep-alive
x-oss-request-id: 6639E660385D5B3438C1863F
Accept-Ranges: bytes
ETag: "47F92724A7246F1D56C568FACE7830CB"
Last-Modified: Tue, 30 Apr 2024 15:33:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14655613874754228041
x-oss-storage-class: Standard
x-oss-ec: 0048-00000113
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: R/knJKckbx1WxWj6zngwyw==
x-oss-server-time: 1
ocsp.trust-provider.cn/
150.139.142.18 600 B IP 150.139.142.18:0
ASN #136195 Qingdao, Shandong Province, P.R.China.
Hash dd02dc1eba900db32d7b3e1d22e99cc1
ef53f6a94117f377389ae0fdc0967ee0cd3c3060
ab544ca4fb843377a732b72ebcf79bf53d153ddf68e7a5da329893de37a67087
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Date: Tue, 07 May 2024 08:29:21 GMT
Last-Modified: Mon, 06 May 2024 23:08:31 GMT
Expires: Mon, 13 May 2024 23:08:30 GMT
Etag: "ef53f6a94117f377389ae0fdc0967ee0cd3c3060"
Cache-Control: max-age=3600
X-CCACDN-Proxy-ID: scdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
CF-RAY: 87ffd77fe8bf211d-HKG
Age: 0
Ctl-Cache-Status: MISS from hk-xianggang4-ca01, MISS from fj-quanzhou7-ca52, MISS from he-baoding2-ca04
Request-Id: 6639e66156c9364978c38efe99665a03
via: n63-135-153.bdcdn-qdct.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1715070561ec948002eb9da2a6a19f8be506d6cf81
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=343, edge;dur=0
img2.imgtp.com/2024/04/27/tVh6AVWX.gif
104.21.233.190200 OK 57 kB URL GET HTTP/2 img2.imgtp.com/2024/04/27/tVh6AVWX.gif
IP 104.21.233.190:443
Requested by https://107.149.199.61:38689/
Certificate IssuerGoogle Trust Services LLC
Subjectimgtp.com
Fingerprint00:6A:EA:4D:40:52:9B:63:C4:D7:2B:B5:A3:66:B3:8A:70:36:11:E8
ValidityWed, 17 Apr 2024 03:41:22 GMT - Tue, 16 Jul 2024 03:41:21 GMT
File type GIF image data, version 89a, 120 x 120
Hash cd4cdf8e53fbbda42a812c5b6a682685
bc26c0a8d050b45c406f85435fd27c3f064d36c5
f0ba2088927471dd635f684b37f68f03e9ad294398e38de3075e5665a7803b76
GET /2024/04/27/tVh6AVWX.gif HTTP/1.1
Host: img2.imgtp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 57449
last-modified: Sat, 27 Apr 2024 09:36:46 GMT
etag: "662cc72e-e069"
expires: Mon, 27 May 2024 09:37:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 859885
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYTYx7SAvi1KK4%2BT9OlSolUdff4cbXurB8IccOIZbGE3%2BbE0yQDW1cTYgngq3L5BQTZuB%2BsvEUq0hlPpH%2FoE6UKVsNHXqeqqIdjNCa5nNGiFGhUBHw08h0NFhHXqJbqh%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd7842de16537-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
jt.112248.vip/jingtai/szgg/wnsrx2/960X100.gif
156.251.244.229200 OK 511 kB URL GET HTTP/2 jt.112248.vip/jingtai/szgg/wnsrx2/960X100.gif
IP 156.251.244.229:443
Requested by https://107.149.199.61:38689/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectjt.112248.vip
FingerprintD6:BF:E7:D1:42:CD:34:09:BF:54:11:1D:09:83:B6:50:C3:D6:1C:90
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 20 Jan 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 100
Size 511 kB (511368 bytes)
Hash da885992b1b404804624b297e34bb246
33271ee5d63f595b1587c0936e44675e890601f9
4537758b4bb221faed9430fe007828b9f7ac7aa251d98172a0feb437cfb06b98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /jingtai/szgg/wnsrx2/960X100.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 511368
last-modified: Tue, 30 Apr 2024 08:45:59 GMT
etag: "6630afc7-7cd88"
expires: Thu, 30 May 2024 11:35:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.692881.com/images/6636322675b559972b582f65.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.692881.com/images/6636322675b559972b582f65.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject692881.com
Fingerprint84:AB:47:07:28:2F:3C:41:15:30:AC:10:F8:4A:E2:4F:E8:95:86:19
ValidityTue, 07 May 2024 04:13:26 GMT - Mon, 05 Aug 2024 04:13:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6636322675b559972b582f65.gif HTTP/1.1
Host: www.692881.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg
X-Firefox-Spdy: h2
sutusw869.top/c1b63913ca51e1dca32fc7807a646eb1.gif
107.148.40.25 50 kB URL GET sutusw869.top/c1b63913ca51e1dca32fc7807a646eb1.gif
IP 107.148.40.25:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectsimp712.top
Fingerprint30:7B:55:4D:55:A0:87:1C:13:86:47:A7:19:7D:E8:83:95:1E:C7:EE
ValidityTue, 30 Apr 2024 12:27:42 GMT - Mon, 29 Jul 2024 12:27:41 GMT
File type gzip compressed data, from Unix
Hash e57848d464863bc5e89f3b7838a68c6d
03c940ff93abfbdea3e6862b5983d623c77922bd
727682d50309e8807a888ff0c1bfecf34b04a290e8c4bd664737a6c7dc1a0b02
GET /c1b63913ca51e1dca32fc7807a646eb1.gif HTTP/1.1
Host: sutusw869.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Mon, 06 May 2024 03:47:22 GMT
etag: W/"64e9adaf-c0c2"
expires: Wed, 05 Jun 2024 03:47:22 GMT
last-modified: Mon, 06 May 2024 17:03:21 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
u2024.xyz/uu1.jpg
38.34.172.133200 OK 22 kB IP 38.34.172.133:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectu2024.xyz
Fingerprint83:0E:0C:B3:D5:D0:D7:D9:BF:82:56:7E:20:AB:D1:8C:4F:19:EE:A1
ValidityWed, 27 Mar 2024 14:57:56 GMT - Tue, 25 Jun 2024 14:57:55 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 336x221, components 3
Hash 4c9700cad6c1e3729c4f5efe6f38e761
b47eccbf3f970ec93dd1d63c190a8f73e890f90a
d130a5c8c022648e159595b4ae08cf197b10ff59479080720c7f1834da76bc8a
GET /uu1.jpg HTTP/1.1
Host: u2024.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/jpeg
content-length: 21822
last-modified: Wed, 27 Mar 2024 16:00:48 GMT
etag: "660442b0-553e"
expires: Thu, 06 Jun 2024 08:29:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.692881.com/images/663631d775b559972b582f61.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.692881.com/images/663631d775b559972b582f61.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject692881.com
