{"report_id":"ae450c07-1be0-43e7-b3be-c34ad1b3cf0a","version":6,"status":"done","tags":[],"date":"2026-03-07T09:39:16Z","url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.182.150","port":0,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"title":"东京影院","dom":{"size":156554,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8824)","md5":"63d06e1f78b8a5fe846daadced77c8a3","sha1":"62d51d671a688aea210983e70960e11e6218790f","sha256":"7605f851db72e8c2f99de3ee132fa1df216238efc0d557934a4dfea687912b05","sha512":"1d8695fd5a09c50a0a783f7742ff71ab972e3a8fd1fced8bcb09dd8711bb4f527156707f4e6fdf675e052ae02008937b97d2ced62cb2b7b096c6dc5289810a5a","ssdeep":"1536:L15i8U1SZfy+rdN68zNokBZpgkPCmwwOdNF:x5i8U1SZfv3yIiF","tlshash":"3ee3725213f8db25252509e287b83f99ee3a4607d4c9084174ec3fe69f44dea8b1b85f","dom_hash":"domhash43e00736d8ee8b0823a5de68f8d48653","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.182.150","port":0,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-11T09:39:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fsffbhd.4000522777.xn--fiqs8s","ip":{"addr":"104.26.7.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-31","domain_rank":0,"first_seen":"2026-02-08T15:30:41.519119Z","last_seen":"2026-03-02T14:58:29.631081Z","alert_count":0,"request_count":2,"received_data":1284554,"sent_data":974,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.jkuntupiaxxzz.com","ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2026-01-21","domain_rank":0,"first_seen":"2026-01-28T07:38:35.46468Z","last_seen":"2026-03-06T12:09:51.961938Z","alert_count":0,"request_count":15,"received_data":1378596,"sent_data":7320,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"txdy.hznunxc.com","ip":{"addr":"157.185.128.120","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"domain_registered":"2025-07-15","domain_rank":0,"first_seen":"2026-02-12T23:34:46.222479Z","last_seen":"2026-03-06T10:32:29.455701Z","alert_count":0,"request_count":1,"received_data":120302,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sbzytpimg4.com","ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-04-24","domain_rank":0,"first_seen":"2026-01-09T01:30:30.561069Z","last_seen":"2026-03-01T17:52:05.500667Z","alert_count":0,"request_count":18,"received_data":3020404,"sent_data":8730,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":61670,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2026-03-04T23:10:25.092548Z","alert_count":0,"request_count":11,"received_data":3295109,"sent_data":5386,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"d18wfmxtvthwf6.cloudfront.net","ip":{"addr":"54.192.209.161","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-10-19T14:31:41.989548Z","last_seen":"2026-03-02T03:05:13.284748Z","alert_count":0,"request_count":2,"received_data":557564,"sent_data":905,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"11224.xn--gps-8y0gm25n.xn--55qx5d","ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"domain_registered":"2025-04-18","domain_rank":0,"first_seen":"2025-12-12T01:01:33.916178Z","last_seen":"2026-03-02T14:58:30.066784Z","alert_count":0,"request_count":1,"received_data":686929,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pic.sex8sex844.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-25","domain_rank":0,"first_seen":"2025-11-17T08:50:51.130806Z","last_seen":"2026-03-03T22:51:28.469404Z","alert_count":0,"request_count":12,"received_data":1502456,"sent_data":5388,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"d3ccefxs96519j.cloudfront.net","ip":{"addr":"54.192.209.125","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-06-30T07:13:17.425046Z","last_seen":"2026-03-06T18:33:33.366879Z","alert_count":0,"request_count":1,"received_data":96183,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"img1212.syhze.com","ip":{"addr":"205.198.65.15","port":443,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2014-05-15","domain_rank":0,"first_seen":"2025-12-21T08:33:05.525239Z","last_seen":"2026-03-07T01:42:14.214173Z","alert_count":0,"request_count":2,"received_data":940974,"sent_data":890,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"dq38rjje7qjm3.cloudfront.net","ip":{"addr":"54.230.245.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-03-24T19:11:01.50764Z","last_seen":"2026-03-06T23:17:34.307628Z","alert_count":0,"request_count":1,"received_data":94060,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"img.meituan.net","ip":{"addr":"163.171.134.109","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"domain_registered":"2010-01-25","domain_rank":189994,"first_seen":"2017-02-03T02:36:44Z","last_seen":"2026-03-06T03:12:30.353861Z","alert_count":0,"request_count":1,"received_data":407470,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bfm.djyy2.beer","ip":{"addr":"154.26.182.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"domain_registered":"2026-02-19","domain_rank":0,"first_seen":"2026-03-07T09:39:21.012861Z","last_seen":"2026-03-07T09:39:21.012861Z","alert_count":0,"request_count":11,"received_data":479391,"sent_data":4625,"comment":"","tags":null,"fingerprints":null},{"fqdn":"2026tu.myxuanxuan.com","ip":{"addr":"43.152.43.121","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2016-04-10","domain_rank":0,"first_seen":"2026-01-26T20:19:42.17682Z","last_seen":"2026-03-03T01:49:52.828292Z","alert_count":0,"request_count":1,"received_data":643926,"sent_data":446,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.mdynieu.com","ip":{"addr":"161.129.35.190","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-07T12:04:46.874157Z","last_seen":"2026-03-02T14:58:31.744236Z","alert_count":0,"request_count":1,"received_data":407041,"sent_data":458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"11221.xn--gps-8y0gm25n.xn--55qx5d","ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"domain_registered":"2025-04-18","domain_rank":0,"first_seen":"2025-12-03T14:43:28.608781Z","last_seen":"2026-03-07T00:44:22.321285Z","alert_count":0,"request_count":1,"received_data":596934,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-12-18","domain_rank":0,"first_seen":"2026-01-09T02:45:23.4071Z","last_seen":"2026-03-06T15:02:46.621404Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":487,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img1.ah7907.com","ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-11-08T09:13:57.808607Z","last_seen":"2026-03-06T18:33:33.708453Z","alert_count":0,"request_count":4,"received_data":631360,"sent_data":1756,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"aosikazyy.com","ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2026-01-27","domain_rank":0,"first_seen":"2026-02-04T06:52:44.115423Z","last_seen":"2026-03-06T10:28:17.305962Z","alert_count":0,"request_count":13,"received_data":3131543,"sent_data":5772,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"la.lashayu.com","ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-05-31","domain_rank":3641502,"first_seen":"2025-06-14T15:54:25.098652Z","last_seen":"2026-03-01T16:46:53.933802Z","alert_count":0,"request_count":1,"received_data":38820,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pg888.12img707989.com","ip":{"addr":"205.198.65.15","port":5658,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-12-17","domain_rank":0,"first_seen":"2025-12-18T04:56:01.819009Z","last_seen":"2026-03-06T10:32:29.6222Z","alert_count":0,"request_count":1,"received_data":732708,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"bfm.djyy2.beer/abc/fixed_ui_acb8d6.js","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"52ffcac7ae0cc4e6d6ca050860ee0a38","sha1":"1d6c0c59672d85505df772f90c2a2105ef371db6","sha256":"f50412dfcbb61a54e85e9d0dad5c1cf5cd9e5d749bbc3144a6f61190fc8915a2","sha512":"ff7614e38852ee636d04bf1ee8a02532708607314389acf0b9107721ee356e9f2f7542e6de169605f2022600e7b330104dcb99703bc209eacc3133f8a95c841b","ssdeep":"96:WirFraHaXsMwE4xg20SEE2fEjTzg23CuBJkiThoP5VYb5G6JS/lWrNG+psKQUX:vBpw7m20SErf0T82CuBJI5VGGg+galUX","tlshash":"18b1846e79e33196892330b48fff150836329113910ddd907c0d91a46fa9b946676ff9","size":5585,"data":"","first_seen":"2026-03-07T09:39:32.794465Z","last_seen":"2026-03-07T09:39:32.794465Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.182.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e8c900332d4e296b96c4bbf857f43cd9","sha1":"c68d0a32c7eeb0d60d336988362ef1aa2099a489","sha256":"f31bdc3d113f966b60a79a47806708fa4f7cdd5145638452023add747d9becfa","sha512":"22edc4c2706f44c8c84fcbfdc94193a8cf66ef47af4c3ee14e11ccf563c3c0b4a635701ff69c359f64437595f82294fcacd7393d07a0a803c3edc2a6d57bbf3b","ssdeep":"","tlshash":"72b09b81350d549505170635d0777b1977313f54d57455408654b5a19517f0cb067b14","size":127,"data":"","first_seen":"2023-03-07T14:15:35Z","last_seen":"2026-04-04T12:57:38.490969Z","times_seen":5483,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"img1.ah7907.com/bt960120a.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /bt960120a.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":292628,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1584,"timings":{"blocked":148,"dns":341,"connect":288,"send":0,"wait":442,"receive":0,"ssl":363},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260304-22/bcd9f8dda9619396aacec3fda6286787.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260304-22/bcd9f8dda9619396aacec3fda6286787.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 80032\r\nConnection: keep-alive\r\nLast-Modified: Wed, 04 Mar 2026 03:12:16 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a7a310-138a0\"\r\nExpires: Fri, 03 Apr 2026 03:29:00 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80032,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"e52163260a5d4bbf8e0be4ce83ba2a30","sha1":"98717a8b8940485208423a15ec3091b3e72868fe","sha256":"d773ac0de69a4e9b55f8e5ea012c6b39413997508d32e0eec472da5457d95d54","sha512":"16e4c41aa37a03a8ebca36f347c0eabd7a900f83bf23cc0e68e5dd65481ad471f0e2b47d714eb3c3913960e427bb7d9a11d283eae740c64334d49ca49f81853c","ssdeep":"1536:5T64kJ9EViZlq0ypAff1M87mTUTlulfQoZ07D9GRJSV12yVdEYz+5G:l6/J9E0ZlyAXC8iUT4l4oZ0lggAU2u","tlshash":"76731225e624dce85e59c472ac525b48f81b7e33bc7e7c2114d676c06eff9b296100b4","first_seen":"2025-11-27T08:37:24.667326Z","last_seen":"2026-03-07T09:39:32.747263Z","times_seen":2,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":666,"dns":0,"connect":0,"send":0,"wait":174,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.hznunxc.com/960x120.gif","fqdn":"txdy.hznunxc.com","domain":"hznunxc.com","tld":"com"},"ip":{"addr":"157.185.128.120","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.hznunxc.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 11 Feb 2026 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:1B:5C:BB:4A:86:94:97:1F:FD:C6:4E:1E:49:73:4B:A8:80:1F:A7","sha256":"AF:92:C9:25:B6:70:75:C0:04:EC:5E:04:B8:5F:6F:C1:11:04:3A:C3:D6:3E:61:46:65:D5:81:E5:D9:BE:03:37"}}},"request":{"raw":"GET /960x120.gif HTTP/1.1\r\nHost: txdy.hznunxc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 119760\r\nexpires: Sat, 14 Mar 2026 12:28:02 GMT\r\nserver: nginx\r\nlast-modified: Mon, 29 Dec 2025 06:33:05 GMT\r\nvary: Accept-Encoding\r\netag: \"695220a1-1d3d0\"\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: 1.1 PS-ORD-04i3e151:8 (W), 1.1 PS-FRA-01uMN61:10 (W), 0.0 PS-CDG-04gzn111:11 (W)\r\nage: 1977054\r\nx-px: ht PS-CDG-04gzn111none\r\nx-ws-request-id: 69abf230_PS-CDG-04gzn111_40956-7707\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119760,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"149b6d51518d57a39011a6971132ffa2","sha1":"529eeaead1047e4eddd186cfad5015aa987c4e14","sha256":"72c2db6b6259e584134783af7112131d031638bd29be489d53f58d7db2a8b7fb","sha512":"2e2e211b2e27bb10b1deed4cb4460866eeaff5ae5bcac6a550d7906225add955ad68ae8efdf5133d8fb7783a29d00cb72d170af8305c4fd510b5e3ea5a0a155f","ssdeep":"3072:l/GDzsUvQAUdTbhVQ3VFYDAoY/JJM6jqYm433v1:u4UI3TbKVcYDMFQ339","tlshash":"36c3123b424b4782376d70b07bf1e6058186800eae7a3597a562ca870fb1e7585ddc93","first_seen":"2025-12-29T08:49:02.459481Z","last_seen":"2026-04-04T15:25:57.273623Z","times_seen":4445,"resource_available":false,"data":null}},"time_used":1683,"timings":{"blocked":133,"dns":678,"connect":30,"send":0,"wait":34,"receive":122,"ssl":686},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.182.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T09:38:52.228Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cn/home/web/ HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: text/html;charset=utf-8\r\nVary: Accept-Encoding\r\nX-Frame-Options: Deny\r\nContent-Encoding: gzip\r\nContent-Length: 21982\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nCache-Control: public, max-age=3600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":149318,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (443), with CRLF, LF line terminators","md5":"db6ac2ec0243370d48eedbd72d569a01","sha1":"4e2cd33edc439eee455f7fbe3dc6b518f21a0ce6","sha256":"c2a38579da77b3efa1c0ad4a92889bc9f03f36af94a31905eb11307b474f97ed","sha512":"106b00fd49ad6e50518d841f39079278d3680fa127aceaabfe6e1138835a3d4fcdef8ca38647b3886a68458bdbbca37914da929e509406ef4ae748018a73f9fd","ssdeep":"1536:KBr1iYMLzy2I4Rzg54a/z7diwnR322XO30R5Xqqdd:Gr1iYMLzyita/zxiwnJke","tlshash":"cee34f6252c4ab26163509d387b87f99fe3b4643c1c90a0174ed3be74f79da84b2385b","first_seen":"2026-03-07T09:39:32.753165Z","last_seen":"2026-03-07T09:39:32.753165Z","times_seen":1,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":154,"dns":1,"connect":153,"send":0,"wait":154,"receive":170,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260304-1/4c3f20dfa9e42848b889b97f3046fb7f.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260304-1/4c3f20dfa9e42848b889b97f3046fb7f.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 61014\r\nlast-modified: Wed, 04 Mar 2026 03:05:36 GMT\r\nvary: Accept-Encoding\r\netag: \"69a7a180-ee56\"\r\nexpires: Fri, 03 Apr 2026 03:25:44 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 281589\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61014,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"44ae06a992abc006435e93806a8cfe10","sha1":"dea79473b86c7cdf2a6c9305502e995f56a1cbdc","sha256":"9052eb0a9dc998691ade462e159df09feacaa3bc0838afd520a73c75a6bd832b","sha512":"16fea3cbaa4cf554f8ac0043a81077781c8b5091a2a43a3528de55a6c63ef85599e99b5623c362e06eec607b37cffe77e5ccb177bc34489be29e2faedc55718e","ssdeep":"768:hDYyH56xr//zLdzaGv/HH35GOTtF9Ibl5QAXtmIGIYEYl2Ai0h3xyypVCfi5xpK1:Rr5+L/zZPXHpFYbJmbXNikDpUAKN/","tlshash":"0053022c5cbffd82fcf1923ee8732a55c284662db3927de3e95d67a6008339865c9144","first_seen":"2026-03-07T09:39:32.756461Z","last_seen":"2026-03-07T09:39:32.756461Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1295,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":639,"receive":434,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/I5bANPUh/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/I5bANPUh/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 198889\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:01:29 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e6d9-308e9\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 6639\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TvNYh992UbHzDdhpmlfeSgRdzIgEMw1zp%2BXYfjTLyja7M56SVnkgQPAdxHavZaiavaTYTiyw5mxDnQu%2FFBHTaaMlaThiXhUQz12jYgJUW0Pg7g%3D%3D\"}]}\r\ncf-ray: 9d88a139beb71f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":198889,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"48d346f2e330784f68ade4ffb20e664b","sha1":"d7bfeb9f0429c0d04c23db3cd72df2b85d104bd9","sha256":"bd829bcb459603f5e28f3fd71c1b0b731fb89ae6cac216d559d5125972b3437c","sha512":"0371e63fee0623e28d0b27908cac0a83d6db351c146f40189605bcec7f90096181600189c4480b408dcc3351fe2ede449965bb14ba4e8c0404670423e2cc2191","ssdeep":"3072:5zRAyvBlQCMEFQ3ufaWpF932qbvV0FK2gPXba28cad9vY3y0cRp830f3/uEMdE:5zDvByCFdPN/hPLz8C3/cB3uXdE","tlshash":"971412a8635dc451edaced99668cc47c45e9c972a29061cef8be2fcbb1935c03be1053","first_seen":"2026-03-07T09:39:32.758787Z","last_seen":"2026-03-15T10:45:29.590339Z","times_seen":2,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260302-1/76bd7712881a863fa12a07b0728e591e.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260302-1/76bd7712881a863fa12a07b0728e591e.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 136068\r\nlast-modified: Mon, 02 Mar 2026 03:25:03 GMT\r\nvary: Accept-Encoding\r\netag: \"69a5030f-21384\"\r\nexpires: Wed, 01 Apr 2026 03:50:58 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 452875\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":136068,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 718x404, components 3","md5":"e717e09fcf9f41969011d4a18d8d47ae","sha1":"852b4579dd524a4fee7bcb3534d67d73de89577b","sha256":"ddf156cbab279ead178794810d658e375cfcdc711afe9e0ee2c7ec9f96b5ab7b","sha512":"0ed1c11eb4b034e871c2c2525123b7eebf45d9330883827b6648d3714dc6c335e37dd26e3e650c78466d45af0b61d41d4d69e865417154c060ad3eb2de908a11","ssdeep":"3072:kbhvUUoWN/tkRYp+zqHyj49bPUo4+SRD+vtO1pSML1jZtwZpj7w7:ORptkRy+znc9hoRD+vtO1pjZcu","tlshash":"6ad3120d4ce10a6f99b2a3afd1731b18978388f51991f2979eb27280eb5c01c6266d5d","first_seen":"2026-03-07T09:39:32.761068Z","last_seen":"2026-03-07T09:39:32.761068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":529,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:57.