Fingerprint84:AB:47:07:28:2F:3C:41:15:30:AC:10:F8:4A:E2:4F:E8:95:86:19
ValidityTue, 07 May 2024 04:13:26 GMT - Mon, 05 Aug 2024 04:13:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/663631d775b559972b582f61.gif HTTP/1.1
Host: www.692881.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg
X-Firefox-Spdy: h2
www.upr377.com/images/6630f3365d556db1e040233a.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.upr377.com/images/6630f3365d556db1e040233a.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectupr377.com
Fingerprint0D:96:FE:A3:66:17:FE:DB:51:1E:3D:D9:8A:13:E4:79:B5:AE:8F:E6
ValidityTue, 30 Apr 2024 10:07:47 GMT - Mon, 29 Jul 2024 10:07:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f3365d556db1e040233a.gif HTTP/1.1
Host: www.upr377.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/c995d143ad4bd113e361950f1cafa40f4bfb055a.jpg
X-Firefox-Spdy: h2
666bbb999www.com/71db6ca17e3e4fd8860deaae669fde4d.gif
67.21.86.38200 OK 284 kB URL GET HTTP/1.1 666bbb999www.com/71db6ca17e3e4fd8860deaae669fde4d.gif
IP 67.21.86.38:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 960 x 50
Size 284 kB (283895 bytes)
Hash 9b94540723809d540e574fc64e95bfa5
2e110258e5b72caf1756609870ccc8d9a5ec9ebc
aae9d67375e07de9a35f0eca4567707a1eda1e9078bcc497443a029ec78f3f2d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /71db6ca17e3e4fd8860deaae669fde4d.gif HTTP/1.1
Host: 666bbb999www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:21 GMT
Content-Type: image/gif
Content-Length: 283895
Connection: keep-alive
Last-Modified: Sun, 21 Apr 2024 08:05:58 GMT
ETag: "6624c8e6-454f7"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
www.eho454.com/images/6630f17c5d556db1e0402327.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.eho454.com/images/6630f17c5d556db1e0402327.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecteho454.com
Fingerprint37:80:08:4D:C6:24:26:4C:E2:AC:A5:7D:69:31:D8:3E:31:A1:D5:18
ValidityTue, 30 Apr 2024 10:01:27 GMT - Mon, 29 Jul 2024 10:01:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6630f17c5d556db1e0402327.gif HTTP/1.1
Host: www.eho454.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg
X-Firefox-Spdy: h2
333bbb666www.com/713725a5c13843dabd4f291aa7e1a3b8.gif
64.32.19.14200 OK 37 kB URL GET HTTP/1.1 333bbb666www.com/713725a5c13843dabd4f291aa7e1a3b8.gif
IP 64.32.19.14:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 320 x 185
Hash 922b2420242f36e3606db520ec3614c1
8c03ea4dbac2cdd6d1d17b54d96b8d2732a5ddf6
815febfd34548b679e01f5ae2f03cf6147628c7f5b534a754bdd8c279e163b6e
GET /713725a5c13843dabd4f291aa7e1a3b8.gif HTTP/1.1
Host: 333bbb666www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Content-Length: 37297
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 15:00:41 GMT
ETag: "66310799-91b1"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
111aa888bb.com/204265e580d9450bbbe2fe241f6e51e0.gif
107.167.10.69200 OK 496 kB URL GET HTTP/1.1 111aa888bb.com/204265e580d9450bbbe2fe241f6e51e0.gif
IP 107.167.10.69:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject111aa111bb.com
FingerprintA2:56:A4:D6:E0:B7:CF:09:78:22:7A:75:F3:81:A1:29:DA:D3:AB:40
ValidityThu, 02 May 2024 21:55:35 GMT - Wed, 31 Jul 2024 21:55:34 GMT
File type GIF image data, version 89a, 980 x 120
Size 496 kB (496039 bytes)
Hash 1ed38d0d02425101153c749ad393200a
b2119ff464dbb8af866407fb9fc739a7b21ece63
edf44159e52da4c3d90ccfe238f0d365339eda8316ddfdfe2e927d70b7a99122
GET /204265e580d9450bbbe2fe241f6e51e0.gif HTTP/1.1
Host: 111aa888bb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:21 GMT
Content-Type: image/gif
Content-Length: 496039
Connection: keep-alive
Last-Modified: Sat, 04 May 2024 09:48:15 GMT
ETag: "6636045f-791a7"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
555bbb999www.com/d6347beea29443c2ab0b937ac1d9afe9.gif
107.167.16.157200 OK 311 kB URL GET HTTP/1.1 555bbb999www.com/d6347beea29443c2ab0b937ac1d9afe9.gif
IP 107.167.16.157:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 960 x 80
Size 311 kB (310888 bytes)
Hash 2b19142af40e11102aa895256cc9241d
62bf50abd2ea4cbd5cbe2274c87a59a2b47611c9
679a13cb4b97d41269816f338157191f5d57d8433e05e962008665bd7830bc92
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /d6347beea29443c2ab0b937ac1d9afe9.gif HTTP/1.1
Host: 555bbb999www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:21 GMT
Content-Type: image/gif
Content-Length: 310888
Connection: keep-alive
Last-Modified: Thu, 25 Apr 2024 04:33:34 GMT
ETag: "6629dd1e-4be68"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
sezhantupian.oss-ap-northeast-1.aliyuncs.com/20240501/weinisi/960x80%20vns%20gif%20zh.gif
47.245.16.90200 OK 1.2 MB URL GET HTTP/1.1 sezhantupian.oss-ap-northeast-1.aliyuncs.com/20240501/weinisi/960x80%20vns%20gif%20zh.gif
IP 47.245.16.90:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectap-northeast-1.oss.aliyuncs.com
FingerprintC2:20:6D:58:38:4D:C4:77:FF:40:3A:54:C3:BF:38:60:70:26:02:AD
ValidityTue, 21 Nov 2023 02:46:15 GMT - Sun, 22 Dec 2024 02:46:14 GMT
File type GIF image data, version 89a, 960 x 80
Size 1.2 MB (1177902 bytes)
Hash 4659daeb5548f2ca49461f8c7823b02c
05056e3b1ada5851b18a419cf432a0e24bbed5e7
79ce9bde65b4c902cc1dce9e8dd821274168ac58f1c9aebc9df9e904ebf7bd05
GET /20240501/weinisi/960x80%20vns%20gif%20zh.gif HTTP/1.1
Host: sezhantupian.oss-ap-northeast-1.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Content-Length: 1177902
Connection: keep-alive
x-oss-request-id: 6639E66023B1183434E4B768
Accept-Ranges: bytes
ETag: "4659DAEB5548F2CA49461F8C7823B02C"
Last-Modified: Sun, 05 May 2024 10:48:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10635090087692677091
x-oss-storage-class: Standard
x-oss-ec: 0048-00000113
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Rlna61VI8spJRh+MeCOwLA==
x-oss-server-time: 3
www.zoonal.cn/images/2024/04/15/661ce2dcc3b954415132d95f.gif
43.202.168.202302 Found 0 B URL GET HTTP/2 www.zoonal.cn/images/2024/04/15/661ce2dcc3b954415132d95f.gif
IP 43.202.168.202:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectzoonal.cn
Fingerprint63:25:C2:B1:CF:C9:22:2A:9C:A1:FE:76:1B:34:C4:A1:28:32:45:36
ValiditySat, 27 Apr 2024 09:36:54 GMT - Fri, 26 Jul 2024 09:36:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2024/04/15/661ce2dcc3b954415132d95f.gif HTTP/1.1
Host: www.zoonal.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://imgsrc.baidu.com/tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg
X-Firefox-Spdy: h2
sezhantupian.oss-ap-northeast-1.aliyuncs.com/20240501/weinisi/150x150%20%E7%AB%99%E9%95%BF%E6%8E%A8%E8%8D%90%205sec.gif
47.245.16.90200 OK 1.5 MB URL GET HTTP/1.1 sezhantupian.oss-ap-northeast-1.aliyuncs.com/20240501/weinisi/150x150%20%E7%AB%99%E9%95%BF%E6%8E%A8%E8%8D%90%205sec.gif
IP 47.245.16.90:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectap-northeast-1.oss.aliyuncs.com
FingerprintC2:20:6D:58:38:4D:C4:77:FF:40:3A:54:C3:BF:38:60:70:26:02:AD
ValidityTue, 21 Nov 2023 02:46:15 GMT - Sun, 22 Dec 2024 02:46:14 GMT
File type GIF image data, version 89a, 150 x 150
Size 1.5 MB (1533658 bytes)
Hash 0551d58af3a003d767b043f028887353
2043f6ff544522d9c55e3239c40a1e439361eb75
058c0d8600a011ee53082d9076c7c50c5e451189e73ea0e24bed0b17ab37aab6
GET /20240501/weinisi/150x150%20%E7%AB%99%E9%95%BF%E6%8E%A8%E8%8D%90%205sec.gif HTTP/1.1
Host: sezhantupian.oss-ap-northeast-1.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Content-Length: 1533658
Connection: keep-alive
x-oss-request-id: 6639E660A705D03035042474
Accept-Ranges: bytes
ETag: "0551D58AF3A003D767B043F028887353"
Last-Modified: Sun, 05 May 2024 10:48:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3245178022530102881
x-oss-storage-class: Standard
x-oss-ec: 0048-00000113
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: BVHVivOgA9dnsEPwKIhzUw==
x-oss-server-time: 2
777bbb333www.com/7d642213f3904f27b496413365a360e8.gif
107.167.10.69200 OK 58 kB URL GET HTTP/1.1 777bbb333www.com/7d642213f3904f27b496413365a360e8.gif
IP 107.167.10.69:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject333bbb666www.com
FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA
ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT
File type GIF image data, version 89a, 320 x 185
Hash 9448d998c21b67458b3251ac1f06d158
45c90c673eee3962bfe1f2d7cf36c5594999f491
36ec765da8cb188864e4f72447375c50c52449a3a1869434cb62dd988a38e08e
GET /7d642213f3904f27b496413365a360e8.gif HTTP/1.1
Host: 777bbb333www.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Content-Length: 58514
Connection: keep-alive
Last-Modified: Sun, 21 Apr 2024 07:56:19 GMT
ETag: "6624c6a3-e492"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
666bbb222bbb.com/0daa73bdfb1e4955a40d7bcbde13d326.gif
64.32.19.13200 OK 55 kB URL GET HTTP/1.1 666bbb222bbb.com/0daa73bdfb1e4955a40d7bcbde13d326.gif
IP 64.32.19.13:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject222bbb888bbb.com
Fingerprint4A:AD:12:71:F6:8F:F7:8E:57:61:C4:AF:EB:9C:91:BF:33:46:AB:78
ValiditySun, 05 May 2024 11:28:51 GMT - Sat, 03 Aug 2024 11:28:50 GMT
File type GIF image data, version 89a, 320 x 185
Hash fa01d991776154d954275227253d330b
f37986c10260dfafee5ab569a441529464dbdfc8
ca7c53e90afc32e104fdaad31ef34679a0fe808478261451c10c73ab0f90ed15
GET /0daa73bdfb1e4955a40d7bcbde13d326.gif HTTP/1.1
Host: 666bbb222bbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Content-Length: 54558
Connection: keep-alive
Last-Modified: Sun, 21 Apr 2024 09:59:17 GMT
ETag: "6624e375-d51e"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
634image.vip:3188/960x120.gif
27.124.4.173 580 kB URL GET 634image.vip:3188/960x120.gif
IP 27.124.4.173:0
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject634image.vip
Fingerprint0E:44:D9:2F:98:5F:C8:32:53:6D:FB:6C:A5:1E:2B:97:41:34:7E:78
ValidityThu, 25 Apr 2024 04:31:19 GMT - Wed, 24 Jul 2024 04:31:18 GMT
File type GIF image data, version 89a, 960 x 120
Size 580 kB (580302 bytes)
Hash ebbfa325109f124bcd954aa9c1278efe
241a718c61a1262b6f5e343bfe07c9fec9a80887
dfaed77b95273394ec51769e8b81cb0a78a0455f461ad4ea74542e45d054e35f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /960x120.gif HTTP/1.1
Host: 634image.vip:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 14:20:43 GMT
Vary: Accept-Encoding
ETag: W/"662bb83b-8e359"
Expires: Tue, 04 Jun 2024 14:16:41 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
cd5b0z.xyz:2199/640-160.js
172.247.205.123200 OK 223 kB URL GET HTTP/1.1 cd5b0z.xyz:2199/640-160.js
IP 172.247.205.123:2199
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectcd5b0z.xyz
Fingerprint0B:0F:38:86:21:17:5F:BA:91:05:47:D5:6F:D1:4A:1F:D0:CF:18:D5
ValiditySat, 27 Apr 2024 11:25:10 GMT - Fri, 26 Jul 2024 11:25:09 GMT
File type GIF image data, version 89a, 640 x 160
Size 223 kB (222780 bytes)
Hash 7b5a11963bd8180d8133abf707c925f8
08a000bbff775a475f289143b94c9367db70ebec
70957f5ccd61eddcb5a2923cb6bfd14e895e3b15acbc042a033582fa0760690e
GET /640-160.js HTTP/1.1
Host: cd5b0z.xyz:2199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 26 Mar 2024 12:58:55 GMT
Vary: Accept-Encoding
ETag: W/"6602c68f-368ca"
Expires: Tue, 07 May 2024 11:22:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: qq.com
X-Cache-Status: HIT
165tchuang.com:3188/i/2023/02/27/63fc87cf268d4.gif
27.124.4.173 44 kB URL GET 165tchuang.com:3188/i/2023/02/27/63fc87cf268d4.gif
IP 27.124.4.173:0