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 44406\r\ndate: Sat, 08 Nov 2025 08:42:46 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: a3b55ca117625913666853618e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache2.l2de3[0,0,200-0,H], ens-cache11.l2de3[1,0], ens-cache9.se2[0,0,200-0,H], ens-cache9.se2[4,0]\r\naccess-control-allow-origin: *\r\nage: 10284971\r\nali-swift-global-savetime: 1762591366\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 08 Nov 2025 09:25:38 GMT\r\nx-swift-cachetime: 31533428\r\nback_uri: /imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif_.avif\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763370057221e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":44406,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"7fe888844a25455b732401ff74cfd8ab","sha1":"8d19e04de42c10ba020a85c53ce0a89e68228df8","sha256":"f85ce364be6d1d2dd090b2fc02ab3e6dc3013b61a85576e4c0eb4ad8fa408e31","sha512":"a046e5c42fbd73895fe7f7add8d2511b9f5aa297d99ec108c8f47cd4546a16af813bfc54314c865b4c13a74c7be17429c341d1ecc327ee344074221732ba2d2e","ssdeep":"768:/6Qbzz7QUHPIskU5/Eg59QCK5Py43ZKFbVeI0D0gwKjewJ+Tsxfz0JWOyndv7mzv:ykQnskU9lXFK5P3ZKFbV10YRKjdfzOgW","tlshash":"3813013d7682d0410e2e367675f0c638fb9ad9dac96d34dbba795528644403c7c0939b","first_seen":"2025-11-09T02:30:37.980535Z","last_seen":"2026-04-04T15:25:57.457665Z","times_seen":7888,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/10VxhNPy/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/10VxhNPy/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 178652\r\nlast-modified: Fri, 06 Mar 2026 03:21:43 GMT\r\netag: \"69aa4847-2b9dc\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":178652,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"31615b4265752eb1096a383dba58d7bd","sha1":"e6e62972155e3ae1498dd2cf0e990448e674848b","sha256":"c9370753597a17a5c98b9e89bf3ca85f918adc170077cb2f4f4677ee7fbd275d","sha512":"28ba2a94195763209e6f9562c3eb3c2ce2a7f0f710ef35e75df5a5dcfb2d1d8c8b58b14fada95a55158ab446408c775eceb49aca16ed42ed1cea0697dd680b5c","ssdeep":"3072:RORn7hjjfJ5ZTRSXrWJcBDirDCgQuEDARZkBQLnY5+1matnoInG:RORnV3J5jSaJ9rmWY56dtnLG","tlshash":"bf0412138536cbb3831c86e96fa35e34776f3f0550e5aaca9160ecfc262491224e657d","first_seen":"2026-03-07T05:06:16.921706Z","last_seen":"2026-03-07T09:39:32.76438Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2348,"timings":{"blocked":1271,"dns":0,"connect":0,"send":0,"wait":619,"receive":458,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/J6pinD2f/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/J6pinD2f/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 80300\r\nlast-modified: Fri, 06 Mar 2026 03:21:48 GMT\r\netag: \"69aa484c-139ac\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80300,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3","md5":"f69ffc76ced21d14f83c1aa7e63d65f5","sha1":"265215fdd2e2f2811b0e58e9b61961acf628f31c","sha256":"d65497446406457da84a5b731213866f4c56c79a39051f04d9e0ce2954a284e5","sha512":"bee70eee2bd6f4bea74618a9ddf4de362db4c2628e60da45f50c820200d2683ea2f7405dac2ffbbb71244a94db39f45c9cc9d623ce86c1cc091dada5d3cdaadc","ssdeep":"1536:SRVjCUj5bplgubuQVc6ePm/Nt1eljiS91FswOGKUdoZg5iYqd2:G5bpeubxVTo8Nt1XS9nxnKcoZg5iYqd2","tlshash":"c7731203635ce75781cf6a75b8ea54ed0b69160e017924f2db09378758cb2392cf9b36","first_seen":"2026-03-07T01:42:25.271534Z","last_seen":"2026-03-08T09:13:05.005199Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2261,"timings":{"blocked":1269,"dns":0,"connect":0,"send":0,"wait":619,"receive":373,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/73cf794d1e5b8d52dd37998474a848dd.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/73cf794d1e5b8d52dd37998474a848dd.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 67731\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:19:15 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa47b3-10893\"\r\nExpires: Sun, 05 Apr 2026 03:44:04 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67731,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"de73f3b993171b74b41f9fa5563e5f46","sha1":"bd79d330735841e7c455a406035f7e75cc7561b1","sha256":"b1d87d6c56d36f5127182f04562161273240c16b219b2e639fdc9121ae6ae6a6","sha512":"75ff5b07ec9c97d2ea740d1a77416b88977ecb5a7e5e76de457b7b4a4356f1d4cb2d2951ba0bc1bee7eb8b276344278eb3ac26a90df8c411096b22e687db035b","ssdeep":"1536:QZvWH2Rx/mc8SaOsDTOASBX2mGO0PYa2wmyfjEl32DdpjVRLdixt4:8vWH2Rx/mc8SyDT9OEdPTtmQjEl32HZl","tlshash":"316302bbdd1c1617e4f2e6feed456247a0c6c7f3fb1ac1847602e84156ecc88d22462a","first_seen":"2025-11-15T01:04:12.962351Z","last_seen":"2026-03-07T09:39:32.767391Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2637,"timings":{"blocked":746,"dns":736,"connect":150,"send":0,"wait":201,"receive":269,"ssl":531},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/4ee92c461527b71b4b862c7eaca520c3.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/4ee92c461527b71b4b862c7eaca520c3.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 65412\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:23:16 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa48a4-ff84\"\r\nExpires: Sun, 05 Apr 2026 03:30:45 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65412,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"2577f0eabf34b968138b874abea5df46","sha1":"1bc9dcc36491f344333b2781ec61395b543900e8","sha256":"643dfa4a59bbdfa13599bd1fee5a1146b1dcd21932a6d80a752b54908f72bfd3","sha512":"221b410ac7ae421b9f31e1c131614c880c5c98aa06a3d83163c2494aa5b405e4c32c4de0394a118789e34f9d080fbac4d2fef6cce9960384a261ce132d4c37f1","ssdeep":"1536:5deOhl9E0fbR8AJ4FRP/D30e/tRD9GAp+iKy4puXrelch:vjEcbWAJ6J/DE0zD9GApSyAuDh","tlshash":"385302eff9493d84ba704a757a8ad05192c7055dcf26088e6bb35ae5f70f14e1230a0e","first_seen":"2026-03-07T09:39:32.769727Z","last_seen":"2026-03-07T09:39:32.769727Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1317,"timings":{"blocked":990,"dns":0,"connect":0,"send":0,"wait":203,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260303/uUohVXzc/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260303/uUohVXzc/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78987\r\nlast-modified: Wed, 04 Mar 2026 03:10:12 GMT\r\netag: \"69a7a294-1348b\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78987,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 620x416, components 3","md5":"ac097e64f52540773e5a1ac769efdfff","sha1":"9e18f7257efb5bc7b7d2822764e75edbca677536","sha256":"b8c71282ba6ecc2915e17466ad199c8fa99cef68dcd6c95a21a5941c05978442","sha512":"586920ccb5ae6d3708bf4ab56808fa418bd83cbbe3aaaeeb66a3280d302b57ffc57d334e920daba0f7565daeabfed72d00b04c77bc0dbb93a89f624115f079f3","ssdeep":"1536:NMo7LtbZ+Q9939JZTfCNvlcYNEMSI/sLs61105tPDqQ130EDHw:JLtoQD9HA2YNEo/nBpuh","tlshash":"1b73021e0ff005355d2a14b243f84c44da882bdab7a535fe78e299b5b235267e8fb00d","first_seen":"2026-03-07T09:39:32.77186Z","last_seen":"2026-03-07T09:39:32.77186Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3616,"timings":{"blocked":1659,"dns":1,"connect":146,"send":0,"wait":147,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/857d4586ad82a3b544568cce0269a90b.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/857d4586ad82a3b544568cce0269a90b.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 62753\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:26:31 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa4967-f521\"\r\nExpires: Sun, 05 Apr 2026 03:30:42 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62753,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"350ee4a96cf67b7bf75f9ddc12a28d5e","sha1":"88ddc6e2c2336e8249d6d5dc7423ba2c5c5e7d9e","sha256":"e14f75c0afc04be9b281a2b76a82097616d9097e51adee43d118e1ac8f6a715d","sha512":"c74b474fbcf050007cef17e74f1b237b2a89620c9b36f4a4aac5bdd49bf5e19775892a3eff9f670c98dcfac0222cf677970986e48d8d977891433d7305b0f587","ssdeep":"1536:5yoNuGjmVKkcJEELboxh+2JypMmxtuxVEC8I9iDfYX:ImuaaEHgRPHxVd5X","tlshash":"0a5302e2c975a0c17e0fc27a415f234a8a64f9e8e1e7cd18274cc2950d6cc53c759ade","first_seen":"2025-11-23T14:34:00.451237Z","last_seen":"2026-03-07T09:39:32.773829Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1240,"timings":{"blocked":1011,"dns":0,"connect":0,"send":0,"wait":187,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/template/026_tpl_wap/font/voltaire.woff","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.074Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cn/home/web/template/026_tpl_wap/font/voltaire.woff HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/cn/home/web/template/026_tpl_wap/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: font/woff\r\nContent-Length: 12272\r\nLast-Modified: Thu, 05 Aug 2021 09:59:50 GMT\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nCache-Control: public, max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12272,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 12272, version 1.1","md5":"e90f2c37f5eec773d76aa74c308b9527","sha1":"31b91804b2032e7ea462e35c99c280f4232e0b1b","sha256":"60103feb887fb33c9039f446339a21c8f3fb839ea050de3d4c12066f81151707","sha512":"0132533537f685e1e7069649b45579c465b732b3760130274a34f1e5f323bcafed86d926db500b0f202b69765d2b04919d04a977a899b45b8108143286a71746","ssdeep":"192:uBF9Vv6SCMegjHEnps3dYvC5LIPKIREChrT/QqaMrDcU+jqJbNItjxacXx25YhGv:uTLIWEps3dsC5LI1ECh3Qq3x+j6bypxM","tlshash":"b342bfa1469817d8fcbf4b3933e0125e20c33f584e297294211ee6f659bc2981ebeb11","first_seen":"2023-05-01T22:03:42Z","last_seen":"2026-03-31T15:54:33.973524Z","times_seen":631,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/cfb9f166b620550c0a5548732595e25b.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/cfb9f166b620550c0a5548732595e25b.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 148206\r\nlast-modified: Fri, 06 Mar 2026 03:17:00 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa472c-242ee\"\r\nexpires: Sun, 05 Apr 2026 03:34:09 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108284\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":148206,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x536, components 3","md5":"238a855da0d3a153ac6da6a3e929cddc","sha1":"6b7c3927d36b5e5e34ff5416b5035eb7f9badc8e","sha256":"5a3da96c017b82749f9819c6a1328d4b0b0e8c2dbfd8cf9406cf5019ddaf4588","sha512":"0b0c38c9466047d7a31f0e93441def92a157640f6b5c41ee73f8ed0fe2112b7da5ab7dd333e455f06b32a2133ded2e284cce29ea465262973571e46d006484eb","ssdeep":"3072:05n7enY1GewZS6q6r8LSToYz3Mmr1nNbx/QYImdfHp9WOBcsIMl3GnLSiB//ME+:056n5e0ErLSvNb91TcOBwM3GLSi1/L+","tlshash":"c9e3136b195746268f11d273069e10ede691b56431e24383a39281faee1dc1efc78ff4","first_seen":"2026-03-07T08:50:55.30673Z","last_seen":"2026-03-07T09:39:32.777031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":221,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/9d6ea63447f831a64cfd8936906ea59b.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/9d6ea63447f831a64cfd8936906ea59b.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 42184\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:21:43 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa4847-a4c8\"\r\nExpires: Sun, 05 Apr 2026 03:27:38 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42184,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: \"Lavc57.51.100\", baseline, precision 8, 368x640, components 3","md5":"cae38f0bfd10a4dfcfb6656c887d9d37","sha1":"56f5a9f5e6af25de852ee62af5097821afa6b4bc","sha256":"7c145130ad40abddd9cbf1fd242941ce79ab07a9ca091e4dede67f8b4d60f7ec","sha512":"0715dffddef4af6ff106e3b7f0a4f4ed724c4029fa4d57e54b1bd49a521957e7281315a8df7be0360d7227e176163ce8cc608015fedc498f1b6f62cc336c37cc","ssdeep":"768:4oXuwZfc1Fn5m2nimpxi3w1MUaufQEZ78BXG9utXrg67aMQktuTr4lpaV:4QgB8/mDl6UHfp8eu1rgaPMslpaV","tlshash":"e913f2c7ef9306c5d883f597a52325dedec4e78569b068ec933a2a665320dd40992334","first_seen":"2026-03-07T09:39:32.778388Z","last_seen":"2026-03-07T09:39:32.778388Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3290,"timings":{"blocked":1259,"dns":0,"connect":146,"send":0,"wait":186,"receive":180,"ssl":1516},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260305-23/1ff11d14d74d921fcc4f125f933aa7c1.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260305-23/1ff11d14d74d921fcc4f125f933aa7c1.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18240\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 03:40:07 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a8fb17-4740\"\r\nExpires: Sat, 04 Apr 2026 03:59:21 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18240,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 288x163, components 3","md5":"a13eff47b00427450a27a0fa21f5debc","sha1":"edfaf978f3d95745f8933e18d369f560ed015213","sha256":"e0f0a6534ff42bf762908e264dd8e69bfbd4bdb367662072e0000a3bbeeede04","sha512":"bb6e86679230cb146690f01dd892f18d4fbb7ddf2b9fd469355d8a688f9aac6aed3957887cd2d2751597ce434c564bcf6d5b59fb826eabe76493a37fe2f8a407","ssdeep":"384:Aw31yLc58TuHWeiUTcOw8IdfLxU233NyZxGBnkAm/UBPhr:tFyLcmTuHbrZwLjxduxivPB","tlshash":"9e82d0a2eb5ff9ceea7504b4597081e6873a7c4cf1992351cde24f443768c930b4299a","first_seen":"2025-07-12T10:40:07.082835Z","last_seen":"2026-03-12T03:28:22.061054Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1087,"timings":{"blocked":879,"dns":0,"connect":0,"send":0,"wait":201,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026tu.myxuanxuan.com/mt2026-8qssd0z7qb","fqdn":"2026tu.myxuanxuan.com","domain":"myxuanxuan.com","tld":"com"},"ip":{"addr":"43.152.43.121","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2026tu.myxuanxuan.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 18 Jan 2026 00:00:00 GMT","end":"Mon, 18 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"89:A5:51:BC:5F:09:A7:47:86:8A:45:EC:EE:78:46:C6:17:A3:08:CD","sha256":"02:BE:A0:16:7A:20:13:EB:60:A2:1D:D0:AF:87:4C:A4:41:0C:07:C7:1A:35:F8:CA:F3:EC:E7:F0:21:5F:15:C7"}}},"request":{"raw":"GET /mt2026-8qssd0z7qb HTTP/1.1\r\nHost: 2026tu.myxuanxuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:44 GMT\r\ncontent-type: text/html\r\nlocation: https://img.alicdn.com/imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif\r\ncontent-length: 138\r\nx-nws-log-uuid: 3078697738240584252\r\nx-cache-lookup: Cache Miss\r\nstrict-transport-security: max-age=1;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":643569,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1300,"timings":{"blocked":174,"dns":773,"connect":15,"send":0,"wait":248,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:56.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 643569\r\ndate: Sun, 25 Jan 2026 16:50:48 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 2ff6309e17693598481316951e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache39.l2de4[0,0,200-0,H], ens-cache18.l2de4[1,0], ens-cache11.se2[0,0,200-0,H], ens-cache9.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 3516488\r\nali-swift-global-savetime: 1769359848\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 25 Jan 2026 16:54:37 GMT\r\nx-swift-cachetime: 31535771\r\nback_uri: /imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763366446960e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":643569,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"f5919b3ac13cce9d56f7966003e826d8","sha1":"75c040dace5ddc741ddcbda8e0bc74fcbff417bc","sha256":"739605b51e61972ae4e03385a848c5cc0561d639eadb33e424567f7f3b9d8f88","sha512":"5864eaf234c1b5816f6faeb6ef6f499154110340a9c412a742b35f4304a7cdba4cb88efbe61887c10593e96737a895d6cd466cd8fe990edce43338535123cd17","ssdeep":"12288:E2PPPsqKfJQrQrQrQFUpPnn9uVK49uVK49uVK49uVKZRV7YC:E2PPPJQc9KK49KK49KK49KKZX7H","tlshash":"c2d41338875b6ab15d82fe6c4ce1a0d980f951df53b74669e7c09c30936a31fb382b64","first_seen":"2024-10-04T10:32:36.972611Z","last_seen":"2026-04-04T15:25:57.320242Z","times_seen":8019,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3ccefxs96519j.cloudfront.net/MGM/980x120.gif","fqdn":"d3ccefxs96519j.cloudfront.net","domain":"d3ccefxs96519j.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.125","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:58.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /MGM/980x120.gif HTTP/1.1\r\nHost: d3ccefxs96519j.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 95663\r\nlast-modified: Fri, 08 Aug 2025 06:03:40 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Fri, 06 Mar 2026 01:37:40 GMT\r\netag: \"5a8005b75112b36916f21318ae457043\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Cx_kyzkVxWrNzcTC7FjUZCweKMZA4k2CetR60-ZWokbcdQQjLfpd2g==\r\nage: 115279\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":95663,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 120","md5":"5a8005b75112b36916f21318ae457043","sha1":"180f1ab095baa331066bf1708261d848d55789bf","sha256":"21b3d38760be3d6aaa1088bd68000cf9a0bd24b91baa7e4a93647a97f4f07e7d","sha512":"64180ea90a0dfec12e275bf1f6b3674bfcb69393177e726cbd5c6b03bc091acb7ad77429f6154f96e6071db087131f467c507c1fd95224faac5660fa71635d45","ssdeep":"1536:E2YoK+ONw4XmLHmnjNZ3CTtyO+cL2g1nB+VFS0O6QXkHv288jVG187LWL:77zONw4XqGnB1CxyO+c6cB0O6S6v288s","tlshash":"6c931279b8e135395715549e88ea6b0229ec29a1dff8d5e0fd3ffbe012400fba084752","first_seen":"2025-11-17T16:26:00.337909Z","last_seen":"2026-04-04T15:25:57.321922Z","times_seen":6317,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":61,"dns":608,"connect":1,"send":0,"wait":2,"receive":4,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/avzwmMkR/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/avzwmMkR/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 80206\r\nlast-modified: Fri, 06 Mar 2026 03:22:45 GMT\r\netag: \"69aa4885-1394e\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80206,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3","md5":"d40ece58c4c61a33da168aec8c6f94e3","sha1":"c24374e33b1f4158d28bc9d0bf8ca1ebe93266f4","sha256":"c1909e50dd9dcfa43dc2d16ff191c2ba45df3da60846cfa8c2190a5e68290429","sha512":"2369328927e766793e312fde82670e15310592ac4393e2ed04455222b00387af094fd54f72ca9f6f872562796279e5b294fd8c093ebe6fabedd4133f2b805b8e","ssdeep":"1536:FeO5Y9ZaN9YnPC9uf+IUZeFEW1mrdeajAbvWaZEpEN8h3CzyUBam+C:gOkZaN+a9WTUZjWgQajCW7aNTB3X","tlshash":"a3730238774208b44f33535dcd7e65ca262f75347cbab5a30a26a6c8b72a94b2f58431","first_seen":"2026-03-07T03:09:23.416095Z","last_seen":"2026-03-07T09:39:32.783996Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2658,"timings":{"blocked":759,"dns":0,"connect":148,"send":0,"wait":542,"receive":446,"ssl":762},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/1rJDTwVF/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/1rJDTwVF/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 9467\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Mar 2026 04:10:07 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a9021f-24fb\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 3264\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=caXNqK3fY9EB%2By6Pt8TbVYV1LoL5T2nnSedhSYetigTullSNLnvyjpVkCgjCteXN3qj1AyIJYtDMk%2BxKvKvaZsiTkbtSYXdpS0Lj84CUuc5ABA%3D%3D\"}]}\r\ncf-ray: 9d88a13f7ae51f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9467,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: \"Lavc58.39.100\", baseline, precision 8, 320x180, components 3","md5":"2198b635404d089bf33202a32be05db9","sha1":"7eb2b69eda8d4843a064a52eaad9df1fe698dd5f","sha256":"a43652673ed8cb4a640cac6b07610a25a5002f755cccbcddca114c812a0465af","sha512":"07e862c3ae90384d55b772a90cbfaf41bb70f9ba6cf0bfbde899e385fdb73bc52b454d54f644824881b4578c7861a89a4dfa201d3ab85f0d033acbb4a5c761bb","ssdeep":"192:A0bJb2ad3F6pvFBgoVimRmDpTl68+w1yTXlnp67GfXLVBUrO:A0bJbT1uvFmoVimRmFTl6fXBpLWO","tlshash":"4f12cf9306dacfa9fd115d3d58538407ac2a779b713690cd001b186a7d247f92baa2b8","first_seen":"2026-03-07T09:39:32.786918Z","last_seen":"2026-03-11T09:30:56.272945Z","times_seen":4,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/ky61-960x120.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /ky61-960x120.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44406,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1433,"timings":{"blocked":29,"dns":470,"connect":286,"send":0,"wait":279,"receive":0,"ssl":366},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260302/hoGJ3pLm/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260302/hoGJ3pLm/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 10007\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Mar 2026 00:24:34 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a62a42-2717\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mMgBHC02l9ZZpSvir75bvyAy05GXLwQiCul2M2nPa54VoONaFCNS6E%2BGHeAW%2FDvrWhFnD480lQ7eAnL7t8nmJfXj%2FciChbCw1rQirROr%2FMjLIw%3D%3D\"}]}\r\ncf-ray: 9d88a139beba1f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10007,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: \"Lavc61.3.100\", baseline, precision 8, 320x240, components 3","md5":"29eb72801a5edd04bdf6315e65be58b3","sha1":"55f2eca21ecb87ffc207aa72eaf04eb2c85abf3e","sha256":"e53090da94fe185c35580c0970ff91e0dfc9f9bed0fbfa58d910d9dbda353222","sha512":"f1320f54908c67ec0e77af3191c30f2d2b0a2b55d90cecae33a2c9757f20374ae0e2458125283e1422882b2bb5bcec085c24d47418fb003428beb05ae950621b","ssdeep":"192:BUUDaXllUjCn87rLzXDXMyrGpi8+NexSFRELi5NR0TW9cAJKY7AaoZYR/:FDNJXLD/rGM8bxmREL+gCxJ97J/","tlshash":"0b22af5650d5e016c81a60362b47b2823aa573c9cbf6aca4ad39f51fad97bc103e430b","first_seen":"2026-03-07T09:39:32.78869Z","last_seen":"2026-03-07T09:39:32.78869Z","times_seen":1,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":152,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/J2Me8EIT/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/J2Me8EIT/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 163125\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:02:12 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e704-27d35\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mTo0nTQriPOYvDemxB304%2FM6X3S7c1zcKpVVZaLpHLH26ygXcmae1OV%2FOHGjOY6P4ZCOyqkXuv%2BH3QRHnHyaVsBHVFDcpJ57bzfdke4x3chhAA%3D%3D\"}]}\r\ncf-ray: 9d88a139beb81f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":163125,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"c5ef13551633597b2c8a973172ac02a1","sha1":"66fb7e7d89ac997efe7e06e13f4fb91231117e18","sha256":"580c89cdde5220e3b47534f36f76f909b2622b4288ec6cd6d70a1078178756e0","sha512":"d236458d7cab71c750c2ea85bd0ef499856f0e544ef5bf3252b9533e433115d766789f64650994dc3f74dd6b06ed9a4ca6759b21c77dd1f6690cc9d8cd24b6d7","ssdeep":"3072:cTu/9XVUg2Hs72A9fFNZeh1evv/h3H/hpTfLtIdNpD5QMt3CDB:cTe0ZA9fngrwh3Hpy+MtSDB","tlshash":"5ff3127c7fcc7994cf54908d087a7bba54f8871b0b9c49a951881788f78a4e394e0b7e","first_seen":"2026-03-07T09:39:32.790637Z","last_seen":"2026-03-07T09:39:32.790637Z","times_seen":1,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260301/b5GMZKNw/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260301/b5GMZKNw/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1303148\r\nlast-modified: Mon, 02 Mar 2026 03:40:44 GMT\r\netag: \"69a506bc-13e26c\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1303148,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2184x1468, components 3","md5":"66fa2f21418e1da30d6ef380ba364f13","sha1":"ff08ea47411d17255f5ec59a47eec202dac732f2","sha256":"973af4a9ce1cf9b881702f0e388c774af865129edaf4c8c70575d305204cf3e2","sha512":"cc055181688d6dfe0f2401f5e85cc16b9fd703b854db0fe417c88e58a2eb1df4d102044a40a8cb774799065791d7384cbb55c9496ac0e5d27fe1d5c1a14eee00","ssdeep":"24576:SyAjwu6Clk+LSnEK8NmgWLIf/PJt+SuoZW2/8PC9Xnd1Mx:AE5+LSnb8N16In7+oZWlC9PMx","tlshash":"9b2533c20e384de036a5917b3f4329c7581398eebd12f5a415c9b17583a60fc3a6af5b","first_seen":"2026-03-07T09:39:32.79218Z","last_seen":"2026-03-07T09:39:32.79218Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2154,"timings":{"blocked":881,"dns":0,"connect":0,"send":0,"wait":619,"receive":654,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1212.syhze.com/8888/xm/5088/120.gif","fqdn":"img1212.syhze.com","domain":"syhze.com","tld":"com"},"ip":{"addr":"205.198.65.15","port":443,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1212.syhze.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 05:10:16 GMT","end":"Thu, 21 May 2026 05:10:15 GMT"},"fingerprint":{"sha1":"0E:AF:BB:57:33:D9:8E:52:FC:E0:72:FB:99:E6:06:AE:75:3F:77:CD","sha256":"73:97:CE:47:3B:96:59:73:01:A9:E5:B5:E4:AA:29:99:2E:75:1A:0E:52:57:08:31:66:51:91:6E:D4:8A:EC:94"}}},"request":{"raw":"GET /8888/xm/5088/120.gif HTTP/1.1\r\nHost: img1212.syhze.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 443228\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 16 Sep 2024 13:02:03 GMT\r\netag: \"66e82c4b-6c35c\"\r\nexpires: Mon, 06 Apr 2026 05:15:21 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1728000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":443228,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"6dfeb48901b7cd79256ac55ca0e057ad","sha1":"7f5be548b85f2c58a5a75f89831a60372e1fd49e","sha256":"077c10e1c5dda6d69f6cdb1cd61bd9b88d46ab20a09a0d1cd575348b422a80f6","sha512":"eb336246e254747a2ba6cc9ce2a793aa4919f2dce04f7327f82f33fbf1b7177a0a828bb4fdb687af252189476332345f9ca15e7a1163b0c572194b8b27464c45","ssdeep":"12288:bITYwMITYwMITwzFWFbSimWFbSimWFFL851b251b251b251ba:sYwTYwTakQcQc/87272727a","tlshash":"bb9412d3e4ea2823c6a62244ca9df7d57f411156653ea3d79b6b3f100e52d22e0ced09","first_seen":"2025-11-21T00:36:15.409425Z","last_seen":"2026-04-04T15:25:57.338806Z","times_seen":8016,"resource_available":false,"data":null}},"time_used":2567,"timings":{"blocked":100,"dns":236,"connect":263,"send":0,"wait":1098,"receive":598,"ssl":271},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/abc/fixed_ui_acb8d6.js","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.850Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /abc/fixed_ui_acb8d6.js HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: application/javascript; charset=utf-8\r\nVary: Accept-Encoding\r\nCache-Control: public, max-age=2592000\r\nContent-Length: 5585\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5585,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"52ffcac7ae0cc4e6d6ca050860ee0a38","sha1":"1d6c0c59672d85505df772f90c2a2105ef371db6","sha256":"f50412dfcbb61a54e85e9d0dad5c1cf5cd9e5d749bbc3144a6f61190fc8915a2","sha512":"ff7614e38852ee636d04bf1ee8a02532708607314389acf0b9107721ee356e9f2f7542e6de169605f2022600e7b330104dcb99703bc209eacc3133f8a95c841b","ssdeep":"96:WirFraHaXsMwE4xg20SEE2fEjTzg23CuBJkiThoP5VYb5G6JS/lWrNG+psKQUX:vBpw7m20SErf0T82CuBJI5VGGg+galUX","tlshash":"18b1846e79e33196892330b48fff150836329113910ddd907c0d91a46fa9b946676ff9","first_seen":"2026-03-07T09:39:32.794465Z","last_seen":"2026-03-07T09:39:32.794465Z","times_seen":1,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":28,"dns":1,"connect":147,"send":0,"wait":147,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260303/4OjrJr7M/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260303/4OjrJr7M/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 175100\r\nlast-modified: Wed, 04 Mar 2026 03:09:51 GMT\r\netag: \"69a7a27f-2abfc\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":175100,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3","md5":"7ddd1c974bcccfeee9f79c0cdfe04116","sha1":"f0d86d7c9f18eb133ef52e2a4ca30f10a1ca5ac8","sha256":"c07d1e8f3f2527a0f320a269ec45f42979396cde2a21813c4f340d47726f05f5","sha512":"3ea6817322a0565c18b1205107ec615190de55cbff028761bed74aaa5ab8c062d44e6b0197e4ce912e417e594f72b5d5298a83e9a8648085511e19dece695892","ssdeep":"3072:lMT8c/LtSrmlPwQu0Fli42d2aGjVTnkpiJl9zNVzxrIoXa0swzAboAke:lM4WLtSrmlFLpBMsFNsoXbswMboAke","tlshash":"2b041226dca78086d304577ef6faf2d835f742c5659952bf042e1203fced4689a2678c","first_seen":"2026-03-07T06:29:57.619558Z","last_seen":"2026-03-07T09:39:32.796043Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2728,"timings":{"blocked":1658,"dns":0,"connect":0,"send":0,"wait":504,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/lGE3IIbk/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/lGE3IIbk/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 179732\r\nlast-modified: Fri, 06 Mar 2026 03:22:09 GMT\r\netag: \"69aa4861-2be14\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":179732,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x900, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f25ba377c51838579df73c533b2cb276","sha1":"4f74cc4c5784cba1656cf3127f7909b10bddec89","sha256":"b25517507c6d33bc2f057889d36f695d3c7edeea223cef303f762091bede09d5","sha512":"4ab88e58352bde7b277b933730aec6a0e6efc8f384e30435d7758b7156414b170e1570c447f90c090f2c7a67373d8bf34183b3d895df138f052169a8e0e5161b","ssdeep":"3072:r0sdeQGmA0E7/vS378PNvK7G1Gi/ZILsta3YLtkN5XTervO+CfgaIF3gcYlS5uNT:r7hA0E7/vuoYG1GiBILxwtnrvO+CffIo","tlshash":"39041369860d77a3edd3ce62a8c8fc70263641145d7b2ca137826bee1553bd312f498a","first_seen":"2026-03-07T09:39:32.797117Z","last_seen":"2026-03-07T09:39:32.797117Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2024,"timings":{"blocked":-1,"dns":1,"connect":146,"send":0,"wait":554,"receive":496,"ssl":825},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/cab3f3ea8006538aaa661096ec3303bc.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/cab3f3ea8006538aaa661096ec3303bc.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 196981\r\nlast-modified: Fri, 06 Mar 2026 03:16:34 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa4712-30175\"\r\nexpires: Sun, 05 Apr 2026 03:33:59 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108294\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":196981,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"22abbfa552f4a8d8ab3fba884a815502","sha1":"c0b7df6cd1de94a3185237c4eb8ad04faabc49dd","sha256":"c0c66724d02aca0647ea97f1da7617d362528312121ba1adab651fbadac5d57b","sha512":"56b08e8435e54e6462669076ca0cfc34b255aaeab43f2128cb3b8175725d87936e59b097bd070fe562fcfa34c64d19c99d82c5cb29d9104249984c45ad60338d","ssdeep":"6144:1d2v3bfhVZBA45WTpHRxzkyPBjZVLdL95iboNxu:1deHBBEzkyPRZNdL9Ueu","tlshash":"df1412abdee665bda0ee642817ea5e8f61cf3c518266d04e8933ce00ebd51f84c1dd11","first_seen":"2026-03-07T09:39:32.79864Z","last_seen":"2026-03-07T09:39:32.79864Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1291,"timings":{"blocked":-1,"dns":1,"connect":146,"send":0,"wait":639,"receive":317,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/template/026_tpl_wap/css/style.css","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.182.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.843Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cn/home/web/template/026_tpl_wap/css/style.css HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: text/css\r\nContent-Length: 25176\r\nLast-Modified: Tue, 08 Nov 2022 09:21:25 GMT\r\nVary: Accept-Encoding\r\nCache-Control: public, max-age=2592000\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25176,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3228), with CRLF line terminators","md5":"79c8225fb5433b08ab3446a47bb27f6b","sha1":"7063cc932fb90ecde38a906ec73796c800f23157","sha256":"f6af9e69e42c4ddf199264f951c31a537d67576e835b90203b0680e6ed455ae9","sha512":"6a9840936f1418844214d1fed4fa062d268e935e120e7aae83ade9b8cdb5f7454e252f4fc02e71567de42746cb47a2098e4e027ef55b7e69362317da4e11cb5d","ssdeep":"384:0yB2DTKmz/Tw20R4SeBk0mBjAS5MftMw3FzENbuGAqzjvCjF:RwvTz/Tw20R7em0HkNfzjajF","tlshash":"96b2c8224264124eb127d013e9f24abb7d3bd027e33706aef5557835cecf52b1a72698","first_seen":"2025-10-09T07:46:59.295352Z","last_seen":"2026-03-07T09:39:32.800164Z","times_seen":10,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260305-1/1ec4909ff04512b0b76322957fab7778.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260305-1/1ec4909ff04512b0b76322957fab7778.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73596\r\nlast-modified: Thu, 05 Mar 2026 03:10:21 GMT\r\nvary: Accept-Encoding\r\netag: \"69a8f41d-11f7c\"\r\nexpires: Sat, 04 Apr 2026 03:37:26 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 194487\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":73596,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"d133fdb7dfe5d3f607a4a0adeabc68a4","sha1":"bd40e293fc4bb8e56db08ff24229451721823899","sha256":"db8da1f85fbb5bda9bcdd5f425893ab2568de0de202f175ef42b87623e6521dd","sha512":"d9d7c5518ec084e583b4d40debbcad718d8a2cfef6eed98dccba140ad6e7fe5e1adc04b41fbb67d44bee1597c5ddfbdafa71f1d705aed86c247b5176205abc3e","ssdeep":"1536:k8bFfj91eu35huugIyfDrulVDtP10bysj21gZjQnsCvCHiF66SPvK:vb9QS5cIAulx510usj2QjQnsuCCEXHK","tlshash":"4073029f0c7b1b0cccffbea70f0bbc92561766425d3629924b06c699b772a85035133a","first_seen":"2026-03-07T09:39:32.801798Z","last_seen":"2026-03-07T09:39:32.801798Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1151,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":639,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN011SH9va22AErRbNeqF_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN011SH9va22AErRbNeqF_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 218186\r\ndate: Tue, 10 Feb 2026 08:16:14 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.094\r\ntraceid: a3b5019d17707113743023013e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache19.l2de4[0,0,200-0,H], ens-cache2.l2de4[1,0], ens-cache17.se2[0,0,200-0,H], ens-cache9.se2[7,0]\r\naccess-control-allow-origin: *\r\nage: 2164961\r\nali-swift-global-savetime: 1770711374\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 10 Feb 2026 08:18:40 GMT\r\nx-swift-cachetime: 31535854\r\nback_uri: /imgextra/i4/4183327079/O1CN011SH9va22AErRbNeqF_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 7\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763358946398e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":218186,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"c746674e75d4ad03a61fdb261ee49376","sha1":"8cf71520c90c49746b49b3d4172bec815f88ee9c","sha256":"d6c1f96b8762b8f0d419fae7639ee8e519f2c0714d3a765288cd08bc58d4424f","sha512":"03a5ca97a917978cfb706777139f3cc069c6c8e06b09872c9783baa4aee2a701bc49ded5b8713748d6a90ff3f79ab0dd6aaf497e6863f44abe03e32cac5721fd","ssdeep":"3072:n9qyzDgNNsg1X0jksIxGcivXXfG2Qk6hBKofVLHhLHd6DlzLgkHEXLZ0EUHQ5JC+:nkQkTkwsmivXMk6hE8VT6z9EMHQPH7","tlshash":"dd2413479e0f1c4665c41b1ab473a3b71b32cb9cfa83506e43667e7b81a84b97207937","first_seen":"2026-02-10T10:56:09.229979Z","last_seen":"2026-04-04T15:25:57.38549Z","times_seen":2204,"resource_available":false,"data":null}},"time_used":1265,"timings":{"blocked":590,"dns":584,"connect":11,"send":0,"wait":18,"receive":29,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/template/026_tpl_wap/css/a_pc_wap.css","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.846Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cn/home/web/template/026_tpl_wap/css/a_pc_wap.css HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: text/css\r\nContent-Length: 2876\r\nLast-Modified: Wed, 28 Dec 2022 09:11:04 GMT\r\nVary: Accept-Encoding\r\nCache-Control: public, max-age=2592000\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2876,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"74a8b81d486fd0fab0c1e1a21faf815c","sha1":"3671d10e96160cba777510eafe225a6fab98dbdf","sha256":"db0fd01915d66b5e8e03851256f02c85422be168cf9b2b68ab776878447f9e1c","sha512":"9399229eae7fd56b29d69e0cacc7b2a439aa45fb392df8549e04ed3fd81ee280694bf2a96acebdfc759862fb7a863fcba5e4adc4228c40bb25ac75fbca504226","ssdeep":"","tlshash":"2e515a162b6f2488a80ba1b85fb567686a294053bb0fcc2975547324ff4e78d09b2789","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-04T15:25:57.379425Z","times_seen":9227,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":37,"dns":0,"connect":151,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260304-1/ad55678b4f2b5de2b55397234d74d00c.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260304-1/ad55678b4f2b5de2b55397234d74d00c.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 322409\r\nlast-modified: Wed, 04 Mar 2026 03:05:35 GMT\r\nvary: Accept-Encoding\r\netag: \"69a7a17f-4eb69\"\r\nexpires: Fri, 03 Apr 2026 03:25:44 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 281589\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":322409,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x624, components 3","md5":"6803cbf1f2a6f2488fc3bab26acd5743","sha1":"86474beccc680178dac42f8a1f6b004038b8639c","sha256":"3ad3827da4f22598f2c35ba80013101b124c28da589df8ab13d32c04cecbf6ff","sha512":"14d9ea9887f68a5dcdb94cb8fb098236e94ce5b90552fa58751f763c88472cd11375ca685b4ea9645cdd51be89b58651dbb470db116754e261f40aa4222d4d52","ssdeep":"6144:jz60iboNn8vvc9qfMTL5Q/5P6j+lOqSjRb/CWSeyumVeLRpbPcQq:jzDrNn8vk9qfwA5m+lOqob/GeyZSHPI","tlshash":"4d64232d6064e261f5ba7fbcddf93080d2060b9d11a8afb571352da3de23955b0e40f6","first_seen":"2026-03-07T09:39:32.807957Z","last_seen":"2026-03-07T09:39:32.807957Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1313,"timings":{"blocked":246,"dns":0,"connect":0,"send":0,"wait":639,"receive":428,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/xtHUkK03/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/xtHUkK03/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 251201\r\nlast-modified: Fri, 06 Mar 2026 03:23:22 GMT\r\netag: \"69aa48aa-3d541\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":251201,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 8000x4492, components 3","md5":"77203e8b1bd965f5774d8a03a8a8331a","sha1":"e8ec74e513e4109aae1d9054898414e4f2db3322","sha256":"a5c8db374d8692bf8914205ee3cff39960c1ebaa6d38b4b56037f665b05cf1dc","sha512":"b1d89e21161f8166a6f008e06bced87fdb0ee373f64129a85df31eaa936ef68ec293fd8e76c2f3064b119f3d0f3f79ed4f3995a50a855fd5904774250fa210be","ssdeep":"3072:Qk7bM0sgcSaV0ZVIMvV5Rz2hOri5sHpzvVbi/zBsuHthJz0aByn:Q0TcSaLmZKYUEV0suFz4","tlshash":"10349e67eb0195a7c4a81770c8d30f387f7380b993a24643efa6093558bb764bd6db81","first_seen":"2025-10-30T06:10:42.100831Z","last_seen":"2026-03-07T14:46:30.684009Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1382,"timings":{"blocked":224,"dns":0,"connect":0,"send":0,"wait":616,"receive":542,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:57.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 292628\r\ndate: Tue, 11 Nov 2025 08:54:59 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 2ff6319517628512988766131e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache6.l2de3[0,0,200-0,H], ens-cache5.l2de3[0,0], ens-cache20.se2[0,0,200-0,H], ens-cache9.se2[4,0]\r\naccess-control-allow-origin: *\r\nage: 10025038\r\nali-swift-global-savetime: 1762851299\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 11 Nov 2025 09:03:40 GMT\r\nx-swift-cachetime: 31535479\r\nback_uri: /imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif_.avif\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763370067225e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":292628,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"3a29654deae45805d8794954abbb5044","sha1":"42691fc8287fde23d6f03fb34434deabb343df14","sha256":"cc2627b8bf79a940675f68df3fcdb91bf14a94b98c1938dd334c2bfc62538bb3","sha512":"b272db82b275b8f2f0fe414b1f339432bc2663520931f602714e2ede08e8b655f766060cff98dda94f176180b3bcdc53a6e382c4faa10ce67ca13e8008f65353","ssdeep":"6144:Nq0IoTY/D/9IDmn8IDVS+jIDmn0JVr3AW9DuCDP:LTcNl5H03QuDuCDP","tlshash":"3c541216e3668b1f117098c1a1f16d7efaedaa1736f5aef1450c4c42053f9e8a339c62","first_seen":"2025-11-09T02:30:37.967304Z","last_seen":"2026-04-04T15:25:57.340317Z","times_seen":7807,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":18,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/529c50aa0b24a12d502119f4e32272a3.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/529c50aa0b24a12d502119f4e32272a3.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 392651\r\nlast-modified: Fri, 06 Mar 2026 03:16:39 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa4717-5fdcb\"\r\nexpires: Sun, 05 Apr 2026 03:34:24 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108269\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":392651,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced","md5":"590903c0442530a4b5098bf1323b73b6","sha1":"f56a455659fb7101ddbc559934b44f79920e7eea","sha256":"1ba5b02645ef49f9d887c27bcc67abb13b62916514085dca72ebf81696714fcc","sha512":"26a57c974a6334e3dcd5bc5963ae80b963872fd54100bf2a7752941bca56900e2c593d4a514dcb32ee9ccd6bc2569f7648e8797246c3a9510cf7e1ac9452524c","ssdeep":"6144:Fv9KpdAHZLcbEl9qkm0Ff9sj43QpjcofNHwcG7jRCq9GHARb5h7OFN86gsyUTK:XKpdE5ONG9skA7RTGvRrSqbECtQK","tlshash":"0b8423c7323b7168e357ab07d9562f88796164fbdf18f0198b11b18a8e75073d26182f","first_seen":"2026-03-07T09:39:32.817423Z","last_seen":"2026-03-07T09:39:32.817423Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1332,"timings":{"blocked":112,"dns":0,"connect":0,"send":0,"wait":638,"receive":582,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"la.lashayu.com/upload/vod/20260306-1/b45c65be5886eba796ea74923e110554.jpg","fqdn":"la.lashayu.com","domain":"lashayu.com","tld":"com"},"ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"la.lashayu.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 15:25:31 GMT","end":"Thu, 14 May 2026 15:25:30 GMT"},"fingerprint":{"sha1":"12:7F:43:CD:93:DA:C7:A7:30:0E:6C:68:FE:76:BE:A7:3A:FA:2E:70","sha256":"38:45:87:B6:6F:92:7D:F1:17:B4:75:66:B9:26:63:9C:76:3F:DB:CE:27:66:3E:C2:8D:5F:08:BE:F4:CA:99:4D"}}},"request":{"raw":"GET /upload/vod/20260306-1/b45c65be5886eba796ea74923e110554.jpg HTTP/1.1\r\nHost: la.lashayu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-credentials: : true\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Sat, 07 Mar 2026 06:58:35 GMT\r\netag: \"69aa1739-95fa\"\r\nexpires: Mon, 06 Apr 2026 06:58:35 GMT\r\nlast-modified: Sat, 07 Mar 2026 06:58:35 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 38394\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38394,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 640x360, components 3","md5":"1af5d6f4f19ef43eb2c657ad1cdcd46c","sha1":"4f28ab27957f1a1854812a7062c3b051aaab8fe9","sha256":"c141b070db9cfc07a213d92c83baf7b5e1f6fbe6f22b41ebc00391c010c127cf","sha512":"c62cb765a06f6a632821381b3977812c73584021f2d3aec4b398118cec122c2fcbf760ec1d97970d3715b2a4d8eafde40a10f53ce7de0bec3dfe6cb46fe6845f","ssdeep":"768:lrozd16Irrs+edHT9xWzvnyUPsAk3iazg6dS23JcjErSeqc:lwd16Irrs+mgPPdGZg6E25cjE26","tlshash":"de03f1ca75ca6f48286bd6714754b868f84c391043ed365f322399d77efe21820df929","first_seen":"2025-07-12T10:40:07.079078Z","last_seen":"2026-03-11T09:30:56.274888Z","times_seen":4,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":2,"connect":19,"send":0,"wait":19,"receive":26,"ssl":594},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/pg/980x120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.161","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:58.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /pg/980x120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 340665\r\nlast-modified: Wed, 14 May 2025 14:12:32 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Fri, 06 Mar 2026 01:27:11 GMT\r\netag: \"b4c14c37321b858948f5616dbb436738\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: N_exGfI-Rx4w5I5pkGXKXDecLAwqVtQqSAjcezDm2FaIzCeFGFQf9w==\r\nage: 115908\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":340665,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 120","md5":"b4c14c37321b858948f5616dbb436738","sha1":"e98847771ba3752949935dc11f4c7d4d8c14c787","sha256":"f5c79e791b436ecf1ad188dbe87ad4b35d3b9956bcf766600fb134f2a014131f","sha512":"a197f0fbc291afe3bcae5d35d05a23269e80fb7828215f41244c6136b63656c239fe6d24b4e2d6dc1ba713f06c7dfea763904a794043aba806c273f3311dc6e4","ssdeep":"6144:gFli6a0djJW4zenv4zenEO1LDyD3/wGR/Yi/wGR/Yi/wGRz3VkvJ6KI7KqmQIkX5:5p+3SSSJiD3/Z/Z/HMJ1IbI1I1kU1","tlshash":"4a741314e221ad80fe3a923b49f1c8f1a53d56f498afa9770661e7d4c6f44d0bf448e2","first_seen":"2026-02-01T06:13:19.223962Z","last_seen":"2026-03-15T12:50:18.76148Z","times_seen":1922,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":35,"dns":68,"connect":1,"send":0,"wait":18,"receive":8,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/838ecb7955857145d2dda6cc361dfcfe.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/838ecb7955857145d2dda6cc361dfcfe.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 474429\r\nlast-modified: Fri, 06 Mar 2026 03:16:23 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa4707-73d3d\"\r\nexpires: Sun, 05 Apr 2026 03:35:13 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108220\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":474429,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 840x568, components 3","md5":"d327fe2f2e2d81bbd926b718bef08d06","sha1":"234c69c790b2059aaf6793eba90da2c39b048c65","sha256":"bbaffaa4f758dc3f5fc6bacb42456609c3cef08ceed5ed459c63a37e1556303b","sha512":"f57ecb9d110fabcb9f6149cee38c0b1b0a5097d101c16a902aca98e9d5937488cc26f7c10c9cd69a0bd1b625a9677fde38939762c727000491c7c38ee8f322cc","ssdeep":"12288:WWGK+f9njCnLXGYVcA4ZifbPPRaqgzRiiMLYAiGZH/:H7+f9nOL2YmZiLRaqgdiiMtvt/","tlshash":"3fa423aca4c811f590c852fa6de495ce26839ead6ffffc823a071154e68fb4340d196d","first_seen":"2026-03-07T09:39:32.822457Z","last_seen":"2026-03-07T09:39:32.822457Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":622,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260303-21/5984eb1bfeac002898f98f11fb3ac9d9.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260303-21/5984eb1bfeac002898f98f11fb3ac9d9.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6509\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Mar 2026 02:47:55 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a64bdb-196d\"\r\nExpires: Thu, 02 Apr 2026 03:20:23 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6509,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 180x126, components 3","md5":"99ef761c632220015625712745be09ff","sha1":"58f5921d2540f5ec02a6df00971cc061187cfeab","sha256":"7c40c684c93b01486d1b6f07858645dd50a213d248363377da0aed09e73d6936","sha512":"31fec0fd1d6b169ef96a17ff6052346213980bb674b0dbf9d22f66da0b6c9da700fa2cf56642cb200f8a44d5d9a541033f0ef08f041c519f204f90d931ea5be2","ssdeep":"96:M2Ufag3QcBkTma/ihMGqDX522LdtL1yQCB5M+GjrcMWlp4Mb+fr461UofJI:tUyYFUihMG0dJ1yPyrcMcOrz1UoRI","tlshash":"8dd18d0239d7902cf55ace3f8a10d0b661af7b0a0f681a1d3e12870258aedc19cc55e7","first_seen":"2026-03-07T09:39:32.82407Z","last_seen":"2026-03-07T09:39:32.82407Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1058,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":197,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/9efa7c075f8d35883318cbc0a465f869.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/9efa7c075f8d35883318cbc0a465f869.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 267254\r\nlast-modified: Fri, 06 Mar 2026 03:16:03 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa46f3-413f6\"\r\nexpires: Sun, 05 Apr 2026 03:45:54 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 107579\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":267254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 718 x 404, 8-bit/color RGBA, non-interlaced","md5":"511db3eeaddd60f5afdb1a33808b9b86","sha1":"b3d3f5fd9179136d266901b0341815b2d2832da3","sha256":"658753f2dadba954f6a927310c1b6a4ba2b195bd85eda5d653393d32181a93f9","sha512":"4c16f2555b6661e898d6645d1315a62b510809b2675fc2534217d574ae585fc169d44bf9ec1816a8faa09335ccba4b2d7694b57f25c50817798b2cb4984a7b1d","ssdeep":"6144:dSWKTNKe9wi0lmOeP/1GTJZbRbLfFPmUNjSWT7RPoxhOMom5KO:dITN5p083nEf3PTNbT9OOMZj","tlshash":"fd44239630378815aef3abb28970646b59ce809d458b3a83b5da1e542ccf22e4c37d5d","first_seen":"2025-02-23T04:00:42.570885Z","last_seen":"2026-03-08T16:03:46.918045Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1271,"timings":{"blocked":116,"dns":0,"connect":0,"send":0,"wait":638,"receive":517,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN015le7R022AEsJ5jGju_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN015le7R022AEsJ5jGju_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 442163\r\ndate: Tue, 03 Mar 2026 08:23:21 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 2ff6309f17725262013815622e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache1.l2de4[0,0,200-0,H], ens-cache37.l2de4[1,0], ens-cache12.se2[0,0,200-0,H], ens-cache9.se2[4,0]\r\naccess-control-allow-origin: *\r\nage: 350134\r\nali-swift-global-savetime: 1772526201\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 03 Mar 2026 08:32:25 GMT\r\nx-swift-cachetime: 31535456\r\nback_uri: /imgextra/i4/4183327079/O1CN015le7R022AEsJ5jGju_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763358996403e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":442163,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"a959dff57b5058e20b52d9eee9856451","sha1":"f429b441579c13a080de49602a836dc091809ed6","sha256":"b55482457dcd5b1a75ccd8af9902c9d9ccf11451e79300f43b4bef9a94260474","sha512":"cb38c08e2b12d580f0a3425f51b2d1af7914d8914881fd188915ad897d7d150000c7c807edf0ee7c4e003333ae6491a1693f369c2932d220549d896a00154db5","ssdeep":"12288:MbOF/O5B0GXiLvxLv9Qu2R3J0rKuDmQvmQP8AtpW6:sb0xdQJ0zdv4sW6","tlshash":"6c9423bb6dfb9054a8130fa829e7061ccb80de8446ec2a79a9571ff7189872cbd1c855","first_seen":"2026-03-07T00:44:39.681251Z","last_seen":"2026-04-04T15:25:57.392955Z","times_seen":1787,"resource_available":false,"data":null}},"time_used":645,"timings":{"blocked":557,"dns":2,"connect":0,"send":0,"wait":49,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pg888.12img707989.com:5658/8888/pg507/pg120.gif","fqdn":"pg888.12img707989.com","domain":"12img707989.com","tld":"com"},"ip":{"addr":"205.198.65.15","port":5658,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pg888.12img707989.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Feb 2026 04:24:03 GMT","end":"Sun, 17 May 2026 04:24:02 GMT"},"fingerprint":{"sha1":"A2:78:04:63:2B:CA:BE:C2:FB:3F:31:EE:5D:22:4F:D0:20:B7:2D:A4","sha256":"D3:2A:FB:29:36:10:8B:B7:D5:60:5A:68:5E:02:82:D8:14:1F:89:6A:00:EA:73:6D:19:85:46:E9:F3:1A:D2:F1"}}},"request":{"raw":"GET /8888/pg507/pg120.gif HTTP/1.1\r\nHost: pg888.12img707989.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 732135\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 05 May 2025 10:11:05 GMT\r\netag: \"68188eb9-b2be7\"\r\nexpires: Mon, 06 Apr 2026 05:15:40 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1728000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":732135,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d812f0151d7042065067e76fe039facc","sha1":"a48f9c692fa3916903db45819d4050f52d747a33","sha256":"849c1d8c67e9a3151b4a14d3b70e23e4abc3649dcac2e397587afedc70dcf25e","sha512":"a082dff74f4a12e121b6f185ba58d228399af7fa6f50df9d8a891c42d01724d7381842985926980c2e35d1f4b352ff7b425000682f6bdbb0038153d9893ff43f","ssdeep":"12288:RzuTwzuTwzuTwzuTFs9yJuVwrVwrVwrVwrV5eGrQSoSoSoSKDu4OVDu4OVDu4OVQ:RuTeuTeuTeuTFw1WrWrWrWrjeGkSoSoV","tlshash":"43f42339d14794a6938b0a7b9f1411a46305de26a7f220398327f987bc46793ffdb80d","first_seen":"2025-11-21T00:36:15.392801Z","last_seen":"2026-04-04T15:25:57.438535Z","times_seen":7865,"resource_available":false,"data":null}},"time_used":2982,"timings":{"blocked":85,"dns":610,"connect":260,"send":0,"wait":266,"receive":1491,"ssl":270},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/static/js/jquery.js","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.849Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cn/home/web/static/js/jquery.js HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: application/javascript\r\nContent-Length: 92629\r\nLast-Modified: Thu, 04 Aug 2016 14:39:10 GMT\r\nVary: Accept-Encoding\r\nCache-Control: public, max-age=2592000\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T15:48:44.569044Z","times_seen":60616,"resource_available":true,"data":null}},"time_used":791,"timings":{"blocked":34,"dns":1,"connect":151,"send":0,"wait":159,"receive":446,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260227/4yRI4VFF/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260227/4yRI4VFF/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 149693\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Feb 2026 00:04:44 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a2311c-248bd\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v6Bfil%2FFODfhjJ9Yud2lYg7qcbEmtQ45troT4HzggVpA1VVWZVfHC3Tdez1MbRKxrwC%2BqDo0wOqjmAiwx0WPFxS0Ckg9CL4K4nY9cFm%2BzuCCFA%3D%3D\"}]}\r\ncf-ray: 9d88a139df021f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149693,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"61ae94723e638878df153bf05ae04f94","sha1":"80dfcb0a478d93ed84f1d593c255e435d6ba94f1","sha256":"cb69a0ff4644401fac8a2f0805cfa49a3a28853968a4902cfd93577b1db51cff","sha512":"2a51c6962b092e294973da6f606f8a594c86b42981741401fee7cbcc333e4d0f40e92de07e2c8b82b41d712f0120e258773998067ce706afa82ce87481fc9dbc","ssdeep":"3072:xN2/AymNZsOa0yBHuuhFj/c6KMgOaGd1GIfgx0NJiILae3oeoNL:xIAxs7TbcMgOaGd1dox0NJiRe4z","tlshash":"88e312f34ac98d0377a7b5d2caba345840e1f7945c76f826762283e6762f009d23e5d4","first_seen":"2025-08-22T09:34:23.996929Z","last_seen":"2026-03-07T09:39:32.830676Z","times_seen":2,"resource_available":false,"data":null}},"time_used":685,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fsffbhd.4000522777.xn--fiqs8s/ea980b9daf2cbb13355e4431bbc43384.gif?