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject165tchuang.com
Fingerprint1A:94:8F:FC:C6:4E:0B:6C:90:85:0A:FA:BC:31:E9:C8:9E:41:25:4C
ValidityFri, 12 Apr 2024 11:48:04 GMT - Thu, 11 Jul 2024 11:48:03 GMT
File type GIF image data, version 89a, 960 x 80
Hash 171cb4b4d4d44d09e50293088db12f11
bb1c5a1b46a8224fdd9bb7f932aeb93258ae94a5
cc30da9db7760183489b69ea178454bc7ce2f581c1b4915d388eaa69c0d2376b
GET /i/2023/02/27/63fc87cf268d4.gif HTTP/1.1
Host: 165tchuang.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Feb 2023 10:37:03 GMT
Vary: Accept-Encoding
ETag: W/"63fc87cf-1d0cd"
Expires: Tue, 04 Jun 2024 14:16:41 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 122 kB URL GET HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:443
ASN #3462 Data Communication Business Group
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintB0:43:78:32:80:A7:A0:F7:9E:6A:67:05:7A:BC:88:85:19:E6:24:E9
ValidityFri, 08 Mar 2024 08:00:28 GMT - Thu, 06 Jun 2024 08:00:27 GMT
File type GIF image data, version 89a, 960 x 80
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Apr 2011 13:47:06 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Thu, 05 May 2011 13:47:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/7e3e6709c93d70cf59568830bedcd100baa12b5a.jpg
104.193.88.109200 OK 181 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/7e3e6709c93d70cf59568830bedcd100baa12b5a.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 150 x 150
Size 181 kB (180784 bytes)
Hash 4e4496bc3e8dd763b46d765c5ec25c97
988dd6d668ec43eda4d81c79201cc2fb458cbc8a
8128ee46c473e52615b52e4cb2de54d0b238b774d16d2b1e5b8cb5008821abda
GET /tieba/pic/item/7e3e6709c93d70cf59568830bedcd100baa12b5a.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 180784
expires: Tue, 04 Jun 2024 09:25:16 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 4e4496bc3e8dd763b46d765c5ec25c97
age: 169446
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Sun, 05 May 2024 09:25:16 GMT
ohc-cache-hit: sfo01-sys-jorcol09.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL GET HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:443
ASN #3462 Data Communication Business Group
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintB0:43:78:32:80:A7:A0:F7:9E:6A:67:05:7A:BC:88:85:19:E6:24:E9
ValidityFri, 08 Mar 2024 08:00:28 GMT - Thu, 06 Jun 2024 08:00:27 GMT
File type GIF image data, version 89a, 960 x 60
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Apr 2011 13:47:06 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Thu, 05 May 2011 13:47:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg
104.193.88.109200 OK 49 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 150 x 150
Hash b744dc30aee60e4e6f31034067658fac
caf34f05db493af2e382f42ba57a0eb9ba3bba22
15b0f7ae509996d48198d613ec5189748daaadef2972cb9da305d55d4d4bbda0
GET /tieba/pic/item/6a600c338744ebf83acfb4039ff9d72a6059a754.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 48613
expires: Fri, 31 May 2024 07:39:09 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: b744dc30aee60e4e6f31034067658fac
age: 521413
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Wed, 01 May 2024 07:39:09 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
88b.2035syb.com/gif/000-1.gif
122.146.115.183200 OK 296 kB URL GET HTTP/1.1 88b.2035syb.com/gif/000-1.gif
IP 122.146.115.183:443
ASN #9919 New Century InfoComm Tech Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerZeroSSL
Subject88b.2035syb.com
Fingerprint83:2C:F0:BA:30:01:97:4D:EB:3F:54:34:E4:DD:68:C0:98:AB:D5:52
ValidityFri, 03 May 2024 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 296 kB (296186 bytes)
Hash a8bcf39f55252bdce2e3b0499185406c
949cada917e030ecbb624ef05414c0767859e7be
998ed70afc8c94f46d54f7c8bb01684dbf94a132e48c23f8fad3c53629beb956
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /gif/000-1.gif HTTP/1.1
Host: 88b.2035syb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:21 GMT
Content-Type: image/gif
Content-Length: 296186
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 09:51:45 GMT
ETag: "6630bf31-484fa"
Expires: Wed, 15 May 2024 22:06:46 GMT
Cache-Control: max-age=1036800
Strict-Transport-Security: max-age=31536000
Server: 8080
X-Cache-Status: HIT
Accept-Ranges: bytes
92n-tkj.com/hs960-120.gif
198.16.54.19200 OK 874 kB URL GET HTTP/2 92n-tkj.com/hs960-120.gif
IP 198.16.54.19:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjecttyy-jzx.com
FingerprintBA:E4:2C:3B:2A:FD:7C:6B:A8:D2:4E:07:91:3A:1F:06:0F:C3:B8:F7
ValidityMon, 15 Apr 2024 10:28:55 GMT - Sun, 14 Jul 2024 10:28:54 GMT
File type GIF image data, version 89a, 960 x 120
Size 874 kB (874336 bytes)
Hash 909cd4004370189f50f96a65c730e038
0f776741be1310ff497764d42b0f90c234b068cc
57567b2f343aa58512713e06541dcbe0b0917abbb6714f33c98c5aa87e2fc816
GET /hs960-120.gif HTTP/1.1
Host: 92n-tkj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:21 GMT
content-type: image/gif
content-length: 874336
last-modified: Thu, 02 May 2024 06:22:41 GMT
etag: "d5760-61772a159ee40"
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg
104.193.88.109200 OK 482 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 100
Size 482 kB (482280 bytes)
Hash 056e690d5847294c55407f36636c5944
2762e33939b5422f8adab2470645e28ec871e196
0a17b71731daa6c3141ab43719e828a37992c02e2efc69e4bfa1eb967cd3e44f
GET /tieba/pic/item/4bed2e738bd4b31cb1243787c1d6277f9e2ff8f6.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 482280
expires: Thu, 23 May 2024 13:09:52 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 056e690d5847294c55407f36636c5944
age: 1192770
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 23 Apr 2024 13:09:52 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg
104.193.88.109200 OK 182 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 300 x 200
Size 182 kB (181999 bytes)
Hash e9dbba8389160edcb4c9e187692024e0
b41ade383fbc0ebddc64f895f9e0514d132077ca
7e77076850aeeb54cc4ef852a4655947548e9112bc47192ed434976bf62bfcb4
GET /tieba/pic/item/cefc1e178a82b9016365620f358da9773812efc6.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 181999
expires: Thu, 23 May 2024 09:41:28 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: e9dbba8389160edcb4c9e187692024e0
age: 1205274
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 23 Apr 2024 09:41:28 GMT
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
165image.com:3188/ky960x120.gif
27.124.4.173 591 kB URL GET 165image.com:3188/ky960x120.gif
IP 27.124.4.173:0
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subject225image.com
Fingerprint37:B4:B5:C4:CC:E3:E3:8F:6B:E1:E1:05:C7:D7:87:48:52:BD:71:ED
ValidityWed, 10 May 2023 01:26:57 GMT - Sat, 08 Jun 2024 01:26:56 GMT
File type GIF image data, version 89a, 960 x 120
Size 591 kB (590688 bytes)
Hash 31f30a2a0a8b0402780b73aa4407e062
9166c01aa734fe03ae96b80dcd865dd68509f157
987e60a0bf872e844298ed662e3c4b053f18c939e6cf0b4b2a70226e5f268ead
GET /ky960x120.gif HTTP/1.1
Host: 165image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:21 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 18 Feb 2024 15:59:33 GMT
Vary: Accept-Encoding
ETag: W/"65d22965-9233d"
Expires: Tue, 04 Jun 2024 14:16:43 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
88e.2036syb.com/gif/mfkp.gif
122.146.115.183200 OK 217 kB URL GET HTTP/1.1 88e.2036syb.com/gif/mfkp.gif
IP 122.146.115.183:443
ASN #9919 New Century InfoComm Tech Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerZeroSSL
Subject88e.2036syb.com
FingerprintD1:EA:A2:9A:A5:E0:A9:7B:25:E1:50:99:27:DF:A0:1C:B1:BD:BB:14
ValidityFri, 03 May 2024 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 469 x 264
Size 217 kB (216712 bytes)
Hash 7ebf860b0b56d6212d6b73937169c5a7
ceef02c3bc040e84f50d59de2d436ded495b4edc
57b4531734ac2271bb5bad7d0ccbe0077848bcd5e1fefaa6e7b98a2aba5e853b
GET /gif/mfkp.gif HTTP/1.1
Host: 88e.2036syb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Content-Length: 216712
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 09:51:52 GMT
ETag: "6630bf38-34e88"
Expires: Wed, 15 May 2024 21:54:50 GMT
Cache-Control: max-age=1036800
Strict-Transport-Security: max-age=31536000
Server: 8080
X-Cache-Status: HIT
Accept-Ranges: bytes
imgsrc.baidu.com/tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg
104.193.88.109200 OK 613 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 80
Size 613 kB (613021 bytes)
Hash b526595607451c70411a9ff8822df1f4
4f54b38baaf634832fa201c4233de067da341250
44cb7228a182661a88e199d45e87b89eecbd62ed54faf0139536dd1fece8d317
GET /tieba/pic/item/503d269759ee3d6d2423cff705166d224f4ade21.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 613021
expires: Tue, 21 May 2024 15:17:55 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: b526595607451c70411a9ff8822df1f4
age: 1357887
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Sun, 21 Apr 2024 15:17:55 GMT
ohc-cache-hit: sfo01-sys-jorcol06.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
595image.vip:3188/fu595.gif
27.124.4.173 79 kB URL GET 595image.vip:3188/fu595.gif
IP 27.124.4.173:0
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subject225image.vip
Fingerprint93:44:22:02:D3:F3:82:F8:5A:BD:22:31:AC:FB:77:40:3D:F0:F2:65
ValiditySat, 20 May 2023 06:07:30 GMT - Tue, 18 Jun 2024 06:07:29 GMT
File type GIF image data, version 89a, 960 x 120
Hash c21efe6023592a1c970948ec080ac1c1
189c2ca682014bceab967ceae8105f14f5529591
9640a0883126a22669d048ee6728019acdd0748245bc5f9d53de472ff9f5a916
GET /fu595.gif HTTP/1.1
Host: 595image.vip:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 13:55:43 GMT
Vary: Accept-Encoding
ETag: W/"6630f85f-13656"
Expires: Tue, 04 Jun 2024 14:16:35 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
imgsrc.baidu.com/tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg
104.193.88.109200 OK 459 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 280 x 160
Size 459 kB (459424 bytes)
Hash 1a26a178311c25fd278ad5c9f7c4c41a
59182657c0bf7c3bb52b0a8c00796b19765e1b11
9f917363382bd8f7600ce333bd85219e3626ff21e1fc8554e8784673d2a2e2f1
GET /tieba/pic/item/a1ec08fa513d26973636406113fbb2fb4316d821.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 459424
expires: Tue, 21 May 2024 13:06:23 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 1a26a178311c25fd278ad5c9f7c4c41a
age: 1365779
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Sun, 21 Apr 2024 13:06:23 GMT
ohc-cache-hit: sfo01-sys-jorcol07.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
104.193.88.109200 OK 85 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 200 x 200
Hash 7c7282d06f4d8c18aa9c8d90edefcd29
eb230b66267afe4bf59d4eb27c6bbafa74f59be8
fc8f3ffb381649d5e1739f5246ecbf6608ae3ccd7629bb254a675619f87f6171
GET /forum/pic/item/09fa513d269759eec165a4faf4fb43166d22dfcf.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 84776
access-control-allow-origin: *
etag: 7c7282d06f4d8c18aa9c8d90edefcd29
expires: Thu, 06 Jun 2024 08:29:22 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/c995d143ad4bd113e361950f1cafa40f4bfb055a.jpg
104.193.88.109200 OK 538 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/c995d143ad4bd113e361950f1cafa40f4bfb055a.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 750 x 120
Size 538 kB (537683 bytes)
Hash 6d74fa04c4736f4853abdf74e6b16938
74564272f839a0d19da2b4c43ebe36b7cfd91290
64c01eb457cd989ca9dea0d6aeb9cdfc267f27bc3a5c16d60c8cba03e35c5eff
GET /tieba/pic/item/c995d143ad4bd113e361950f1cafa40f4bfb055a.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 537683
expires: Tue, 04 Jun 2024 09:30:54 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: 6d74fa04c4736f4853abdf74e6b16938
age: 169108
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Sun, 05 May 2024 09:30:54 GMT
ohc-cache-hit: sfo01-sys-jorcol02.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg
104.193.88.109200 OK 263 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 750 x 120
Size 263 kB (262816 bytes)
Hash bc107c017b50bbb1386d3f0ee5363bdb
7208cae7497e52e7d7bd6ea16ad5ece0321c8551
3093cbe545c08d04ad42ba0b4ceb2f0f56a975fd026925aeac94c828d845400a
GET /tieba/pic/item/caef76094b36acaf655e46c03ad98d1001e99c54.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 262816
expires: Fri, 31 May 2024 07:29:45 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: bc107c017b50bbb1386d3f0ee5363bdb
age: 521977
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Wed, 01 May 2024 07:29:45 GMT
ohc-cache-hit: sfo01-sys-jorcol09.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg
104.193.88.109200 OK 25 kB URL GET HTTP/2 imgsrc.baidu.com/tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 270 x 163
Hash c96f6a6537ee40eb8cfa47bad3ecffb2
4711c1ab7028d9a7523c14eeb03a1f14c04504f4
967be16d09b900ed0050ee20ab07f373c95479ed462fc3c654b67c7242a4bdaf
GET /tieba/pic/item/63d0f703918fa0eca3f06f31609759ee3d6ddbd3.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:23 GMT
content-type: image/gif
content-length: 24875
expires: Thu, 30 May 2024 09:33:22 GMT
last-modified: Sat, 03 Jan 1970 00:00:00 GMT
etag: c96f6a6537ee40eb8cfa47bad3ecffb2
age: 600961
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 30 Apr 2024 09:33:22 GMT
ohc-cache-hit: sfo01-sys-jorcol06.sfo01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
104.193.88.109200 OK 233 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 120
Size 233 kB (232650 bytes)
Hash 4b27d41a2128600fde62fbb7f6d4f8ed
0612d8918617330bc746f5846dfaf04f81c8465a
39ccf13d8ffed481f1075b1a896c3750815f6a3bb8044ec876493659d91bd941
GET /forum/pic/item/024f78f0f736afc3e8312b54f519ebc4b74512c5.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 232650
access-control-allow-origin: *
etag: 4b27d41a2128600fde62fbb7f6d4f8ed
expires: Thu, 06 Jun 2024 08:29:22 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/0b7b02087bf40ad1317879d4112c11dfa9ecce6d.jpg
104.193.88.109200 OK 244 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/0b7b02087bf40ad1317879d4112c11dfa9ecce6d.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 960 x 120
Size 244 kB (244261 bytes)
Hash 3199e7968e74312e91abb43e50e38f23
a01e6dc24f06808288296d01336f5209f89687db
6ecd32dc2a9668ca36d0dccd3bf2019ef9c60954d9195cc364c1a02c9b6ee6b4
GET /forum/pic/item/0b7b02087bf40ad1317879d4112c11dfa9ecce6d.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/gif
content-length: 244261
access-control-allow-origin: *
etag: 3199e7968e74312e91abb43e50e38f23
expires: Thu, 06 Jun 2024 08:29:22 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/42166d224f4a20a47a36b1fbd6529822720ed0e6.jpg
104.193.88.109200 OK 133 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/42166d224f4a20a47a36b1fbd6529822720ed0e6.jpg
IP 104.193.88.109:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://107.149.199.61:38689/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 1280x720, components 3
Size 133 kB (133214 bytes)
Hash eb63aec9fcc01f433116756742a7b1f3
d7ae804e24ffec85a198bc8cea61c01ad96cee3e
e587128d30b808d0b6ab7d60b6b7c2cf42c070a028f8532c7c051f7f46f1709b
GET /forum/pic/item/42166d224f4a20a47a36b1fbd6529822720ed0e6.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 07 May 2024 08:29:22 GMT
content-type: image/jpeg
content-length: 133214
access-control-allow-origin: *
etag: eb63aec9fcc01f433116756742a7b1f3
expires: Thu, 06 Jun 2024 08:29:22 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
634image.com:3188/400.gif
27.124.4.173 643 kB URL GET 634image.com:3188/400.gif
IP 27.124.4.173:0
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subject634image.com
FingerprintC4:27:8E:FC:40:0D:18:77:2F:32:06:9C:6F:86:24:A3:6E:6E:C8:96
ValidityThu, 25 Apr 2024 04:31:19 GMT - Wed, 24 Jul 2024 04:31:18 GMT
File type GIF image data, version 89a, 500 x 250
Size 643 kB (643350 bytes)
Hash 094f0eeb82073b55495ad297a14047da
0a65eb6dbc9f0bb77781ee4e1756d9bbd3f4b8c6
bc44a5366a65bc6d517879e729796a39e002f0cc562c23d0ff805d246939320a
GET /400.gif HTTP/1.1
Host: 634image.com:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 09:53:50 GMT
Vary: Accept-Encoding
ETag: W/"662b79ae-9df74"
Expires: Tue, 04 Jun 2024 14:17:18 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
d3e8vopdubg91v.cloudfront.net/gif/962.gif
54.230.241.60200 OK 100 kB URL GET HTTP/2 d3e8vopdubg91v.cloudfront.net/gif/962.gif
IP 54.230.241.60:443
Requested by https://107.149.199.61:38689/
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type GIF image data, version 89a, 980 x 80
Size 100 kB (100110 bytes)
Hash 9e66b5a346498dc242e950d6faa9d198
07bea83e6fee40bbfd4b3eba06b27a94ca67a427
71e44c0d7cbe03a36a634293b79ba958f7e27628ea552f5494003a237bc51215
GET /gif/962.gif HTTP/1.1
Host: d3e8vopdubg91v.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 100110
date: Mon, 06 May 2024 09:39:45 GMT
last-modified: Thu, 02 May 2024 15:24:21 GMT
etag: "9e66b5a346498dc242e950d6faa9d198"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z6RNGTne4RZWS3oIVN_JRgThbrDJBIoviu8Jz4WOzpg6FFoLqVseZQ==
age: 82180
X-Firefox-Spdy: h2
165image.vip:3188/400x200.gif
27.124.4.173 1.1 MB URL GET 165image.vip:3188/400x200.gif
IP 27.124.4.173:0
ASN #64050 BGPNET Global ASN
Requested by https://107.149.199.61:38689/
Certificate IssuerUnizeto Technologies S.A.