_t=1765444375","fqdn":"fsffbhd.4000522777.xn--fiqs8s","domain":"fsffbhd.4000522777.xn--fiqs8s","tld":""},"ip":{"addr":"104.26.7.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:56.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4000522777.xn--fiqs8s","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 07:30:32 GMT","end":"Sat, 09 May 2026 07:30:31 GMT"},"fingerprint":{"sha1":"FF:0F:4B:0B:66:7A:99:CF:94:C0:49:3D:85:E5:C9:86:98:B7:37:5A","sha256":"43:BD:60:69:CF:8C:1A:A9:8F:2A:45:8B:67:9B:D8:CE:5E:AD:46:40:6D:E0:09:85:5F:16:F0:2D:FD:A5:D2:8E"}}},"request":{"raw":"GET /ea980b9daf2cbb13355e4431bbc43384.gif?_t=1765444375 HTTP/1.1\r\nHost: fsffbhd.4000522777.xn--fiqs8s\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 686427\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AddNW6tObvtJwTG0RLzCD69wdB4hA7bBty6mWrQXmDmimIZiJSVv5xu9A%2BeI%2BrMI%2FBWB0vmvnwTZTV7SNXLbib5cwuvQo8GWOVETySfx4gVIxFfTKqOhWl8jqeg%3D\"}]}\r\nlast-modified: Fri, 12 Dec 2025 11:26:10 GMT\r\netag: \"693bfbd2-abcad\"\r\naccept-ranges: bytes\r\ncf-polished: ok, orig_size=703661\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-bgj: h2pri,imgq:100\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\npriority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1954;u=4;i=?0 75633;u=5;i=?0)\r\nage: 2882\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9d88a150fc9d95bd-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":686427,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"50ad17c4014d52237a88bb19e9829b31","sha1":"db252c8c8a5ae668e4632ed8a76a1b24c53c9f70","sha256":"554655862976f55793e7639c314556faa823351d74594ae5ad92087cbeb0e612","sha512":"28ef570f60686911a4f0a3103d46bd5dcc95320b7a3dc8cc05a46f9f889b81b041197d528326d0058db11fe5fcf2ff9eb21b74f7c827c954d8a8756ad55a579a","ssdeep":"12288:wwXjxQCC3biqHBA64vfwB2VDUh2aQapzDUS7uahgvxVYGy157FN3fCnVi:wZFnB54He2VmyIuaOJVDy1JXKnE","tlshash":"fae4235203b56265ecd3816ab4d1296e4ceea25f0d38ff31134128da46a379f23653ef","first_seen":"2026-02-13T09:12:04.032312Z","last_seen":"2026-03-24T12:42:29.021486Z","times_seen":1077,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":32,"dns":2,"connect":1,"send":0,"wait":15,"receive":27,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/LSneeo6B/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/LSneeo6B/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86772\r\nlast-modified: Fri, 06 Mar 2026 03:23:00 GMT\r\netag: \"69aa4894-152f4\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86772,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=upper-left, datetime=2024:09:01 20:10:13, width=0], baseline, precision 8, 606x340, components 3","md5":"a9875741a49948417a5aa74e10f30028","sha1":"6a74a7538d47a27e62affeb7b139b22d4402ed00","sha256":"3186401ae5a7511190d02f92957f47c2deb63d073d12d1565ca8103892f59627","sha512":"3fbcf91242a52773f535a40c496956dfcd359cc85728b33fd82ad1aff24db8cdd4be3526d9cb1e6076a539286155fdd745d3d213ed995f85c80bbe6007d69071","ssdeep":"1536:6P5nGxoQXtkJ4QbBTXsdD3DmcRfGjEVy8QDaL45kHIiTpAVxFgnmed1M4i2gz:zQbF8dDTmOlQD35oTOredbngz","tlshash":"b583024d3b940ddec8701c340abadfa7301f74fa72919e9d9fc4a4207899879ac4d672","first_seen":"2026-03-07T09:39:32.838797Z","last_seen":"2026-03-07T09:39:32.838797Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1299,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":617,"receive":414,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/zwHxHl68/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/zwHxHl68/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 131653\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:00:58 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e6ba-20245\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 5455\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4kfj91eS568EfVQmVVNr7LpD6MRFPX3WWbOO14LWLwrjDhPiasOcaA8kmQSQgxNdwJwhqpatvVrK%2FeotSqZHXmyzv%2FQiYHiLmBAtW4Lnpv6Jpg%3D%3D\"}]}\r\ncf-ray: 9d88a139beb11f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":131653,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"d94cfa09755dfc5f9884d75c9d023839","sha1":"ca1d6b168e0a0860bcb6260c701a4f4598bd37ad","sha256":"d5bfe205a8ace84701f9a304da6e573ba544db4228114d23875ed8bec0736646","sha512":"46ec69db1c38b2b9da5d9701adfd118d6b2b17f9bc5531a9d22e353caf91d7143da3640c488f3f50d9808363428a844a0b43fcdde0e3c1c8bdcd7893825d9f64","ssdeep":"3072:DVmdc7jaxA+PIeEhyboYq59kSPVDkbf/NvRKIQX35JuczjxOVUDV:DVmdcuy+QeEIGC/bf/NvRKZecI0V","tlshash":"c3d3121a5eb73e85ed247c7df861ac17e0e98812f3c450295504dac35d84beb83daa7c","first_seen":"2026-03-07T09:39:32.840918Z","last_seen":"2026-03-07T09:39:32.840918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/4183327079/O1CN01Jh4YeU22AEs6UM5mZ_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/4183327079/O1CN01Jh4YeU22AEs6UM5mZ_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 300651\r\ndate: Fri, 06 Feb 2026 11:12:05 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b55ced17703763248572315e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de4[0,0,200-0,H], ens-cache21.l2de4[2,0], ens-cache9.se2[0,0,200-0,H], ens-cache9.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 2500010\r\nali-swift-global-savetime: 1770376325\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 06 Feb 2026 16:04:39 GMT\r\nx-swift-cachetime: 31518446\r\nback_uri: /imgextra/i3/4183327079/O1CN01Jh4YeU22AEs6UM5mZ_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763359046404e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":300651,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"8a47d4e0340db7d8001c1c2c39716b93","sha1":"0fc8202a98d51793df1755c0bdb9ed54294a8519","sha256":"4a6044bb59cb58f446ba34163ea45c5079c9c1a556c3f2bc626440f638efaf30","sha512":"7277d622b154e4756836791b83a92294ece23d66f15b7450937a0525679433e4f90622b04e6a37bc2db1aa067060c3e07fa066fbfe0660ba3c926b54ff52cb2f","ssdeep":"6144:v1p2LgPnLX3nnLXnXw3esj1ls34FfhavVHf7lYJkxmWYQAYg:v1pXXbXXw3eGXH5M7yixDY6g","tlshash":"9f5423c4f7e76f3eaf9218f3296f34883669c81d91f4813a1e86b1eb16231591434d3a","first_seen":"2026-02-07T11:16:48.410559Z","last_seen":"2026-04-04T15:25:57.319273Z","times_seen":2205,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":556,"dns":1,"connect":0,"send":0,"wait":79,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/jEstcfdb/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/jEstcfdb/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4858\r\nlast-modified: Fri, 06 Mar 2026 03:22:29 GMT\r\netag: \"69aa4875-12fa\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4858,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 320x427, segment length 16, comment: \"Lavc61.3.100\", baseline, precision 8, 240x320, components 3","md5":"be3d2f5480e95fc14216d69c8e215dad","sha1":"eb8b8d5117f5df17cb815ca2cfabcb68f6f40c0a","sha256":"4a94f7c811b2c76c78d5bf4f04830d9218c902f3148d70f8237af4ec44076b43","sha512":"1e6e7d05451663b10f4373274738a7c6951e8f255a117e76bb9da6ac0f936a01f6fe43cbc73865f71d4edca551998096fb2707dbe901a9ed3028301c57fa4284","ssdeep":"96:MvrCqk0o6vhRY8X602hdlXSlbr4PUdQc/IzPs2tN4CX8:Djr6vDK0AirCUdQ/LA","tlshash":"94a18d41ab1ce3b3d47e86b7c301aa1c0700dd24b164a87a41999c6fced847e8c1e2da","first_seen":"2026-03-07T09:39:32.849021Z","last_seen":"2026-03-07T09:39:32.849021Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1567,"timings":{"blocked":767,"dns":0,"connect":0,"send":0,"wait":619,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fsffbhd.4000522777.xn--fiqs8s/9acf3f15aa2f10616fcec1e9f8124088.gif?_t=1766049818","fqdn":"fsffbhd.4000522777.xn--fiqs8s","domain":"fsffbhd.4000522777.xn--fiqs8s","tld":""},"ip":{"addr":"104.26.7.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:56.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4000522777.xn--fiqs8s","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 07:30:32 GMT","end":"Sat, 09 May 2026 07:30:31 GMT"},"fingerprint":{"sha1":"FF:0F:4B:0B:66:7A:99:CF:94:C0:49:3D:85:E5:C9:86:98:B7:37:5A","sha256":"43:BD:60:69:CF:8C:1A:A9:8F:2A:45:8B:67:9B:D8:CE:5E:AD:46:40:6D:E0:09:85:5F:16:F0:2D:FD:A5:D2:8E"}}},"request":{"raw":"GET /9acf3f15aa2f10616fcec1e9f8124088.gif?_t=1766049818 HTTP/1.1\r\nHost: fsffbhd.4000522777.xn--fiqs8s\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 596432\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VpphDdHT7Xg8Y%2BsL2KktNZxIRCm%2Bj3TxnX1JhWU1MXaq9mBACD8%2FDHWJrUDnJRU0n9m4D7KAon9xaaHXI0cV51OqZv9WImcBJtpDBAcqmgUGZMsB74ZMiBk%2BjuY%3D\"}]}\r\nlast-modified: Fri, 12 Dec 2025 13:55:30 GMT\r\netag: \"693c1ed2-b42e7\"\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1954;u=4;i=?0 77885;u=5;i=?0)\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-bgj: imgq:100,h2pri\r\ncf-polished: ok, orig_size=738023\r\nvary: accept, accept-encoding\r\nage: 2926\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\ncf-ray: 9d88a150cc3295bd-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":596432,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"70e27bd33ccc423d6ca629fe1a2694a3","sha1":"8f9b122d30952f553d18eb43f1a0d8fa43616f05","sha256":"2e4d5ced9b2775a2fcf90c86296064a475d629e3abfa9bc388d4c7e58a924b5a","sha512":"ccc4192c2f2d5bfdf26a698e8c1b065b607055b3c5cff1a3a3b5bbfa8cc0b1631d7d281bf5028d596a6ffd4f757b5f362015caa1b480563f58d7f8a32c3e79b4","ssdeep":"12288:o+1WCsh1cclbxyjPvVfdwCAqlH3JbHk55dJt9uMYpNlR:oush1cobxcGOHW5J5YT","tlshash":"32c42345e8fe2db59265a33cacf61a129dd700e96cd520591c9aff633ce0a4705ecf48","first_seen":"2026-02-12T00:35:26.594188Z","last_seen":"2026-04-04T15:25:57.357303Z","times_seen":2172,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":218,"dns":181,"connect":8,"send":0,"wait":15,"receive":64,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/67b78e53d0ad6a69e8d627cf0ae86fa4.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/67b78e53d0ad6a69e8d627cf0ae86fa4.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71691\r\nlast-modified: Fri, 06 Mar 2026 03:16:29 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa470d-1180b\"\r\nexpires: Sun, 05 Apr 2026 03:33:59 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108294\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71691,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"49e6ed446951c9769d5c3b8f7e81f2ef","sha1":"2d12554146f245d8e420f013b8f9b64439f9002e","sha256":"d061441a8287abbcae91084b5d2a682bb40c9508e4f7bd17be5b5ac7d037ec2b","sha512":"169ff3e241fd952126e935e37c48f5a9acd4a579e6add2421396d18723523af7fa52480e3d1692fa787e76b83e1002fa2a57ead8ee03784e03888e13ae47ce60","ssdeep":"1536:6EojqNLf9kbNGwLhm6qB8uX5BldSKuX8sYvyL+L1dU+:6ZKLGJPdmvXXioyKpdU+","tlshash":"b16302da37e02d0de5deb29751e3b8a0420a0898df978712e5079891c45f0f7db2ba73","first_seen":"2026-03-07T09:39:32.855405Z","last_seen":"2026-03-07T09:39:32.855405Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":538,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/pPCsWEjP/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/pPCsWEjP/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 178620\r\nlast-modified: Fri, 06 Mar 2026 03:21:54 GMT\r\netag: \"69aa4852-2b9bc\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":178620,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3","md5":"1319c5100d7a9963c5a9113d3db86863","sha1":"7dc0371684bcd64bb40bfff3a77910862c67d8e9","sha256":"3e3f31608621e31ecb40dfdb0d500adf03116068042995d25dfb76a4b191c518","sha512":"3e880635f4524490814c1a4f9b9786f4bab67e13165d0a8e5380134c116a750d42dbbd0d4f08d396b902a65c9cdc8d63a922f1dc603d8e15c3afe19ae1ec19a5","ssdeep":"3072:mBr01geWxMkTC8jJ8K2qbKFNkJFJddB0HQrHSGh9ExymUEvh6vS9Wdh:iY1geWWkhJrjbANkj5B0HQryoExLvh6B","tlshash":"c60413560665f23d789a6b44d8bb215f22c4ef6b1b45730002b69a9e66dc33201f9b3f","first_seen":"2025-10-12T08:16:47.046437Z","last_seen":"2026-03-07T09:39:32.857473Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1821,"timings":{"blocked":726,"dns":0,"connect":0,"send":0,"wait":618,"receive":477,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260305-23/59ebc382e5984bbac54594de0be705b7.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260305-23/59ebc382e5984bbac54594de0be705b7.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 10900\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 03:39:43 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a8faff-2a94\"\r\nExpires: Sat, 04 Apr 2026 03:59:22 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10900,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 287x163, components 3","md5":"0a6aa516dad0554011724bd5352584fe","sha1":"b89b2cfe941934d0fc6a479470ba22ced00e85ab","sha256":"f0883fb41b14bba60aa5c9e90686d5418714bbd26a384d95eaab1cf8aa3d01c3","sha512":"7be26d0587cc37374b2c427f696a549220920bd9d0ea372fafccc7a4e9df26f36db489460b1c5dc6a24b53305e26ffae247632483c7920ac76798860dfdc7d76","ssdeep":"192:A8UnunwPyBBD0Y0kd0AxGxhTfSgD+ITtP+PKALvOE0IRmBUvyvkM:AtunBB58YB8XTagD/ExvO5An6cM","tlshash":"6222af31b375116bff788dbabc94c49ba7e0f11c894befbc55ca08429a6e9b1044970d","first_seen":"2026-03-07T09:39:32.859747Z","last_seen":"2026-03-07T09:39:32.859747Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":957,"dns":0,"connect":0,"send":0,"wait":166,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/4183327079/O1CN018KuqHz22AEs9TacwK_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/4183327079/O1CN018KuqHz22AEs9TacwK_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 403606\r\ndate: Fri, 13 Feb 2026 05:15:30 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 2ff602a017709597307166529e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de4[0,0,200-0,H], ens-cache21.l2de4[1,0], ens-cache13.se2[0,0,200-0,H], ens-cache9.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 1916605\r\nali-swift-global-savetime: 1770959730\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:15:46 GMT\r\nx-swift-cachetime: 31535984\r\nback_uri: /imgextra/i1/4183327079/O1CN018KuqHz22AEs9TacwK_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763358996401e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":403606,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d0bbd6e83f13d75dfd204a1757309ff3","sha1":"e038ef39d13d339f32a585f16bb2c65ba607093e","sha256":"9a3c716b0b97716ba8136b243a3468b50aa62cc130b43e213a54a5ba7ec584db","sha512":"43143383b5711607d3ae0f52732f519740355a23c0c4d2675828f1d6833b94e9be3f08b3fea365f4d2d38310a887306992a9ff7318f7e50128cfcc47052c9fb0","ssdeep":"6144:z+H10Njx+v7YjWPE8zi+PEoTXoSzqoSNEyzNaJG97ztF8M7zMM9e3ZXKGLSgLnZt:zo6VxLzZoTdVygU9Xz8MXe64z9t","tlshash":"c584235252134f3e81aa071ed92e5c883c6ad886d612eb23977fc875b7019dd9234eb3","first_seen":"2026-02-13T06:47:10.3791Z","last_seen":"2026-04-04T15:25:57.512951Z","times_seen":2181,"resource_available":false,"data":null}},"time_used":632,"timings":{"blocked":554,"dns":2,"connect":0,"send":0,"wait":31,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dq38rjje7qjm3.cloudfront.net/xhtd/960x120.gif","fqdn":"dq38rjje7qjm3.cloudfront.net","domain":"dq38rjje7qjm3.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.230.245.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:58.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /xhtd/960x120.gif HTTP/1.1\r\nHost: dq38rjje7qjm3.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 93540\r\nlast-modified: Thu, 11 Dec 2025 03:48:41 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 04 Mar 2026 21:07:00 GMT\r\netag: \"d17c0265bd5c40f03ea3b38db614d5fa\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: SPRSxWrHV2Re6PjT5DB3TQA1zz6jBBDQMx0YMuG2oqlpXau-2akNtQ==\r\nage: 217919\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":93540,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d17c0265bd5c40f03ea3b38db614d5fa","sha1":"86fd316dbff0105c353ce4fee261d3ffd67c18ce","sha256":"2861568da5dcad2c4d42b984f1fe980881487c41b41994d0e0783f1b574139ce","sha512":"83f8917b4b01282169bb147584c08e1195907014562a3b78d46a8209e1b817f1c1e2a53a4b566919e19d83dddee3bdbfacd55627dc9fb32b1901c921daa9da93","ssdeep":"1536:J5GRXGxtd59jNNhrDeq3zzI6ipoYDnu9/QvY1Wuqk78ks4xycnTYf2JlavtaDpv8:nGRXGxtd597Rpz0tDnc6q1RY4Ecn0kja","tlshash":"289312b791ecd5c697826c8df5e304a056069606af7cfdd71584168690feeed2ac7300","first_seen":"2025-12-12T01:02:04.573696Z","last_seen":"2026-04-04T15:25:57.496857Z","times_seen":6332,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":58,"dns":613,"connect":14,"send":0,"wait":6,"receive":3,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/vufdIsRb/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/vufdIsRb/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 155797\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:01:28 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e6d8-26095\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 6604\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VXN68K5ehVBcyPjaiKaNauHtQ89tAzntiKq%2FMZ7A1z8LOK7hEjHx067MYbfm6%2FwxnF1nh%2B3KMDDmM3qifoA7QJd%2Bjkwxf8zdT%2Bz9lVvI%2FjSuZQ%3D%3D\"}]}\r\ncf-ray: 9d88a139bed01f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155797,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"0aab14c6e824530dd3a17fb073db2630","sha1":"7d56f5493bffc2632fb34d3a3ab2f8c5d104b531","sha256":"f5868cc7fe31220657f9b4c8b592a35f3a027653cb86e697239d04469e0259a5","sha512":"de3f35157fd53a2f0e57e968f3be88b7988d8b71e24637310c43d204430cabf4f360541ef3754db719e33e4ab09e849d78e672b39c93cd617807bc567ff0de42","ssdeep":"3072:xOWyAy1vEJC1OOeW1S3IQ57VdqzJysxZvo/BDY/HB/joQ5n5/hdmvSnMy:xNRyBpXeWU5QLvo/mHp5/nmvSMy","tlshash":"34e313dbbfa265d849c3176ec80001d9abfc4a22ada7799070721f9ff5805c54bef242","first_seen":"2025-06-14T09:35:36.813014Z","last_seen":"2026-03-07T09:39:32.864645Z","times_seen":4,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/5d79655f91b9b1b40b0794cc3cd8dcc6.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/5d79655f91b9b1b40b0794cc3cd8dcc6.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11794\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:35:29 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa4b81-2e12\"\r\nExpires: Sun, 05 Apr 2026 03:57:24 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11794,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 291x165, components 3","md5":"de925377b41cdb74285c8206e1861195","sha1":"de1b0cefd44475c78cc3e03c26016cf7f069b776","sha256":"d3e33018dbfef7ddf2dfbcba43d1a4452b5a64fc605b5795d86371e2b1d0b09f","sha512":"29a2ea35a56dcfa1105a501b7e6ed2463d2981172e8a90f1f78241d8feee38c117791679a66b8518656b8d1f289dbd6d25155df00841e87ee111eb1391444c2f","ssdeep":"192:A8K/KefCH9j6MmC3WX4ySo/0+DmWpgaBSTMOJa8aCujLrhWA8hPoZC:AotyX4do/5PdBSlBaCujLrhW7Ag","tlshash":"d432bfee5209f293c9d01b37793403298b4c75fe3e65d7ecfa90aa34465ec920c861a4","first_seen":"2026-03-07T09:39:32.867605Z","last_seen":"2026-03-11T09:30:56.330574Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1032,"timings":{"blocked":844,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260305-1/6f487fa5bb8e4258c6e612427fbda0a2.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260305-1/6f487fa5bb8e4258c6e612427fbda0a2.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69675\r\nlast-modified: Thu, 05 Mar 2026 03:10:45 GMT\r\nvary: Accept-Encoding\r\netag: \"69a8f435-1102b\"\r\nexpires: Sat, 04 Apr 2026 03:41:48 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 194225\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":69675,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"42daad057d171e7475d510cc68b68890","sha1":"509a41eb621145cfba8340c34cb8cf775e6fd458","sha256":"dafa54f24bb6c4ace62202ac66b368ea2719b891c34c9eeb6fd1c6ea3223e5ce","sha512":"d464d560b846c0177a4958a167f76981cf51897bbb04809445b5940204de97c254294264bf8f1957737d47b9564359cbbdbd1e8518eb78a86c8ce4dac1f4b915","ssdeep":"1536:JhU5OOvo+Sg7CE+N1Y+SVZraHj5mgWVPS6noRgZKyOK+J:MvohUClzY+SVZr2In+jK+J","tlshash":"5263121629f1cf7a6fd8be721d7b1b6209269c094544e4fb9a37c8080da46bc3d974f8","first_seen":"2026-03-07T09:39:32.870181Z","last_seen":"2026-03-07T09:39:32.870181Z","times_seen":1,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/yinhe/960-120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.161","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:58.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /yinhe/960-120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 215880\r\ndate: Wed, 25 Feb 2026 03:20:56 GMT\r\nlast-modified: Sun, 30 Mar 2025 12:21:24 GMT\r\netag: \"c2e3bac355c689e234388104488b22e2\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1052525f0d15ecb6749de58fe7a481c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: uuaNVBYWfRHv39_piCKVO_DaPfbk6XbT6PkZLT8r19AEfCoVom43uA==\r\nage: 886683\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":215880,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"c2e3bac355c689e234388104488b22e2","sha1":"fcf87563ac96adb085897c5e4b9ba62681e5139e","sha256":"3e2c70fe6b947f60c3dd5752c94d502a3443c28f781738d2e308567ad5cd90cf","sha512":"239bc5d1df9c1aa3cb7cb72bc2c5451dbaa7dc8255bc9cc348dbe22ab5752e37a11047d421769e0228f8a645981a246d0b5af00792de9dce6a6b1f8f504cd044","ssdeep":"3072:Y8szBTXPqZiXzUBgLKsbV9UnxQCBL/YYYDSMdIok1RLp8veNVhRZ2:3OBLfzUHoexXL/YDSCIfXL/hRZ2","tlshash":"ed2422faf626c923c47eabc16370eda256f7c78471e2100657c17f5ada603a0cb9851d","first_seen":"2025-04-02T02:40:05.475958Z","last_seen":"2026-03-15T13:02:26.875639Z","times_seen":10144,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":28,"dns":72,"connect":1,"send":0,"wait":3,"receive":21,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/cn/home/web/template/026_tpl_wap/font/voltaire.woff","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:56.459Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cn/home/web/template/026_tpl_wap/font/voltaire.woff HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/cn/home/web/template/026_tpl_wap/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: font/woff\r\nContent-Length: 12272\r\nLast-Modified: Thu, 05 Aug 2021 09:59:50 GMT\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nCache-Control: public, max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12272,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 12272, version 1.1","md5":"e90f2c37f5eec773d76aa74c308b9527","sha1":"31b91804b2032e7ea462e35c99c280f4232e0b1b","sha256":"60103feb887fb33c9039f446339a21c8f3fb839ea050de3d4c12066f81151707","sha512":"0132533537f685e1e7069649b45579c465b732b3760130274a34f1e5f323bcafed86d926db500b0f202b69765d2b04919d04a977a899b45b8108143286a71746","ssdeep":"192:uBF9Vv6SCMegjHEnps3dYvC5LIPKIREChrT/QqaMrDcU+jqJbNItjxacXx25YhGv:uTLIWEps3dsC5LI1ECh3Qq3x+j6bypxM","tlshash":"b342bfa1469817d8fcbf4b3933e0125e20c33f584e297294211ee6f659bc2981ebeb11","first_seen":"2023-05-01T22:03:42Z","last_seen":"2026-03-31T15:54:33.973524Z","times_seen":631,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":151,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bfm.djyy2.beer/cn/home/web","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.182.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T09:38:51.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.djyy2.beer","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 07:48:05 GMT","end":"Wed, 20 May 2026 07:48:04 GMT"},"fingerprint":{"sha1":"BA:8C:0C:A2:F9:9A:A0:84:7B:60:25:E4:05:47:B8:99:14:9E:44:A0","sha256":"12:95:22:9C:8C:B6:C9:75:FA:4B:93:EF:F4:E1:A7:2A:17:9E:BF:D9:BF:F0:A0:5D:63:5B:BC:3E:32:21:1E:54"}}},"request":{"raw":"GET /cn/home/web HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: https://www.xzylm.com\r\ndate: Sat, 07 Mar 2026 09:38:31 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: http://bfm.djyy2.beer/cn/home/web/\r\nage: 21\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":149318,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":823,"timings":{"blocked":337,"dns":30,"connect":149,"send":0,"wait":149,"receive":0,"ssl":155},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.mdynieu.com/images/69146317ec12e29e413cb55f.gif","fqdn":"www.mdynieu.com","domain":"mdynieu.com","tld":"com"},"ip":{"addr":"161.129.35.190","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mdynieu.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 12 Dec 2025 00:00:00 GMT","end":"Thu, 12 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A0:E7:35:D4:DC:48:E4:5E:1B:FF:4B:B6:D3:6D:0D:58:B1:F6:27:29","sha256":"D2:17:69:66:D0:31:B0:DE:3F:24:F3:24:DB:38:FC:40:63:C5:36:DC:5B:B0:8F:60:02:55:7A:68:1D:EA:44:7C"}}},"request":{"raw":"GET /images/69146317ec12e29e413cb55f.gif HTTP/1.1\r\nHost: www.mdynieu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-length: 0\r\nreferrer-policy: no-referrer\r\ncache-control: max-age=600\r\nlocation: https://img.meituan.net/portalweb/27a1e3a72fece63c3ff55f2c96c993a5588276.gif\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":406836,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2420,"timings":{"blocked":1072,"dns":197,"connect":254,"send":0,"wait":255,"receive":0,"ssl":639},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/bd24757e1a21d3d4e49d3a12c2ff35ad.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/bd24757e1a21d3d4e49d3a12c2ff35ad.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 251841\r\nlast-modified: Fri, 06 Mar 2026 03:16:34 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa4712-3d7c1\"\r\nexpires: Sun, 05 Apr 2026 03:34:22 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108271\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":251841,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1344x800, components 3","md5":"06e0372fbcab4dca94f1e4baae06b619","sha1":"a9c0d37281c2f86321b248fc8dd893d8a8b5cda3","sha256":"3ae76f9daf4b7417f465e5f04c453e395b850a4e57f72c6089eb7f5fe299aa02","sha512":"eef224c96f0737ec4646cf48e7a3bcd64d15e517eb75e7e83bc018ec0a92d81838b8f394ee79c79bb2a1bb4b60bee93d76ffc72134c1fe8203678298e4692ab0","ssdeep":"6144:7LX+hNDZt/sZ4fGR7crHVPjt59+oNk2zeqPFVcwfA2+ucuRgMBefBk:70bEuGRUHVPjt59+ogEFV2nBk","tlshash":"003422709f18ed72852da0d561388825df81432de7a0651c818cfc19fbcded9ade1f69","first_seen":"2026-03-07T09:39:32.873478Z","last_seen":"2026-03-07T09:39:32.873478Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1142,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":639,"receive":475,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/LdC6nSYE/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/LdC6nSYE/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 142663\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:00:59 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e6bb-22d47\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2856\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cnsLQrp%2FD3ns34%2BptLvPR%2FfNWSFvVhJF8puTSmyP6jJX6Q2ZPF33yjNKW%2FdpAvHQCDheXkJPSDixQVZ8kkygXYHGywiT5D3q3X5u1JIEtzY6%2Fg%3D%3D\"}]}\r\ncf-ray: 9d88a139beae1f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142663,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"20c97acba8061a7832af73b7ff81342d","sha1":"59e036fe02a87e6414167c383638fc5782c5e92e","sha256":"dd122fd363027658b10c1a2e8e5d6dbfe94bfb2b7d108f4007182dfa46e21846","sha512":"dd6776a7e3c7132ece10b168dc7c19ecee97224c4994597ae73ffacd37412210fd917f577fe004490c0e353301b69e098c0624379e5144d59aee61f02c36380a","ssdeep":"3072:rYgBmUold3j/945hRAGqZelhAZJd5unBCZfuyXxVpAWupE9znxT:rYvUkz/9mGYoJkBC9uyXx+pELT","tlshash":"d2d312c40ab0615b3f5d134838ab6406e79b5f32927075d8c9f883a3e792e647eb7128","first_seen":"2024-08-29T17:39:59.264006Z","last_seen":"2026-03-07T09:39:32.875108Z","times_seen":2,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/O1CN01NVNrIJ1rGgfwg3qhu_!!2216598935604-1-fleamarket.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/O1CN01NVNrIJ1rGgfwg3qhu_!!2216598935604-1-fleamarket.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 343870\r\ndate: Tue, 24 Feb 2026 09:21:16 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 9b66a79b17719248762374431e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache25.l2de4[0,0,200-0,H], ens-cache37.l2de4[1,0], ens-cache17.se2[0,0,200-0,H], ens-cache9.se2[4,0]\r\naccess-control-allow-origin: *\r\nage: 951459\r\nali-swift-global-savetime: 1771924876\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 24 Feb 2026 09:25:39 GMT\r\nx-swift-cachetime: 31535737\r\nback_uri: /imgextra/i2/O1CN01NVNrIJ1rGgfwg3qhu_!!2216598935604-1-fleamarket.gif_.avif\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763359206415e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":343870,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"238239bf4773f01ca956b4660db9fc08","sha1":"b16e1c73e5b4baa750f587eb54dfcbeac7f53a13","sha256":"3ef3e2cdea8b61bd88b40faf96f6b6c2dfc326104b04ee58f1f4b1798dfb7668","sha512":"97df4878d6567c54a0bce399d2b9b59d132f45b59c839c3d0968a623d6cd2f476c06006d77bf2905e8d6a1ab28709193c01fb384630c08f0508950ea126d8dd4","ssdeep":"6144:skDFXvr1efkuVrBSJVEL0KLIN/odsqTwtZfV0KLkbMHjnFf5n1QL9CFMEk9V1:ssF/r1dudB2EYKW/o+qTAJCKobMpxn1I","tlshash":"3c7423fe483949d4316b3e6518376eff00e8fe29125962567dffb4e270c482c119b6a2","first_seen":"2026-02-24T09:59:59.873572Z","last_seen":"2026-03-15T07:53:53.560019Z","times_seen":1004,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":5,"dns":526,"connect":21,"send":0,"wait":74,"receive":8,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/abc/data_5652af.json","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.075Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /abc/data_5652af.json HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nDate: Sat, 07 Mar 2026 09:35:44 GMT\r\nContent-Type: application/json; charset=utf-8\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=300\r\nAge: 190\r\nContent-Length: 9708\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9708,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"54ee05252a651a17160d55a1aedd0e94","sha1":"fd552a5bc7f134da40ad70372971310e2bee1c73","sha256":"e8536249f1ddb652b3df1be453974b9efa440d7341f959d2fceea2f37705a013","sha512":"2a8f533872fa2815367c9fa53eb1c6a76ad2ae5a256ebef8f9c9b0c5d1aac3836874b7077bb60ff9f9cc352276eb21657b033dadeac7aee61cedb2e9eaf38348","ssdeep":"96:fFKqW7S7oVcvXcv0m0hffPOcPFPXTPXXWGHOQjQvMI1Mm7hhMqfzQOdIQZvdkjCs:f47Lc/c8Jf7ztNEvn8OfWrwlSfvj4Y","tlshash":"c5127ab737f9697cfab452c55b0a7f69578d3027884c938727cdec3484b81aa220b463","first_seen":"2026-03-07T09:31:57.693427Z","last_seen":"2026-03-07T10:28:21.090913Z","times_seen":4,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/favicon.ico","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:58.101Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: https://www.xzylm.com\r\nContent-Type: image/x-icon\r\nContent-Length: 16958\r\nLast-Modified: Fri, 01 Nov 2019 04:21:54 GMT\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nCache-Control: public, max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"261c621b4bec804b4894c8bc9c80c738","sha1":"fe3c851ff2b6e13138b8e929ddfa235d5a87fc65","sha256":"45dad7a2c04b9495af2b64c3b9566e62ebeb8ab7a02c64355a7639bfe3daee1d","sha512":"706aad89ee8dc98cd132c7157df66de6458ede5a06c151c73f035b1c64cc4068eb218b835659ef1cb2ed5314a6072591e048d0e7bb1728c9d03155965171efba","ssdeep":"96:BxZNC08i+n2AA0Ne3UqIidmUjO1gev8wdXowJRdMUara2M:BxsnyUOqiduvTdrJRu9M","tlshash":"c7729c3faccfb5d6f14c01bada7aaa91303a05d87e64411e6d353e99f86a2371e6410c","first_seen":"2025-06-24T19:15:59.035251Z","last_seen":"2026-03-22T06:42:15.65982Z","times_seen":191,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/84b87666d9ac3d7c60cb8aa4138c190a.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/84b87666d9ac3d7c60cb8aa4138c190a.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 133369\r\nlast-modified: Fri, 06 Mar 2026 03:15:52 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa46e8-208f9\"\r\nexpires: Sun, 05 Apr 2026 03:34:02 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108291\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":133369,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x538, components 3","md5":"8be79ef0eb6f22ad0cb13f9d425e7447","sha1":"35d00169b1a2d1bff26b1c8bb61d8c5854f3e427","sha256":"e2ae25a8afef92f705edc64e8fa0a32dafa31f46058d1a6ccf5ae8c3b2eed570","sha512":"f21f56e8ccfc7c723cba4a2c35dfad6c625e8fe5c465cff6789bc7cbf4b874af17349a7bd4271417d61da5266e1f4f03e71f477b824500be0534e5b545dad5d6","ssdeep":"3072:dooSlkTNMDQvU6U1ynwrACBmcsc8eM/WqUCdJsGM77fUdfoA/HoVfk2A5/KB:lpMMvU6bnwrzmcsc8Vd8vfUBoig65CB","tlshash":"27d312aec15ebb12510a4363e0032078a77cbcbb65612af9e54e1c2e367c7d87b49357","first_seen":"2026-03-07T09:39:32.880688Z","last_seen":"2026-03-07T09:39:32.880688Z","times_seen":1,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":356,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bfm.djyy2.beer/000/flink/analytics.php","fqdn":"bfm.djyy2.beer","domain":"djyy2.beer","tld":"beer"},"ip":{"addr":"154.26.180.150","port":80,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.075Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /000/flink/analytics.php HTTP/1.1\r\nHost: bfm.djyy2.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://bfm.djyy2.beer/cn/home/web/\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: http://bfm.djyy2.beer\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"referrer="}},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: https://www.xzylm.com\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nAge: 0\r\nConnection: keep-alive\r\nVia: http/1.1 traffic_server (https://www.xzylm.com [cMs f ])\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/dc42d11ce7f8f73581858cd328b63d13.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/dc42d11ce7f8f73581858cd328b63d13.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 130103\r\nlast-modified: Fri, 06 Mar 2026 03:15:32 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa46d4-1fc37\"\r\nexpires: Sun, 05 Apr 2026 03:36:36 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108137\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":130103,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x537, components 3","md5":"7d19d2e08a112aaa667132cf6da8f155","sha1":"5fefa60aefac81ce497a73cd48bffcd20b61d654","sha256":"ef9d44ec252ca6efc441792dfb9268c20733658a3363810982a415a010c481d3","sha512":"3df93f7c846acc672b2834909b8c145f2c26c3cb73102816c469537cc2fbd2178233f3cad01a687cbc7b528bbcb601a991d363747bc815241df6d4e4488b1bfa","ssdeep":"3072:TfnakLY0fKgEO8nhtlezb6B3jJ7833TtOqasOApHoeHkK:zYWKlTnJeGOjt5asFX","tlshash":"00d312243a1139efd99ea2b14e442d4d3da376b8655d1e4c2631d90cb317af369ecc2c","first_seen":"2026-03-07T09:39:32.882503Z","last_seen":"2026-03-07T09:39:32.882503Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":628,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/846-960x60.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /846-960x60.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221348,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1560,"timings":{"blocked":173,"dns":309,"connect":294,"send":0,"wait":427,"receive":0,"ssl":354},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260304-22/c51e983241c2177f9c6c7eb8e03dc2fd.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260304-22/c51e983241c2177f9c6c7eb8e03dc2fd.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 48201\r\nConnection: keep-alive\r\nLast-Modified: Wed, 04 Mar 2026 03:10:52 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a7a2bc-bc49\"\r\nExpires: Fri, 03 Apr 2026 03:23:10 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48201,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=美图秀秀], baseline, precision 8, 600x337, components 3","md5":"cf244db0ae40185ef95380a4f2f5b0ab","sha1":"55294732890eafef634dfd81f41ffbf73cb53408","sha256":"9ba60dadf3838ec2dffa27c2bdba0785320fc9938bffaa1488aa4a00898b1922","sha512":"1fb47f10809a139432a2f12fe7fd98d727a33f388a525a17e34cffcb5d88197c751f813388dc23c894c896e2a890c3476858aedf18c1f5a92c94a1b6c96b1e39","ssdeep":"768:NoEDEl6popsqdymce51FYgL0iiLAqGu/7fHYesmqllrJhgebSZ0+hb9PjDXkm4jk:NompoEyFD7iLAi7xWlr7ge2Z0eLrkmVB","tlshash":"dd23f1b1f48a2756af556d3bbc086f8e81116c68d0d42479a06592b0564cbe3c9f63f3","first_seen":"2025-11-20T15:31:34.785798Z","last_seen":"2026-03-07T09:39:32.884672Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1041,"timings":{"blocked":820,"dns":0,"connect":0,"send":0,"wait":188,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/4FE6YMJZ/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/4FE6YMJZ/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 163791\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:01:14 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e6ca-27fcf\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 3261\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LLFn%2B%2FlY%2FWWcon74wE8nj7zcgMvg8KJVHsNZUiA2%2BSOZQUPa3DE6ZqhiXK%2FZXJY5q%2FxOHDLFxuSmGeq4eugXXKCePfZK3ViBbFC6%2FSBTepgk3Q%3D%3D\"}]}\r\ncf-ray: 9d88a139beb61f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":163791,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3","md5":"79967788ed58349e05d571eb250f6fa1","sha1":"292cf13f085c8644bc230c1e6e5255b4b21c96d6","sha256":"e662638195b2852d90321e1dd425bee4ff4659152733cbb07d56e0ff08c89588","sha512":"ed5110f42c8e7d58bb46d9e52cb592c573c9c32095dec339961f32e61ef5e9f4ee4ed2eecbf0081326bd90b2f5b566e8740dbeb3ee587ef21e513807ee59c387","ssdeep":"3072:/T+cmRO4ENM6KxliUnI0TVJVzHtKFagQB3WAxsOcZho+4Qbs:L+c14r5z1bJ7gQRWAMZjNbs","tlshash":"abf313ce4b799f41370eb809ef06520318f0ab14e4e556085b6b9ea9c3cb5cde61d2a7","first_seen":"2026-03-07T09:39:32.886847Z","last_seen":"2026-03-07T09:39:32.886847Z","times_seen":1,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/7b3902102aebc27cf4c719d66fc5c69a.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/7b3902102aebc27cf4c719d66fc5c69a.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 77911\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:22:02 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa485a-13057\"\r\nExpires: Sun, 05 Apr 2026 03:57:42 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77911,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"61632f451c092c8b2ac8039c24efc9a5","sha1":"ed89bcf1dc4ce23ffb15d1141431c48bf07a7bcb","sha256":"d5822c856ca168694b8798644f5e014412b50a21041b38e6057acfe20fcdada6","sha512":"215e865be1dd97d3e7fd3b52f187234861e68a8fa6924a6a5863a9e82d83501ac2e98f85d5ab53b4f46ebb3d46dc1c41d71d51b316414d8d16e35dd3bbb32ac3","ssdeep":"1536:5ml9Surna2pOiUNArME/poYPoLZxLiMUTd7i9R5GQbWMMzp64WXZn:Iz5na2pOiGE/poYALZxLS57iR5GQCMDX","tlshash":"037302305d976174ea0c6fb253045da65202cafbf4886e4a992e2cecb694e73c0568f7","first_seen":"2025-11-15T12:18:55.82987Z","last_seen":"2026-03-07T09:39:32.889193Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1422,"timings":{"blocked":-1,"dns":1,"connect":145,"send":0,"wait":198,"receive":270,"ssl":808},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260304-22/b142d71cc2f429ac2f9aac370c9bd422.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260304-22/b142d71cc2f429ac2f9aac370c9bd422.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 98821\r\nConnection: keep-alive\r\nLast-Modified: Wed, 04 Mar 2026 03:11:29 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a7a2e1-18205\"\r\nExpires: Fri, 03 Apr 2026 03:21:50 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98821,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=美图秀秀], baseline, precision 8, 600x337, components 3","md5":"9a953276db6063f5054bd4f16302bac2","sha1":"72c0b9e066d9026a150ea96bf3387945027087b7","sha256":"a81a6a9ab7748d6a7e2a90c54d12601f3c557c33d35a7cd048e162da358a138d","sha512":"34febf7a7f38c68b635c2d920ad84ae521483c24bd935b8aeb2a96218c6cafbdedb7f600b31865e283fbcacf838b56ae069d3cc453f8b9cbe92cc740cd12d063","ssdeep":"3072:b0xOslRiGKilC4t7w+2S0BZgSKo2IFtTEzViMcxCAce:owslUGC4tkLDga2IFtTEAMc4Ace","tlshash":"e8a302a8dd569630961e433dc0e7d8e154a21ff87efe6e1d24939a0de5d9320e290dc8","first_seen":"2025-11-15T00:36:56.393439Z","last_seen":"2026-03-07T09:39:32.892295Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2289,"timings":{"blocked":803,"dns":0,"connect":148,"send":0,"wait":200,"receive":324,"ssl":813},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1212.syhze.com/8888/mbh/960x120.gif","fqdn":"img1212.syhze.com","domain":"syhze.com","tld":"com"},"ip":{"addr":"205.198.65.15","port":443,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1212.syhze.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 05:10:16 GMT","end":"Thu, 21 May 2026 05:10:15 GMT"},"fingerprint":{"sha1":"0E:AF:BB:57:33:D9:8E:52:FC:E0:72:FB:99:E6:06:AE:75:3F:77:CD","sha256":"73:97:CE:47:3B:96:59:73:01:A9:E5:B5:E4:AA:29:99:2E:75:1A:0E:52:57:08:31:66:51:91:6E:D4:8A:EC:94"}}},"request":{"raw":"GET /8888/mbh/960x120.gif HTTP/1.1\r\nHost: img1212.syhze.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 496600\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Fri, 30 Jan 2026 13:22:20 GMT\r\netag: \"697cb08c-793d8\"\r\nexpires: Mon, 06 Apr 2026 05:15:23 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1728000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":496600,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"98f1aab916043713d1744086a4aac70d","sha1":"abbc50f57afaea6090ffec73c53bc824926db831","sha256":"4bcfe3c6ff3dcd160bd51a92164046ed60b025895dc6affc06db0d6d88b77259","sha512":"50aded0afad0a2f06bc9b5dd4ba767e64e5cf59b627ee62ce66bf3a769b0fddfa7533cb591e0ad6dfd3be42afa77d37181ea9fd7dac487946081ee0f24e837f0","ssdeep":"6144:9G4QxSTTMRTTMRTTMRfE3O4+g2CjZnFaYG/eFVVL:E0T4RT4RT4RyO4fFZFaL/Q","tlshash":"c3b423ec487fcd5dc8b22c2c3143023349a2b17879df88626793b9d7e5d6b196a82d35","first_seen":"2026-01-31T02:19:27.411392Z","last_seen":"2026-04-04T15:25:57.371862Z","times_seen":2803,"resource_available":false,"data":null}},"time_used":2615,"timings":{"blocked":17,"dns":324,"connect":253,"send":0,"wait":505,"receive":1254,"ssl":261},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.meituan.net/portalweb/27a1e3a72fece63c3ff55f2c96c993a5588276.gif","fqdn":"img.meituan.net","domain":"meituan.net","tld":"net"},"ip":{"addr":"163.171.134.109","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:56.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meituan.net","organization":"北京三快科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 03 Jun 2025 10:52:10 GMT","end":"Sat, 27 Jun 2026 07:00:02 GMT"},"fingerprint":{"sha1":"0C:29:B8:8B:74:6A:6C:C5:4B:6B:8C:7E:F5:C5:E8:A7:B1:26:B8:CB","sha256":"40:B3:D3:3A:FB:0A:FF:94:27:86:35:5E:B7:62:00:AE:DE:30:88:34:15:60:5F:60:9F:C0:E2:9D:2E:BB:5C:83"}}},"request":{"raw":"GET /portalweb/27a1e3a72fece63c3ff55f2c96c993a5588276.gif HTTP/1.1\r\nHost: img.meituan.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 406836\r\nserver: openresty\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,OPTIONS,HEAD\r\naccess-control-allow-private-network: true\r\ncache-control: max-age=5184000\r\nm-traceid: stnbw2foodf7203m9zij\r\nlast-modified: Fri, 05 Dec 2025 07:15:26 +0000\r\ntiming-allow-origin: *\r\nx-via: 1.1 PS-HKG-04JZz35:6 (Cdn Cache Server V2.0), 0.0 PSrdsdgemSTO1sw92:7 (Cdn Cache Server V2.0)\r\nx-response-cache: edge_hit\r\nage: 1\r\nx-cache: HIT from cache.51cdn.com\r\nx-ws-request-id: 69abf230_PSrdsdgemSTO1sw92_15701-37876\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":406836,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"34578e43aadd0f0be311cfc623f3391e","sha1":"895f4361fbcd073db0535c831ba4424822b131a9","sha256":"b762e8d34521fe2e17fbbf032cc05edb46f8b217bbcf7bf030c6b98a50d66760","sha512":"a9cfe1c1e668f7de244195d0b606c8adeaad8f2a940629a72c1d552b6c238797219dc0e05fa423bec6fb3580686e402e4f352b2f1983b04e48b03642dc445cdd","ssdeep":"12288:v1HhfMhcKYspUXuT184HQIOO+EP/WvWG7/:dBfI/dwIIEWvWG7/","tlshash":"448423aadb664e34d5904c2fc1fb890fc4c476e9e3f716e69b36a9098bf7253448e040","first_seen":"2025-11-06T09:50:46.694344Z","last_seen":"2026-04-04T13:29:05.000019Z","times_seen":6868,"resource_available":false,"data":null}},"time_used":475,"timings":{"blocked":190,"dns":94,"connect":22,"send":0,"wait":23,"receive":74,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:57.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 221348\r\ndate: Thu, 13 Nov 2025 10:05:50 GMT\r\nlast-modified: Thu, 13 Nov 2025 09:36:51 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.107\r\ntraceid: a3b5f39617630283506058409e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de3[0,0,200-0,H], ens-cache15.l2de3[1,0], ens-cache20.se2[0,0,200-0,H], ens-cache9.se2[3,0]\r\naccess-control-allow-origin: *\r\nage: 9847987\r\nali-swift-global-savetime: 1763028350\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 13 Nov 2025 18:03:30 GMT\r\nx-swift-cachetime: 31507340\r\nback_uri: /imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif_.avif\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763370067223e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":221348,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"91a4c6f090426e12424905e992711b10","sha1":"a2cb6864351065d53d1c4c502877adfd11103e4a","sha256":"88584290d770ecec2239e81884a8bf52306a473d03aafbdb9a359555e3b9c439","sha512":"ce208676f2178d6a9c8498f495422167058647fabfe812391f392ada0df7088434bd33a8a718c4d24a53c7b9c77af94d83faf3815f6364c76d203f97fe9cdb36","ssdeep":"6144:k/sj3j3iWwPIu/wQFxkt8gRZI1ZpLugfoi:k/sjz3iVIgwUgRS7VffX","tlshash":"6124137ee1c01f226e0522e9a7b8bf1b05b55487ed84a47729bdf9d6c7482b3e7601c0","first_seen":"2025-10-14T12:40:30.101425Z","last_seen":"2026-04-04T15:25:57.275219Z","times_seen":8636,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260306-1/e8f0f0bc51b16a23afd8808848cbc769.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260306-1/e8f0f0bc51b16a23afd8808848cbc769.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48465\r\nlast-modified: Fri, 06 Mar 2026 03:16:29 GMT\r\nvary: Accept-Encoding\r\netag: \"69aa470d-bd51\"\r\nexpires: Sun, 05 Apr 2026 03:33:59 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 108294\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48465,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"8ecdf8c1afaf01b50aa4add5196265fe","sha1":"78f9344a8d50c9b3cab4ccd6a5e8cd4cd7d8b4bf","sha256":"ef89d81c9dacb4ff6b832da472b9c6fdd99da900061d30149b28cc3736c889ab","sha512":"07f99f0eac91a25a6380e7194473b27a3253d73ba55b9cdf7510976489025ee4bd066e1d31d4d0afcf55140f6c0608cf88fa04281206427842f1115b1dce7685","ssdeep":"768:BDhf1MsbAkn24/BanfirEm46ZdBu/BzRQDBG+H+fqOhmfViZr6bBZHrSTqu9O02O:px1M634NHgNqmfV4iJrdT02f2","tlshash":"e7230247fbf3185508d446dfb3b2a95a09852c0eb3dbd94090ab9f68d723982f2bcc15","first_seen":"2026-03-07T09:39:32.898424Z","last_seen":"2026-03-07T09:39:32.898424Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1236,"timings":{"blocked":118,"dns":0,"connect":0,"send":0,"wait":639,"receive":479,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/dpMEZLra/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/dpMEZLra/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 362458\r\nlast-modified: Fri, 06 Mar 2026 03:21:33 GMT\r\netag: \"69aa483d-587da\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":362458,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1073, components 3","md5":"c8e6da48d1c0f01d7742c00abba07edd","sha1":"d1380adfef2951c9215dae154f464098cdf21c7b","sha256":"e26b6af6699220fe7be9aa390dfe6f0b14681344f36216f02c6b2751eda24774","sha512":"95510e03e67c92b9297722cb99445b5e064b4101f0b578a6b41f2be09eb65d2e13bac4bc0d646e89391cc1ba7d403193baa28ea6b4f21eb7503c49524374949e","ssdeep":"6144:hQiyAE7JDmncMzrNcu7kXznsohTj6bBTV5SK77TaEhEH2lhoj6kUSpXHo1ni3A:WiyAEh3YpcYsnsNBJ5SMPwHmhoj6FSpq","tlshash":"1574233466e0dc97d0adbeb0139c2080343b8f1793756a9f51da6880fef9a55da0a376","first_seen":"2026-03-07T05:06:16.946551Z","last_seen":"2026-03-07T09:39:32.900777Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2408,"timings":{"blocked":391,"dns":0,"connect":147,"send":0,"wait":545,"receive":521,"ssl":803},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260304-1/14b1a316d6b283d2d9ea46c5cfbfc20b.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260304-1/14b1a316d6b283d2d9ea46c5cfbfc20b.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 61279\r\nlast-modified: Wed, 04 Mar 2026 03:04:22 GMT\r\nvary: Accept-Encoding\r\netag: \"69a7a136-ef5f\"\r\nexpires: Fri, 03 Apr 2026 03:30:49 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 281284\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61279,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"71560bdc49195eb7f5ac9f465bf25f83","sha1":"abdc18325384ef75eab61da82ce03b0008b3c238","sha256":"744eaea25373bedcc2a3a1214c9a13fc7e2a0cbab40f24ec44cbf2499c2b0893","sha512":"cb1683b1f4f8a3e4b2d301ff20112ccba44560cb57d99c10ca8f7e2e14033e369cc8e76646bfa5b3ef5cfad04e48924d98233c6553a93b33f1e464dd69bf0812","ssdeep":"1536:UdmbWHLYjFaSdauooVUjkXI1MJ2Hql4JG5rGPPE1yF4R:akWyF1aelXD4458Pi","tlshash":"1f530272b81a2f15d97ee105a87ec5d27e0e1ed1901ed725b0f6e72703c22f845a2ed2","first_seen":"2026-03-07T09:39:32.902393Z","last_seen":"2026-03-07T09:39:32.902393Z","times_seen":1,"resource_available":false,"data":null}},"time_used":941,"timings":{"blocked":239,"dns":0,"connect":0,"send":0,"wait":620,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"11221.xn--gps-8y0gm25n.xn--55qx5d/d/11221?_t=1766049818","fqdn":"11221.xn--gps-8y0gm25n.xn--55qx5d","domain":"11221.xn--gps-8y0gm25n.xn--55qx5d","tld":""},"ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.xn--gps-8y0gm25n.xn--55qx5d","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 14:22:13 GMT","end":"Tue, 07 Apr 2026 14:22:12 GMT"},"fingerprint":{"sha1":"01:F6:A8:64:D2:BF:90:49:78:62:32:E0:6F:0D:E9:33:66:39:30:EF","sha256":"5D:E4:BC:B9:AE:B1:76:CF:D1:39:B2:34:04:CA:CA:2F:97:94:D8:E3:B1:2D:D1:41:C3:4B:27:0D:1C:BF:03:26"}}},"request":{"raw":"GET /d/11221?_t=1766049818 HTTP/1.1\r\nHost: 11221.xn--gps-8y0gm25n.xn--55qx5d\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 145\r\nlocation: https://fsffbhd.4000522777.xn--fiqs8s/9acf3f15aa2f10616fcec1e9f8124088.gif?_t=1766049818\r\ncache-control: public, max-age=900\r\nexpires: Saturday, 07-Mar-2026 09:38:56 GMT\r\nstrict-transport-security: max-age=31536000\r\nx-via-jsl: c67fab6,-\r\nset-cookie: __jsluid_s=f54aa63259d2d82e1dfe3dcb97b2650a; max-age=31536000; path=/; HttpOnly; SameSite=None; secure\r\nx-cache: miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":596432,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1180,"timings":{"blocked":91,"dns":408,"connect":190,"send":0,"wait":291,"receive":0,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aosikazyy.com/20260305/hAF2N1Yu/1.jpg","fqdn":"aosikazyy.com","domain":"aosikazyy.com","tld":"com"},"ip":{"addr":"64.112.78.71","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aosikazyy.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 27 Jan 2026 05:36:13 GMT","end":"Fri, 26 Feb 2027 05:36:12 GMT"},"fingerprint":{"sha1":"46:07:BD:26:C4:2F:43:47:7D:0B:DA:7D:56:AF:C0:48:AA:4B:A9:E4","sha256":"53:B2:F8:51:E2:31:14:5B:CB:D8:05:AC:D2:8C:38:EA:8C:4D:49:6E:8F:6F:EE:15:41:AC:AF:06:08:F5:64:1C"}}},"request":{"raw":"GET /20260305/hAF2N1Yu/1.jpg HTTP/1.1\r\nHost: aosikazyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 09:38:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 166886\r\nlast-modified: Fri, 06 Mar 2026 03:22:19 GMT\r\netag: \"69aa486b-28be6\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":166886,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x900, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4d46d779e7cfa5dc1e9d17eb58c991b5","sha1":"1fb1b4092d0cdaeb27c87bcb1ed1300aa1a872dd","sha256":"8cb3590f383af95d7c0ae82946c37bc6477030714b9a6d48f433f714565e45bc","sha512":"65c466abaa5a57740146158e3bdb44d1fa648c04b85618d715e4da2f3c3e8b737b774fc0f4bf883f9f75d6babe42f8d92b42089d79d7c4c33b4da142d5349cde","ssdeep":"3072:ysVTu3nlmcyYdrkJTisVFyxBb76iEdw7siDzy9qdicGRZqIE:y4y3lmctdrkJ+Xz7siD2946RQL","tlshash":"22f3121279fdb25708a9ab7f9d4d2fb9ba29411fc9bebfd2bd905103c10d07586209a0","first_seen":"2026-03-07T09:39:32.90453Z","last_seen":"2026-03-07T09:39:32.90453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1841,"timings":{"blocked":751,"dns":0,"connect":0,"send":0,"wait":618,"receive":472,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260305-22/965dbc1de3dd757379a24c618c31de6a.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260305-22/965dbc1de3dd757379a24c618c31de6a.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 86726\r\nConnection: keep-alive\r\nLast-Modified: Thu, 05 Mar 2026 03:27:53 GMT\r\nVary: Accept-Encoding\r\nETag: \"69a8f839-152c6\"\r\nExpires: Sat, 04 Apr 2026 03:42:58 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86726,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=美图秀秀], baseline, precision 8, 600x337, components 3","md5":"694b79f0da911027c4892e8eb5a54fbc","sha1":"ec0f86b0d4e529af22b593ec8fd94e8309703f66","sha256":"07391702fd0c28ebcd9125c69aaba13ad54096bc8f726bf3a5adb2976c288177","sha512":"3939dc127cacba44e383b968a43fc284eb1e95bb6cf3bcd678ffb26005e36d241a18ad8c5f2e1d4d10d85071996d9cfad6b38a1d650cc9076c494a3ffd627167","ssdeep":"1536:KNgnII/OnxzPkpMoc9TM98bFQw2KcCDmARWxw8FJOWqw7URkkOqcJmGkhwI6H67u:TnKMqoARbFQvKc2bRgEWD7eVOqcc6FOu","tlshash":"4c8302e0380825dc46fd3921b3d3f4071eaa4a38d445de5c4275a692fee4a93eea44fc","first_seen":"2026-03-07T09:39:32.906854Z","last_seen":"2026-03-07T09:39:32.906854Z","times_seen":1,"resource_available":false,"data":null}},"time_used":823,"timings":{"blocked":318,"dns":0,"connect":0,"send":0,"wait":198,"receive":307,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/c7b53c1302834be640cd8a6d2bebe670.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/c7b53c1302834be640cd8a6d2bebe670.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 662453\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:20:04 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa47e4-a1bb5\"\r\nExpires: Sun, 05 Apr 2026 03:44:05 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":662453,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 600, 8-bit/color RGBA, non-interlaced","md5":"804ddc75c3a79f73a54cdd64b37568ea","sha1":"f513353f4a89af25a7b85a807f5a2f1a183e4073","sha256":"855e6e9926602cbbf300cdddf9acc27abbcf826510dd859668d95e15de972a6c","sha512":"8d726cb4fa8f4543e162c0bcbecc06e77c14c627866625a84f9efcb06cb6719625a779ec86141f7d3c2d13b0b51023a315ef3aced7a45c34e8ac3b988efa85ff","ssdeep":"12288:UwbbukzwbcESthTJdcr43xgvwveEWoQBtB4U9GHRFIIv+izrUkuTVXxq4W:4WwgEMJda4GMBWhbXcHRZvZXs32","tlshash":"16e4335395fd3774ca8e99f030056900b1a0ca91eb74866884bff5b18369d56fd3c787","first_seen":"2025-11-15T12:05:28.620883Z","last_seen":"2026-03-07T09:39:32.909013Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3921,"timings":{"blocked":674,"dns":1,"connect":149,"send":0,"wait":191,"receive":1650,"ssl":1251},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/O1CN01vSQFbP1rGgfuXaTU7_!!2216598935604-1-fleamarket.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/O1CN01vSQFbP1rGgfuXaTU7_!!2216598935604-1-fleamarket.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 303863\r\ndate: Tue, 24 Feb 2026 09:21:40 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 9b66a79b17719248998917462e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache28.l2de4[0,0,200-0,H], ens-cache22.l2de4[4,0], ens-cache3.se2[0,0,200-0,H], ens-cache9.se2[1,0]\r\naccess-control-allow-origin: *\r\nage: 951435\r\nali-swift-global-savetime: 1771924900\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 24 Feb 2026 09:25:40 GMT\r\nx-swift-cachetime: 31535760\r\nback_uri: /imgextra/i2/O1CN01vSQFbP1rGgfuXaTU7_!!2216598935604-1-fleamarket.gif_.avif\r\nvary: Accept\r\ns-rt: 1\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763359236418e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":303863,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"de72cd3f9bb03e02f5ed7c191fc47e25","sha1":"1f1da79e3ea10cc974149b4fd61236d7aaf0cbba","sha256":"88bc662ac1dc810b16d8c81e024975ec22af3497c510036158f5799da1b4b874","sha512":"be2488a9b17fc4ac4ca2e24177ed9bd673b6514929df0344fa626af305073862d30fa0bfcb290f4b09984e51dd7790dc6af53ace8b9e68a936771f982b7d3da7","ssdeep":"6144:0yBudqBvMzajcmhzfOmZIJ6MLkrN78j6Z8BdaAR50OsE8uZr:1B4qBvRjcmhCSI8ZS6CR50OsEhB","tlshash":"0254232e919b11304cd6a6383d7e66f700f6dc7509a143125dfba6cda4979bc2ce8ca1","first_seen":"2026-02-24T09:59:59.817588Z","last_seen":"2026-03-15T07:53:53.563962Z","times_seen":1005,"resource_available":false,"data":null}},"time_used":744,"timings":{"blocked":615,"dns":0,"connect":0,"send":0,"wait":82,"receive":6,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/tyctyc388-960x120.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /tyctyc388-960x120.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71518,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1422,"timings":{"blocked":72,"dns":424,"connect":278,"send":0,"wait":278,"receive":0,"ssl":370},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/mqX2MW2x/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/mqX2MW2x/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 161165\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:02:09 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e701-2758d\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 5338\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HKayCcGSwbbp0KbPD3WJ0CpaCuT2LxdCN%2Fj5AmVwnwS0K4b66LuXg2imN8RR%2FgsokaUfpLeqDp16CcLC7FlLKkoxzKlK1C%2FjtWzwoC1wXCv4UQ%3D%3D\"}]}\r\ncf-ray: 9d88a139beaa1f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":161165,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"94d83ec13a1ad644692e1ff5e12bb439","sha1":"26772a7b1a412eaaba4db2c9bf72c64e51190556","sha256":"69df361424b88ac1d8d986d4b6a82e9621479b28f6f931a81fd5b44b7b4247df","sha512":"5e4ba0300fb9f9ae240cdfd4925a9cd9352ac0aa90c7749d488d868239e464f35644909308063cd7c635fe58c8a6e8305c7f0c80f098cbb46091d1e2011666d8","ssdeep":"3072:b8vRcovZRzlIH8eR+BQpGKDsDISkbcJ03udiFkyFwW5xsY:Iv6ovZRmcyveISkbcC+dipwoxN","tlshash":"def31279b0e8006d0b916d3fde9c09636d2dae6333593ba643c6145e94e3f8462bf439","first_seen":"2026-03-07T09:39:32.911756Z","last_seen":"2026-03-07T09:39:32.911756Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":2,"connect":8,"send":0,"wait":14,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260304-1/27a62b0809961d028c1d6a2e76e602aa.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260304-1/27a62b0809961d028c1d6a2e76e602aa.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 117003\r\nlast-modified: Wed, 04 Mar 2026 03:05:09 GMT\r\nvary: Accept-Encoding\r\netag: \"69a7a165-1c90b\"\r\nexpires: Fri, 03 Apr 2026 03:26:48 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 281525\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117003,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 718 x 404, 8-bit colormap, non-interlaced","md5":"63d97228e94cbeda1ac6883577d9be83","sha1":"dc452cbcb60f6ca34b68504c638bf999cdb92c67","sha256":"c427c02440757d08ae8ac84c535d596fa9366345d9424bb00266c45341276855","sha512":"8a173ee1d516215072506ab39501a5c2e3fc4dded2dae6f3ac9f1d8182da2ef0925cfb8adbe6e5e698198883b0fafb8d452aa6ec157ed535325ebb27861e5981","ssdeep":"3072:cAMY/51UZ4WRrNxbwWaTR8lv3H3dJQ6pu+RsZ8gbsJeWwH:cAMq1sx7Ri6VndJJAQsZ8gZx","tlshash":"afb3128370a8e9004fdfdffed546807b791b744674285b203694e0f66399a9afc38a48","first_seen":"2025-10-28T02:45:23.125627Z","last_seen":"2026-03-07T09:39:32.913547Z","times_seen":8,"resource_available":false,"data":null}},"time_used":831,"timings":{"blocked":234,"dns":0,"connect":0,"send":0,"wait":293,"receive":304,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260304/h4muDjxm/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:53.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260304/h4muDjxm/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 178154\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 08:01:49 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a7e6ed-2b7ea\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 4465\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PGsCRmoNROq5cO8gpmmgvyG37sY5ntGVkSHQUrMs37YnEHiSFLny6ZefE0RPQMy1EBsZvkcs1l0BoYuBCRFE40aXFMptn9HI1JUkN2VbkFzerg%3D%3D\"}]}\r\ncf-ray: 9d88a139bed11f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":178154,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"48a50ba51b6d8ed838fde8f4d12ffa5b","sha1":"deda255bc5d780c9ac4c8e1051d95b41eb4c7c81","sha256":"3ccded3af4ea0123d8a839c3fcd8d3f148a31625b93d05835305fe6518c67cc6","sha512":"4fb5fdaf0ce2da139f67cbef6f6527b9dd47cc6fdab67f1f63398cc27e1492057e7ba990a6debb9c5fdc4950673877383518c2df2abf5675fc38853cccf847f1","ssdeep":"3072:kc1BrKBABKNdrcKOKO4wHkQQdSAj9s8UtYdunv+O5D5JFfbk47P+:kcbWBq4drCXHkjXIwuvlb7fbkIW","tlshash":"920412742a0ed070a83e6928de88b342d8e2da72b5dd361d897f07130e99437377e52c","first_seen":"2026-03-07T09:39:32.914326Z","last_seen":"2026-03-07T09:39:32.914326Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260304-1/6de933670031df65b8365d49c2c84dce.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.148.9","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260304-1/6de933670031df65b8365d49c2c84dce.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56767\r\nlast-modified: Wed, 04 Mar 2026 03:05:41 GMT\r\nvary: Accept-Encoding\r\netag: \"69a7a185-ddbf\"\r\nexpires: Fri, 03 Apr 2026 03:25:44 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 281589\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56767,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"e5ca12bf3a1db6f83c1916a37130b09a","sha1":"d432a148a4d1052dc00f13d8d9bc6b8a16af357e","sha256":"cb5318b6afd03830ccdd58d1c1b6a9c085d61a3f400144fe0585e10226f8499b","sha512":"23cd1ee6dc383c090489188170d03c79e4947eee1d2ff815c5027b31303ebed9b575f78b7adbff7491d32256801c26d044302f8169cf55156d17dd3c8038b951","ssdeep":"1536:bU/P9eVAMWI4To4+kF9t90hOIpcrbzhLvYUCO0Be:bUPD1Z+4yOIy9Hb","tlshash":"5943f1aeedb13b55df407e3034fb0762a3a2e7a7787064917b0a5b05391d6600ead4a3","first_seen":"2026-03-07T09:39:32.916268Z","last_seen":"2026-03-07T09:39:32.916268Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1442,"timings":{"blocked":181,"dns":0,"connect":0,"send":0,"wait":637,"receive":624,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260302/IVRlTeYL/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:52.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260302/IVRlTeYL/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 09:38:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 27214\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Mar 2026 00:24:16 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"69a62a30-6a4e\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 3263\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SJY9ogpAAzAWh58Mv9x1cdiVgWYkdjaKsKim5XUFBUruknNlHfJCwOKMPUjEeHUOlbzPbmEjPah0XBLlKZnoKPGeqzu8VV1K0sLYQD%2FETj%2Bi5w%3D%3D\"}]}\r\ncf-ray: 9d88a139beb41f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27214,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: \"Lavc58.39.100\", baseline, precision 8, 320x214, components 3","md5":"feedbca1dee3be0203e0e11da854653b","sha1":"5c06d375842032436e565d5a97753eb8e7234ad9","sha256":"a6cfc919ecfdb475bd26be7417a93b3d3788ef00856210477951df0bc226ad14","sha512":"4281f93f00f7f99f46756355109b6cd2e146a164dcfce41288bf197219400b11b453fae479a0d75283ae6b43bd14055e9b0d2c90cac2dcd8cce1de184d30478a","ssdeep":"768:F7PgNAHqrPnh3WxcLmp/zLD7BIB5AA0sYJwiJ:F8NxrP5WxcLQLD7eB5ADsYJpJ","tlshash":"4ec2f14c0a788f1ae5fd8d0e9bac355b79d6af61825b2f40ec27529761fb9fa530c010","first_seen":"2026-03-07T09:39:32.918053Z","last_seen":"2026-03-16T10:26:20.091226Z","times_seen":2,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":26,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntupiaxxzz.com/upload/vod/20260306-22/5366b533a0f75257a066e05be4b582dd.jpg","fqdn":"www.jkuntupiaxxzz.com","domain":"jkuntupiaxxzz.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:54.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntupiaxxzz.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Wed, 21 Jan 2026 12:48:17 GMT","end":"Sat, 20 Feb 2027 12:48:16 GMT"},"fingerprint":{"sha1":"13:B6:FB:03:73:AC:FB:95:B6:AC:D3:EE:C1:74:7E:9C:AC:34:45:34","sha256":"D4:F4:9C:80:D3:FC:BE:AF:59:CE:B4:39:CB:48:78:3E:9E:82:EE:02:8C:F2:13:C4:96:BD:34:C4:AA:F6:D2:54"}}},"request":{"raw":"GET /upload/vod/20260306-22/5366b533a0f75257a066e05be4b582dd.jpg HTTP/1.1\r\nHost: www.jkuntupiaxxzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 09:38:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 32323\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Mar 2026 03:22:57 GMT\r\nVary: Accept-Encoding\r\nETag: \"69aa4891-7e43\"\r\nExpires: Sun, 05 Apr 2026 03:34:15 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32323,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, extended sequential, precision 8, 260x360, components 3","md5":"9a81745028bed4e06e2391f01ed602c6","sha1":"26a42b7f03cc80a7997332f926fef671ee7f2950","sha256":"05af4a764a9384a7cc107684fff4299459745212fa771463ad48fcb26100eb9c","sha512":"c5f5734f0ef011041210f9d1e9835a879978e37c6c885d1caca3a2e5130f30e48e4cf4ba60445e191ccc79b53e4a6a879ffbcde0f5e3d7430b85a3c139b9b222","ssdeep":"768:cwfdAUURTchbkwioXV4X2qtcHeTSTi/qgTA6Jb7xIX:cwa7Rz9qV44HhbGzHW","tlshash":"e8e2e17bdc8316516b6b897e5ba00b70d8337b50f28f9be8a05728c19f55531cd3d092","first_seen":"2023-06-18T09:53:31Z","last_seen":"2026-03-07T09:39:32.919897Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1200,"timings":{"blocked":1007,"dns":0,"connect":0,"send":0,"wait":167,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"11224.xn--gps-8y0gm25n.xn--55qx5d/d/11224?_t=1765444375","fqdn":"11224.xn--gps-8y0gm25n.xn--55qx5d","domain":"11224.xn--gps-8y0gm25n.xn--55qx5d","tld":""},"ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.xn--gps-8y0gm25n.xn--55qx5d","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 14:22:13 GMT","end":"Tue, 07 Apr 2026 14:22:12 GMT"},"fingerprint":{"sha1":"01:F6:A8:64:D2:BF:90:49:78:62:32:E0:6F:0D:E9:33:66:39:30:EF","sha256":"5D:E4:BC:B9:AE:B1:76:CF:D1:39:B2:34:04:CA:CA:2F:97:94:D8:E3:B1:2D:D1:41:C3:4B:27:0D:1C:BF:03:26"}}},"request":{"raw":"GET /d/11224?_t=1765444375 HTTP/1.1\r\nHost: 11224.xn--gps-8y0gm25n.xn--55qx5d\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 07 Mar 2026 09:38:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 145\r\nlocation: https://fsffbhd.4000522777.xn--fiqs8s/ea980b9daf2cbb13355e4431bbc43384.gif?_t=1765444375\r\ncache-control: public, max-age=900\r\nexpires: Saturday, 07-Mar-2026 09:38:56 GMT\r\nstrict-transport-security: max-age=31536000\r\nx-via-jsl: c67fab6,-\r\nset-cookie: __jsluid_s=eb105ef223fae342b25d8b62ff71e6f9; max-age=31536000; path=/; HttpOnly; SameSite=None; secure\r\nx-cache: miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":686427,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1429,"timings":{"blocked":-1,"dns":358,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:56.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 71518\r\ndate: Sun, 04 Jan 2026 07:16:14 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5839717675109745792448e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache26.l2de4[0,-1,200-0,H], ens-cache31.l2de4[1,0], ens-cache4.se2[0,0,200-0,H], ens-cache9.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 5365362\r\nali-swift-global-savetime: 1767510974\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 04 Jan 2026 07:19:12 GMT\r\nx-swift-cachetime: 31535822\r\nback_uri: /imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9d17728763368937135e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":71518,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"77124bec289e16c03715536db0a93a69","sha1":"5de89ae0a04b1f38fad10253e63173c0b686ad35","sha256":"a3485681d348a07947e41b4b1f4ae28733254265db0fd08ac9db716c3733c769","sha512":"5690c31f2995495454b1e9f46b74b696c0418985c5d49d8ab68975b731876e461df8cd05bb027cf3d871191a500bd273b649d037e9e1719c890784e368206c54","ssdeep":"1536:E8dgdKUYKUsoK6sIET9wjMr/JF+aPbqiuYZtJvfDD:E+zUvwhEBwjM7+YyYZtJvfDD","tlshash":"8e630233a165d51fd223253ca591909dba377fe1cd6671f9f6c7cf478a08083c9aa828","first_seen":"2026-01-04T07:53:55.650353Z","last_seen":"2026-04-04T15:25:57.279824Z","times_seen":4021,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com/storage/assets/img_960f3a1202.gif","fqdn":"fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com","domain":"zhuanshutupian458.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bfm.djyy2.beer/cn/home/web/","date":"2026-03-07T09:38:55.359Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /storage/assets/img_960f3a1202.gif HTTP/1.1\r\nHost: fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bfm.djyy2.beer/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":888,"timings":{"blocked":178,"dns":394,"connect":152,"send":0,"wait":0,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}