Subject225image.vip
Fingerprint93:44:22:02:D3:F3:82:F8:5A:BD:22:31:AC:FB:77:40:3D:F0:F2:65
ValiditySat, 20 May 2023 06:07:30 GMT - Tue, 18 Jun 2024 06:07:29 GMT
File type GIF image data, version 89a, 400 x 200
Size 1.1 MB (1072502 bytes)
Hash aa54aa0a7803a5b8532250c8d95785b6
484bd03ab2f0d85f0ada346fa0d6e003881ab2ba
0a11103c880988c42a94a7fd1bc0f4cc03d6a306f62159528f67543306e44b58
GET /400x200.gif HTTP/1.1
Host: 165image.vip:3188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 08:29:22 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Apr 2024 05:40:09 GMT
Vary: Accept-Encoding
ETag: W/"660a48b9-106796"
Expires: Tue, 04 Jun 2024 14:16:33 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=rdeVCoMzOB_FtKwkRT6lB1Xl7xSZa0wSZNgYAruYc5YSSHVb0xVfF_bH7WxBAV1it7guBrIiVhyN5OmDbJRn7n6DxkHKTTT2tEnm44xj6NMWBUH0wvJBzDYfysgy31M_
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Tue, 07 May 2024 08:29:03 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 28
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
kzepp.com/de58699b19835fa95055edda02bd9dff.gif
0.0.0.0 0 B URL GET kzepp.com/de58699b19835fa95055edda02bd9dff.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectkzepp.com
FingerprintC9:67:1A:16:95:85:5B:A9:C9:55:49:94:0D:6B:C6:C3:A8:72:E0:C3
ValidityMon, 15 Apr 2024 15:27:56 GMT - Sun, 14 Jul 2024 15:27:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de58699b19835fa95055edda02bd9dff.gif HTTP/1.1
Host: kzepp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
m6690.top/9e89f97538513af8d10754a279e95972.gif
0.0.0.0 0 B URL GET m6690.top/9e89f97538513af8d10754a279e95972.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm6690.top
FingerprintC6:88:6E:CB:CD:69:E0:E7:F6:6D:3E:8F:A4:EA:F3:1D:E0:A2:F9:F7
ValidityThu, 21 Mar 2024 10:15:10 GMT - Wed, 19 Jun 2024 10:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9e89f97538513af8d10754a279e95972.gif HTTP/1.1
Host: m6690.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 02:36:39 GMT
etag: W/"66362074-b3f07"
expires: Thu, 06 Jun 2024 02:36:39 GMT
last-modified: Tue, 07 May 2024 06:10:48 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
simp229.com/8640c212ed4b8873323ab3a1034d64f9.gif
0.0.0.0 0 B URL GET simp229.com/8640c212ed4b8873323ab3a1034d64f9.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectsimp712.top
Fingerprint30:7B:55:4D:55:A0:87:1C:13:86:47:A7:19:7D:E8:83:95:1E:C7:EE
ValidityTue, 30 Apr 2024 12:27:42 GMT - Mon, 29 Jul 2024 12:27:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8640c212ed4b8873323ab3a1034d64f9.gif HTTP/1.1
Host: simp229.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sat, 04 May 2024 16:09:21 GMT
etag: W/"6542906c-f585"
expires: Mon, 03 Jun 2024 16:09:21 GMT
last-modified: Sat, 04 May 2024 16:51:41 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
mrtoss03.com/be0ba627e78d598446af353f3fa29066.gif
0.0.0.0 0 B URL GET mrtoss03.com/be0ba627e78d598446af353f3fa29066.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /be0ba627e78d598446af353f3fa29066.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 07:41:09 GMT
etag: W/"66160edd-649d2"
expires: Thu, 06 Jun 2024 07:41:09 GMT
last-modified: Tue, 07 May 2024 07:42:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
cooann.top/6fff83b64f59a954e828d2a57bce06d9.gif
0.0.0.0 0 B URL GET cooann.top/6fff83b64f59a954e828d2a57bce06d9.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectcooann.top
FingerprintA9:B2:45:84:BB:96:EB:00:F0:1B:11:ED:EF:99:AB:CF:29:06:42:BC
ValidityWed, 24 Apr 2024 23:39:14 GMT - Tue, 23 Jul 2024 23:39:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /6fff83b64f59a954e828d2a57bce06d9.gif HTTP/1.1
Host: cooann.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 08:07:21 GMT
etag: W/"66250775-dcad"
expires: Thu, 06 Jun 2024 08:07:21 GMT
last-modified: Tue, 07 May 2024 08:25:47 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
mmn734.top/8992edc78009baa534827c5271e40b71.gif
0.0.0.0 0 B URL GET mmn734.top/8992edc78009baa534827c5271e40b71.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmmn734.top
FingerprintD7:16:7D:E5:27:7B:CC:B5:5B:84:82:76:A2:34:AB:53:3C:04:16:AD
ValidityTue, 19 Mar 2024 16:11:36 GMT - Mon, 17 Jun 2024 16:11:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8992edc78009baa534827c5271e40b71.gif HTTP/1.1
Host: mmn734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Mon, 06 May 2024 16:49:54 GMT
etag: W/"66128373-33682"
expires: Wed, 05 Jun 2024 16:49:54 GMT
last-modified: Mon, 06 May 2024 16:49:55 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
rsnn51.top/08c829dda518c9ef6f53a74de90b4fc8.gif
0.0.0.0 0 B URL GET rsnn51.top/08c829dda518c9ef6f53a74de90b4fc8.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectrsnn51.top
FingerprintF5:E2:FD:F5:AE:8A:88:C0:7B:8A:58:C7:D9:C7:FD:27:CD:CA:73:E9
ValidityFri, 12 Apr 2024 08:49:15 GMT - Thu, 11 Jul 2024 08:49:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /08c829dda518c9ef6f53a74de90b4fc8.gif HTTP/1.1
Host: rsnn51.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
mrtoss03.com/37f80e45c1f5127bd46f0e7a48cd1424.gif
0.0.0.0 0 B URL GET mrtoss03.com/37f80e45c1f5127bd46f0e7a48cd1424.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /37f80e45c1f5127bd46f0e7a48cd1424.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 07:28:09 GMT
etag: W/"646610db-dfc1"
expires: Thu, 06 Jun 2024 07:28:09 GMT
last-modified: Tue, 07 May 2024 07:41:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
mrtoss03.com/57fb8bdfd30b4be742c671436a947daf.gif
0.0.0.0 0 B URL GET mrtoss03.com/57fb8bdfd30b4be742c671436a947daf.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /57fb8bdfd30b4be742c671436a947daf.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 07:35:54 GMT
etag: W/"660cd8c7-145b3"
expires: Thu, 06 Jun 2024 07:35:54 GMT
last-modified: Tue, 07 May 2024 07:43:08 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
cooann.top/107f3bebdf35e2795dbadf8c5f5d6a41.gif
0.0.0.0 0 B URL GET cooann.top/107f3bebdf35e2795dbadf8c5f5d6a41.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectcooann.top
FingerprintA9:B2:45:84:BB:96:EB:00:F0:1B:11:ED:EF:99:AB:CF:29:06:42:BC
ValidityWed, 24 Apr 2024 23:39:14 GMT - Tue, 23 Jul 2024 23:39:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /107f3bebdf35e2795dbadf8c5f5d6a41.gif HTTP/1.1
Host: cooann.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 07:30:21 GMT
etag: W/"66250797-af6a"
expires: Thu, 06 Jun 2024 07:30:21 GMT
last-modified: Tue, 07 May 2024 07:58:47 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
mrtoss03.com/dd11214b04687433483a414863e52fe2.gif
0.0.0.0 0 B URL GET mrtoss03.com/dd11214b04687433483a414863e52fe2.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmrtoss03.com
Fingerprint9C:2E:33:1A:9E:F9:DE:02:78:F9:51:30:E5:BE:39:67:CA:BA:09:98
ValiditySat, 20 Apr 2024 06:38:17 GMT - Fri, 19 Jul 2024 06:38:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dd11214b04687433483a414863e52fe2.gif HTTP/1.1
Host: mrtoss03.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 03:41:08 GMT
etag: W/"65193a07-3f99a"
expires: Thu, 06 Jun 2024 03:41:08 GMT
last-modified: Tue, 07 May 2024 03:41:09 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
kky0707.vip/960-120-vip.gif
104.21.74.222200 OK 702 kB URL GET HTTP/2 kky0707.vip/960-120-vip.gif
IP 104.21.74.222:443
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectkky0707.vip
FingerprintF1:B4:D5:60:C6:81:D1:39:2A:14:2E:80:7A:2E:3B:44:63:BF:CA:8D
ValiditySun, 28 Apr 2024 08:32:33 GMT - Sat, 27 Jul 2024 08:32:32 GMT
File type GIF image data, version 89a, 960 x 120
Size 702 kB (702350 bytes)
Hash 4c6835ffb9ab8df7a8251b9d90518873
390b81a607a4b81928b2524d49e986101dfba022
9c66a9c4ef49648974f64bfda50f3159dbbead287cca4b41228418745a40bc33
GET /960-120-vip.gif HTTP/1.1
Host: kky0707.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 08:29:18 GMT
content-type: image/gif
last-modified: Wed, 10 Apr 2024 07:06:15 GMT
etag: "66163a67-ab78e"
expires: Tue, 28 May 2024 09:30:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 545002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKBqFjget3dP2dC8jEuJ6VGeDlWgViXuFYh%2B%2FhtDBSr%2B1lRMNO6c7uL8qW9KRH624xGtpUrGH2hSm%2BaSpqg8%2F7sWciJnGwKg%2Bpf1AhUj1RwsaIBT27%2F9MHtI5Lu23A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffd76dbdc40afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
m6690.top/b84adb28cdaa7647308a4a6e1a1db3b0.gif
0.0.0.0 0 B URL GET m6690.top/b84adb28cdaa7647308a4a6e1a1db3b0.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm6690.top
FingerprintC6:88:6E:CB:CD:69:E0:E7:F6:6D:3E:8F:A4:EA:F3:1D:E0:A2:F9:F7
ValidityThu, 21 Mar 2024 10:15:10 GMT - Wed, 19 Jun 2024 10:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b84adb28cdaa7647308a4a6e1a1db3b0.gif HTTP/1.1
Host: m6690.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 07:27:21 GMT
etag: W/"66362078-803f"
expires: Thu, 06 Jun 2024 07:27:21 GMT
last-modified: Tue, 07 May 2024 08:27:47 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
m1170.top/0e9f55a4618ee7c0c581873af31b4162.gif
0.0.0.0 0 B URL GET m1170.top/0e9f55a4618ee7c0c581873af31b4162.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectm1170.top
Fingerprint5C:AE:EA:6E:22:90:AF:20:2D:0A:72:D3:46:BD:EB:86:77:47:02:6D
ValidityMon, 25 Mar 2024 18:09:57 GMT - Sun, 23 Jun 2024 18:09:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0e9f55a4618ee7c0c581873af31b4162.gif HTTP/1.1
Host: m1170.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Tue, 07 May 2024 08:25:21 GMT
etag: W/"662ccb11-1e3ef"
expires: Thu, 06 Jun 2024 08:25:21 GMT
last-modified: Tue, 07 May 2024 08:25:47 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
mmo3188.top/22e44ef501f06ae1a25ee77b135a895a.gif
0.0.0.0 0 B URL GET mmo3188.top/22e44ef501f06ae1a25ee77b135a895a.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmmo3188.top
FingerprintB2:6C:64:D7:7F:F3:ED:55:84:AC:7C:9E:CC:FD:D2:85:1E:54:4B:8D
ValidityThu, 21 Mar 2024 15:10:00 GMT - Wed, 19 Jun 2024 15:09:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /22e44ef501f06ae1a25ee77b135a895a.gif HTTP/1.1
Host: mmo3188.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=2592000
content-encoding: gzip
content-type: image/gif
date: Sun, 05 May 2024 06:15:48 GMT
etag: W/"652e2bd1-854bb"
expires: Tue, 04 Jun 2024 06:15:48 GMT
last-modified: Sun, 05 May 2024 06:15:49 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
migo011.top/c4e2fb784c20e73148a221bbc4d12350.gif
0.0.0.0 0 B URL GET migo011.top/c4e2fb784c20e73148a221bbc4d12350.gif
IP 0.0.0.0:0
Requested by https://107.149.199.61:38689/
Certificate IssuerLet's Encrypt
Subjectmigo011.top
FingerprintBC:83:43:DF:5A:8B:D3:49:90:A8:D7:73:5B:46:A6:5B:E2:B2:0F:BF
ValidityTue, 23 Apr 2024 08:31:39 GMT - Mon, 22 Jul 2024 08:31:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4e2fb784c20e73148a221bbc4d12350.gif HTTP/1.1
Host: migo011.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://107.149.199.61:38689/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache