{"report_id":"c562d439-4ae7-4868-a04e-fb51e520e0b3","version":6,"status":"done","tags":[],"date":"2025-05-11T12:42:16Z","url":{"schema":"http","addr":"ckb2.cc/","fqdn":"ckb2.cc","domain":"ckb2.cc","tld":"cc"},"ip":{"addr":"198.16.60.58","port":0,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"title":"黄色仓库-huangsecangku.net"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-20T12:42:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cbu01.alicdn.com","ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2008-06-25","domain_rank":44205,"first_seen":"2015-04-17T10:25:48Z","last_seen":"2025-05-09T11:35:57.97974Z","alert_count":0,"request_count":3,"received_data":712825,"sent_data":1401,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hhapk777.getehu.com","ip":{"addr":"58.218.215.99","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2024-07-01","domain_rank":0,"first_seen":"2025-02-25T00:44:22.621764Z","last_seen":"2025-05-08T22:04:46.937708Z","alert_count":0,"request_count":4,"received_data":759003,"sent_data":1775,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.blkj58.com","ip":{"addr":"128.1.52.179","port":443,"asn":21859,"as":"ZEN-ECN","country":"Malaysia","country_code":"MY"},"domain_registered":"2021-02-19","domain_rank":0,"first_seen":"2024-12-10T16:22:58.787373Z","last_seen":"2025-05-09T17:51:17.707933Z","alert_count":0,"request_count":1,"received_data":273825,"sent_data":461,"comment":"","tags":null,"fingerprints":null},{"fqdn":"555sx.img1368680550.com","ip":{"addr":"156.243.244.252","port":443,"asn":0,"as":"","country":"Türkiye","country_code":"TR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":433224,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gif.zhidi66.com","ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-03-27T19:51:44.46771Z","last_seen":"2025-05-08T03:06:29.974148Z","alert_count":0,"request_count":2,"received_data":608451,"sent_data":869,"comment":"","tags":null,"fingerprints":null},{"fqdn":"311050.xyz","ip":{"addr":"198.16.60.50","port":8899,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2025-04-18","domain_rank":0,"first_seen":"2025-05-11T12:42:18.314123Z","last_seen":"2025-05-11T12:42:18.314123Z","alert_count":0,"request_count":1,"received_data":215,"sent_data":532,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.537images23.com","ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":475026,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ygpl.abctup.com","ip":{"addr":"104.21.46.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-09","domain_rank":0,"first_seen":"2025-05-09T22:08:35.215699Z","last_seen":"2025-05-09T22:08:35.215699Z","alert_count":0,"request_count":1,"received_data":335278,"sent_data":436,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":8254,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-05-07T19:39:39.862051Z","alert_count":0,"request_count":2,"received_data":30877,"sent_data":1138,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zb.ww57988tc.com","ip":{"addr":"154.83.95.216","port":8686,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-04-30","domain_rank":0,"first_seen":"2025-05-08T23:43:51.205639Z","last_seen":"2025-05-08T23:43:51.205639Z","alert_count":0,"request_count":1,"received_data":4615283,"sent_data":439,"comment":"","tags":null,"fingerprints":null},{"fqdn":"333wy888bb.com","ip":{"addr":"104.160.179.228","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2024-11-26","domain_rank":0,"first_seen":"2024-12-04T03:26:39.380146Z","last_seen":"2025-04-24T00:40:36.844889Z","alert_count":0,"request_count":1,"received_data":367477,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"777abc777abc.com","ip":{"addr":"104.160.179.194","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-04-11","domain_rank":0,"first_seen":"2025-04-16T21:15:24.018335Z","last_seen":"2025-05-10T06:31:35.637976Z","alert_count":1,"request_count":1,"received_data":795273,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xm55511.img9879125675.com","ip":{"addr":"156.231.117.216","port":8686,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-04-09","domain_rank":0,"first_seen":"2025-05-08T03:32:59.167445Z","last_seen":"2025-05-08T03:32:59.167445Z","alert_count":0,"request_count":1,"received_data":322321,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"444329.xyz","ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2025-04-15","domain_rank":0,"first_seen":"2025-05-11T12:42:19.528864Z","last_seen":"2025-05-11T12:42:19.528864Z","alert_count":0,"request_count":13,"received_data":338602,"sent_data":5108,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pg555111.img6857783384.com","ip":{"addr":"154.83.95.216","port":8585,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-04-09","domain_rank":0,"first_seen":"2025-05-08T03:32:59.155473Z","last_seen":"2025-05-08T03:32:59.155473Z","alert_count":0,"request_count":1,"received_data":762129,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"999abc999abc.com","ip":{"addr":"104.160.179.194","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-03-17","domain_rank":0,"first_seen":"2025-04-03T19:11:32.264392Z","last_seen":"2025-04-24T00:40:36.134334Z","alert_count":0,"request_count":1,"received_data":519866,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"69vvnstttaaa888.cqpwy.com","ip":{"addr":"183.60.255.95","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2024-08-24","domain_rank":0,"first_seen":"2025-04-26T07:17:25.988374Z","last_seen":"2025-05-09T20:49:50.321016Z","alert_count":0,"request_count":1,"received_data":244776,"sent_data":473,"comment":"","tags":null,"fingerprints":null},{"fqdn":"imgsa.baidu.com","ip":{"addr":"121.14.156.48","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":139015,"first_seen":"2017-01-29T16:54:01Z","last_seen":"2025-05-08T22:02:35.671279Z","alert_count":0,"request_count":1,"received_data":1405646,"sent_data":478,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ckb2.cc","ip":{"addr":"198.16.60.58","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2023-01-29","domain_rank":0,"first_seen":"2025-05-11T12:42:18.31536Z","last_seen":"2025-05-11T12:42:18.31536Z","alert_count":0,"request_count":2,"received_data":552,"sent_data":868,"comment":"","tags":null,"fingerprints":null},{"fqdn":"555jnc.img3174125953.com","ip":{"addr":"198.200.56.161","port":443,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":734357,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"333abc666abc.com","ip":{"addr":"104.160.179.194","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-03-17","domain_rank":0,"first_seen":"2025-03-27T19:58:54.548547Z","last_seen":"2025-04-24T00:40:36.79156Z","alert_count":0,"request_count":1,"received_data":527910,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.fjyyedu.com","ip":{"addr":"123.6.18.119","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2015-12-30","domain_rank":0,"first_seen":"2025-04-16T03:14:18.953413Z","last_seen":"2025-05-08T06:29:23.126573Z","alert_count":0,"request_count":4,"received_data":1217379,"sent_data":1578,"comment":"","tags":null,"fingerprints":null},{"fqdn":"666834.xyz","ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"2022-02-19","domain_rank":0,"first_seen":"2022-11-28T15:06:04Z","last_seen":"2025-04-24T00:40:36.131285Z","alert_count":0,"request_count":9,"received_data":2462207,"sent_data":4051,"comment":"","tags":null,"fingerprints":null},{"fqdn":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com","ip":{"addr":"3.5.238.168","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-04-11T23:54:49.232666Z","last_seen":"2025-04-24T00:40:36.993474Z","alert_count":0,"request_count":1,"received_data":45584,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.835images20.com","ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"domain_registered":"2024-12-29","domain_rank":0,"first_seen":"2024-12-29T20:15:30.300763Z","last_seen":"2025-04-24T00:40:35.715511Z","alert_count":0,"request_count":1,"received_data":642612,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.40images1.com","ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":678024,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"txdy.2016os.com","ip":{"addr":"58.218.215.107","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2016-01-20","domain_rank":0,"first_seen":"2025-02-06T22:26:39.388119Z","last_seen":"2025-05-09T00:56:40.499076Z","alert_count":0,"request_count":1,"received_data":465024,"sent_data":429,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vezknp-1005-ppp.oss-accelerate.aliyuncs.com","ip":{"addr":"47.254.187.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-03-26T08:12:48.39622Z","last_seen":"2025-04-24T00:40:36.079127Z","alert_count":0,"request_count":1,"received_data":79303,"sent_data":491,"comment":"","tags":null,"fingerprints":null},{"fqdn":"apple-banana.oss-cn-shenzhen.aliyuncs.com","ip":{"addr":"112.74.1.166","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-01-18T21:57:04.474238Z","last_seen":"2025-04-24T00:40:36.972184Z","alert_count":0,"request_count":1,"received_data":52595,"sent_data":455,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.607images.com","ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-02-06","domain_rank":0,"first_seen":"2025-02-17T08:45:19.084943Z","last_seen":"2025-04-27T03:16:54.977709Z","alert_count":0,"request_count":1,"received_data":396206,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tu.astem.vip","ip":{"addr":"90.84.161.22","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"domain_registered":"2019-12-06","domain_rank":0,"first_seen":"2025-05-11T12:42:18.318441Z","last_seen":"2025-05-11T12:42:18.318441Z","alert_count":0,"request_count":1,"received_data":142020,"sent_data":440,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-05-11T12:41:56Z","timestamp":1746967316,"ip_dst":{"addr":"112.74.1.166","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"172.18.0.2","port":40020,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-05-11T12:41:56.922213+0000\",\"flow_id\":652038766865256,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":40020,\"dest_ip\":\"112.74.1.166\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"apple-banana.oss-cn-shenzhen.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":907,\"bytes_toclient\":3148,\"start\":\"2025-05-11T12:41:56.404328+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-05-11T12:41:57Z","timestamp":1746967317,"ip_dst":{"addr":"47.254.187.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.2","port":54180,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-05-11T12:41:57.830898+0000\",\"flow_id\":1362400587938091,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":54180,\"dest_ip\":\"47.254.187.151\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"vezknp-1005-ppp.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":909,\"bytes_toclient\":6780,\"start\":\"2025-05-11T12:41:57.784683+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-11","alert":"Sinkholed","trigger":"777abc777abc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-11","alert":"Sinkholed","trigger":"537images23.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c6f75e2c0dd996015700166bddeef35","sha1":"168f1d333a73fca588a35e8a80006d4c19f62f14","sha256":"a33c77185c6339dddf302df9e1d8fa4c4ec101c623a3be2f20e5090e9ff60281","sha512":"70148cb7d86b41160e6a1fddc9aa284718a404ba88f0f0356b4ea6f2a50afa78f041094c5e1b79bb8cc5f0fc04993cf002279638cdffa127ecd5813165666954","ssdeep":"192:bNT3mX+be4fWMCSu5S4iP3h8bm/dfF22+3S4oMgAxblvQOa1IA1Awbjr6FQ/O45k:pxxWGoiIIP0","tlshash":"c32201b3c2cdb45a5229c2cdc760f9ecd40370afcf676e46ed65290da6086f6942728d","size":10104,"data":"","first_seen":"2025-05-11T12:42:29.727408Z","last_seen":"2025-05-11T12:42:29.727408Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-05T11:51:35.783145Z","times_seen":102702,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"f22302f91f459e3065dd273b95eec990","sha1":"b8d63522e209a7598cf016208fea62e9f617b70a","sha256":"a5b15cc48fa9a0192202863f1722d048b33d195afceeaf56bfa1119a6d360499","sha512":"6108a0893a21c6f57060d9c047bd606ad401a2cea829269b588df7b0a91ca73265128239c08ca9db230a0ba2c6db80b7b367d4ba8f6d78ba8bfd0474d8d16299","ssdeep":"","tlshash":"e2e028cc318548cc0dd13cc56d1e04dd45e14d1f3d7c8c108e40146b3456b7755c019c","size":341,"data":"","first_seen":"2025-05-11T12:42:29.730229Z","last_seen":"2025-05-11T12:42:29.730229Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/static/js/jquery.js","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-05T11:38:40.333292Z","times_seen":60706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"200227fb5725d57df146a731ca6c9945","sha1":"ac199f1ea4dede54edcd401008b4630e36596130","sha256":"0a92100ccb5f3788c50c13df059e73f3f7e630eeb57aa4545eaf325ddce27c81","sha512":"830d2c838a49d0b28056649a5f514c58cb69b5a9404d3d3a025c43b99d6dcaf2ce25259218e9d0af5ff636351fb226e0c831934aea1805ebf365691e462dcdc3","ssdeep":"","tlshash":"6ef0a04cf12a6a8020bef4bc5d7b930845ab51156b8288c800bb8cb2246647dd4a7e8f","size":445,"data":"","first_seen":"2024-07-04T07:59:35Z","last_seen":"2026-04-05T08:45:06.761718Z","times_seen":385,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"587d8148ec78f7c6f4aa7e7f0e382bf6","sha1":"58f09a7743a6b0586c8320232ea89d1cbb20e558","sha256":"e2d264ffefbcb451e8df1a6b35750fbfafdc5197de3d4073f23fcf85deec1839","sha512":"ab2bb08612ffe2b40a282b27482f730644def57e68429ac95ffd3e3e3f28714e80000d996b47062ea183937133a82db3080432377b768e52b39a3c0309380824","ssdeep":"","tlshash":"7ba0020df281afa0417135b85917124b89261c4b29951448a5651271481511de497d85","size":59,"data":"","first_seen":"2024-07-04T07:59:35Z","last_seen":"2026-04-05T08:45:06.764452Z","times_seen":381,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7887f171a781a08a9fc1b8a997b61201","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"327a4ac4085ff9df74c4a703aeb2c1e8","sha1":"1f2e7f186338dfe9cc3b2740725c94cb9fc33363","sha256":"22195f049c9ef2bd338c39c1db4719cbf35875f08764729e7775bb78be65b7b2","sha512":"4e2bedbc7ff4e938f3d7b0da19b8d5646aa77843de65c5d13a0ef65882c8db8a4e0eed2acd55c5fb3c8c4f3637b67dff3d04c7bdf687ef02c99bf9ae045d6b05","ssdeep":"384:XEJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:XE4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"78d2d9a9b282713293a324a5153f324ef17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29895,"data":"","first_seen":"2025-05-11T12:42:29.692375Z","last_seen":"2025-05-11T12:42:29.692375Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-05T11:51:35.783145Z","times_seen":102702,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ckb2.cc/","fqdn":"ckb2.cc","domain":"ckb2.cc","tld":"cc"},"ip":{"addr":"198.16.60.58","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9061dc8e9cf39b1cb21e433bd27e1ac7","sha1":"6ad2530209853f28bc813a90224bda486ec63137","sha256":"a66f7391f15f789832affbc06eb4be7dc16313a490f851bc21563c239ad5d3c0","sha512":"0555b450f2495a389c7a16da1fc87f720011e8ed948b861b954e5639da9744e5ccc4ba35896e22b5e35ca2ecd2c734a722c8bda49c8d4c2b860335b37f08bae3","ssdeep":"","tlshash":"32e086f3244185305afa325bab5377957d2255c72e51700550181c51a51cf8ec63de99","size":317,"data":"","first_seen":"2025-05-11T05:57:28.225098Z","last_seen":"2025-06-21T07:19:02.790158Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4fe9cbabc90fa0723c3be26530d5f99c","sha1":"182c1ae5dd3912002337ff47ae1d9815eaeb48d7","sha256":"b3ae50a3ac32c85a57ddb19f00761a86b4da7924c5bc948ff529277d23c83175","sha512":"65f56222dec168c080584bdd90141775dc54a26b75df9b453255b5966292c7484bdde679cb5255ffa9114cb31b71b727902f042071f716793b817437c8d98573","ssdeep":"","tlshash":"e7d0a71fb8193434574608b92cbbea8db572696c617de115848ddc514464eda0c3db98","size":240,"data":"","first_seen":"2025-05-11T05:57:28.223671Z","last_seen":"2026-04-05T08:45:06.765703Z","times_seen":286,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/static/js/home.js","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dace87b98369cd3a17614087ace567a7","sha1":"854eb995ab3a2ca08a785786c0ab1055eef1649d","sha256":"2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417","sha512":"c27abdad353ff3b5ef047690038e5a23e337f6aa15ca88abce98cf5c5865db1fb69a69f72ac2e44256f1dc9a3fe3564bb6212adadf0e6cd6aea4a64d8cb7f975","ssdeep":"768:qJqhbl1JbiPbhWODBb7z9n/bhb7m5gr9JQVT5E12r9luXT:qyODBNQUT","tlshash":"3c03724db697146450b3326a9f7b5a08df7b421f05008f49be7d00a41ff1a4eb616fad","size":39246,"data":"","first_seen":"2023-03-07T01:10:44Z","last_seen":"2026-03-18T14:17:29.255306Z","times_seen":551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4cdb6b91393da4abd0b0eedff0a766ec","sha1":"0d0c6b15551f06f0f04ab5b5e505a8474dd29cec","sha256":"dfd9f4cf2a2b6fd8a7c752ae0df81649f9b278aa3cf6e3f46459ffeec6544c1a","sha512":"7239fd43788d87884b369da9262b7e2a72c512cf8fb752ef4838115928fa39a1eea1d9c7262358bba044ee87d18664c16f27ea2566d5d8be780cd25937d5cfec","ssdeep":"","tlshash":"9db012421412fa7fbd7406e0c262cb50402aa8ad5a860010c07e074250cd5253305f8f","size":96,"data":"","first_seen":"2023-03-07T15:45:17Z","last_seen":"2026-04-05T08:45:06.766319Z","times_seen":508,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/static/js/jquery.lazyload.min.js","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"89c45121934ed4664ff3ca811a008226","sha1":"848216f1d67cc7c6c6214db1a771f8c4653f06d6","sha256":"e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7","sha512":"61a33e6453c52798cf127e93c3163344cea18bdcf31eea042653903b4653b1e5408942d7b3e09b33ac73c667d1b0161d1438cbaee8d517518352c7c88a9bcc3c","ssdeep":"","tlshash":"1861768d7f527839f0567a9e831f3106663ed46f81814c54b0c9ece4ecec7951236d9a","size":3381,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-05T10:15:23.05033Z","times_seen":4385,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"444329.xyz/statics/img/logo_max.png","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:55.080Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/logo_max.png HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/statics/css/stui_default.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:55 GMT\r\nContent-Type: image/png\r\nContent-Length: 12128\r\nLast-Modified: Tue, 23 Jul 2019 09:39:58 GMT\r\nConnection: keep-alive\r\nETag: \"5d36d5ee-2f60\"\r\nExpires: Tue, 10 Jun 2025 12:41:55 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 282 x 60, 8-bit/color RGBA, non-interlaced","md5":"8a21de57a55e1c08ab7c5eddec9a2b7f","sha1":"a7b8daee559f39d66dea3eae37db7a591a3b15b9","sha256":"10a3049a5095d48d7b7c0d52aec9a6ff8049f7e82c0f3c9253c2024326a6b2d8","sha512":"aff63a232528324f88800cf7425790fed44b707bf1e15ccd247206228d93228a5295784d5329fd7a5c98987dd85177f4e9ba536990cfa2117967458e1db2a80a","ssdeep":"192:/3QiC71w51vC+gZW5KsatFAzn3bvT29nOUTUblUNctkHQTVQifR2HKhtHutE/mCk:/o7+WW5KsGS3bvaRHOUK2HQTVNJ2HKDm","tlshash":"1942c070d45f33f5a049fc8c51b2fd545b080d0c79bad5b266883a9aae2d44da4bd207","first_seen":"2023-06-10T10:31:17Z","last_seen":"2026-04-05T08:45:06.735326Z","times_seen":429,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img.fjyyedu.com/am1991-960x80.gif","fqdn":"img.fjyyedu.com","domain":"fjyyedu.com","tld":"com"},"ip":{"addr":"123.6.18.119","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:58.740Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /am1991-960x80.gif HTTP/1.1\r\nHost: img.fjyyedu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://444329.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: NgxFence\r\nDate: Sun, 11 May 2025 12:41:59 GMT\r\nContent-Type: text/html\r\nContent-Length: 165\r\nConnection: close\r\nLocation: https://img.fjyyedu.com/am1991-960x80.gif\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":324884,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":1783,"timings":{"blocked":724,"dns":531,"connect":264,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/statics/css/stui_default.css","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.471Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/css/stui_default.css HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:54 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 17 Nov 2020 14:36:35 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fb3dff3-28ad\"\r\nExpires: Mon, 12 May 2025 00:41:54 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10413,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"5a3c0ce9592915ab5b2d4b3482765e05","sha1":"45e21e6502ffbfbe428adfe164e191402167c7d0","sha256":"082d956e596273304f9d8544ec324c9a9a56e26123a56b0a076f5ec3f2973119","sha512":"c313d09c6cc4815f75916011cfab8367c353c114eea1bf0d2a1471c49b7fe070d10eac7310fda6b9d8c7d4301df789cd7edabfe30d9f58053bbbfe46907f8e50","ssdeep":"192:hvTUqr2artW7CxRlgXoSB6RDD7QM/LIWizgRVo:hLUqrLrtWClgXojzQM/LAzgk","tlshash":"cb223421d7002905b07f9faabdb3db9e63229063d3054efdbd513869d78e4e944b22c9","first_seen":"2025-04-08T10:14:40.167409Z","last_seen":"2026-04-05T08:45:06.743768Z","times_seen":349,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.40images1.com:6699/images/960x80.gif","fqdn":"images.40images1.com","domain":"40images1.com","tld":"com"},"ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.40images1.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 May 2025 05:42:01 GMT","end":"Wed, 06 Aug 2025 05:42:00 GMT"},"fingerprint":{"sha1":"8F:3D:5A:79:23:BB:51:0C:94:30:5D:07:F7:0D:B1:79:DB:F5:7C:89","sha256":"FA:04:55:84:57:2A:2B:B9:64:73:6B:20:CF:D0:66:2F:83:DC:5A:7A:53:EF:60:52:8C:95:C0:A6:D9:3B:C4:82"}}},"request":{"raw":"GET /images/960x80.gif HTTP/1.1\r\nHost: images.40images1.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 10:42:48 GMT\r\netag: \"681c5318-a573e\"\r\nexpires: Tue, 10 Jun 2025 10:42:48 GMT\r\nlast-modified: Sun, 11 May 2025 10:42:49 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 677694\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":677694,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"b1ae838b623323851d4af0bdbc7287db","sha1":"fff6a733f6426f6d2606ba1f6946eb7f30e330ee","sha256":"1f6cde46fc978e62c5af75a45f601ade6fd380727643d3d99b1c2d5011106fb3","sha512":"f774ef3bc6ba6a5ea70ad8eadfa38a5a90e32ac7b8cbf408e16cff3c6b91ce935dc3015e99d3f03ec4aa8e4f955f0973a2fc2691215babacae83a3bd2c04c3fb","ssdeep":"12288:teCqOeCqOeCqOeCqtevievieviOhpoiWvUiWvUiWvUiWMLKEACHFsFCHFsFCHFsd:oRHRHRHRtevievieviJvIvIvIxMK2K26","tlshash":"f7e4230777c0cd25a2f8aed00fa4fa275e12c9847fe5196716822aeef3172fe459d841","first_seen":"2025-05-11T05:57:28.134847Z","last_seen":"2026-04-04T14:12:03.444781Z","times_seen":499,"resource_available":false,"data":null}},"time_used":3679,"timings":{"blocked":459,"dns":1125,"connect":238,"send":0,"wait":239,"receive":1370,"ssl":247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN01vYcveW1Bs33SC1a4X_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN01vYcveW1Bs33SC1a4X_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 219559\r\ndate: Sat, 10 May 2025 12:38:13 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.002\r\ntraceid: a3b5319917468806929347580e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache39.l2fr1[0,0,200-0,H], cache24.l2fr1[1,0], ens-cache36.fr6[0,0,200-0,H], ens-cache6.fr6[64,0]\r\naccess-control-allow-origin: *\r\nage: 86624\r\nali-swift-global-savetime: 1746880693\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 10 May 2025 12:40:17 GMT\r\nx-swift-cachetime: 31535876\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9a17469673175272870e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":219559,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"39541ff1709602b8b4cfc38c3bf8717a","sha1":"92763287ee6ff5aaa1892d9dce61f3127e7c3849","sha256":"69a1d12e34e6b2534126a9fd6edb79f53534ce68526b69d5c151e639c71d937b","sha512":"54fa3fbfb539b1a46060c1826d8e213538a2d3db0e35f7cd8e421d48dfeffb5144571975514299550524a0f82884773793ce0ba34d14bc3919808246236a4fda","ssdeep":"6144:qxYjTO8OdTO8Odvhxb/iGb/iGbQfiMwdtdt+:qufO8IO8ELT5T5Mw33+","tlshash":"422402cb26198479d9f2307725e8cb4fff8459670e2c746a09262111f87b3e16ec79b1","first_seen":"2025-04-10T19:18:00.067018Z","last_seen":"2025-10-15T16:52:30.483254Z","times_seen":64,"resource_available":false,"data":null}},"time_used":3195,"timings":{"blocked":446,"dns":1819,"connect":35,"send":0,"wait":138,"receive":85,"ssl":669},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgsa.baidu.com/forum/pic/item/5d6034a85edf8db1e1e0674b4f23dd54574e74d6.jpg","fqdn":"imgsa.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"121.14.156.48","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /forum/pic/item/5d6034a85edf8db1e1e0674b4f23dd54574e74d6.jpg HTTP/1.1\r\nHost: imgsa.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: JSP3/2.0.14\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1405343\r\naccess-control-allow-origin: *\r\netag: 6d442fa9605ec3e5a284446b113e54ca\r\nexpires: Tue, 10 Jun 2025 12:41:57 GMT\r\nlast-modified: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1405343,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"6d442fa9605ec3e5a284446b113e54ca","sha1":"60d504de126bfa3007af96238bb73bd885407931","sha256":"3c0092d4722d18727aec53271bbaa4aae0ef6ea8eb631dcb6991e9b2228a38f0","sha512":"ffd72fac84a99d6c9865db87188a54b83b7ef9e51d6dc8ac5462a7020f314b512fcc0dfd341b8e01c95b3e79c609f781bfa3711e0c38303aa035a9dbb2a04e3c","ssdeep":"24576:ZROiKzfFuBROiKzfFuBROiKzfFuVccYbXbXbkH1D3zH1D3zH1Db/:ZiJkiJkiJIccCrrkxx5","tlshash":"5d5523df16d94e0381e73f71f8b3a22a357164c534623806be2eec75605f8c42d6aad6","first_seen":"2025-05-11T05:57:28.196379Z","last_seen":"2025-06-09T07:15:16.990539Z","times_seen":20,"resource_available":false,"data":null}},"time_used":7477,"timings":{"blocked":441,"dns":1918,"connect":266,"send":0,"wait":335,"receive":4041,"ssl":476},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.2016os.com/960x60.gif","fqdn":"txdy.2016os.com","domain":"2016os.com","tld":"com"},"ip":{"addr":"58.218.215.107","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.2016os.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 May 2025 03:06:44 GMT","end":"Tue, 05 Aug 2025 03:06:43 GMT"},"fingerprint":{"sha1":"61:07:8C:1E:14:BF:27:10:42:75:E8:6A:3B:8D:D1:94:86:0C:B2:ED","sha256":"FD:31:AD:51:BB:D8:20:11:17:65:83:70:E0:73:88:B4:CC:EF:F6:F7:96:D8:8D:16:57:ED:1F:30:94:09:35:A4"}}},"request":{"raw":"GET /960x60.gif HTTP/1.1\r\nHost: txdy.2016os.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 464319\r\nstrict-transport-security: max-age=5184000\r\ndate: Thu, 24 Apr 2025 22:21:39 GMT\r\nlast-modified: Wed, 12 Feb 2025 08:43:46 GMT\r\nvary: Accept-Encoding\r\netag: \"67ac5f42-715bf\"\r\nexpires: Sat, 24 May 2025 22:21:39 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache28.l2cn8047[0,0,200-0,H], cache8.l2cn8047[1,0], kunlun6.cn192[0,0,200-0,H], kunlun6.cn192[3,0]\r\nage: 1434018\r\nali-swift-global-savetime: 1745533299\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 30 Apr 2025 11:43:20 GMT\r\nx-swift-cachetime: 2111899\r\ntiming-allow-origin: *\r\neagleid: 3adad01a17469673176013838e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":464319,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"e4ccf9fc2a6f39a41bb95dd10e35367a","sha1":"9e9b4a1ea8962cd2230007038f81f4702d61f046","sha256":"255b5190719eede8ca1d86a2fa82544fa90b0e1a152596f6abb12fd0d1c3c430","sha512":"65d78963432442905e14c2e47b8cb563c1452d2fcf89449cac1ddae275ff6a1e7528254f155f072898dfe5bfa40b38ed7a4e107c23a3434c80065ed1c7417244","ssdeep":"12288:fNqwrPezG23ERb7pmSF8VrSWHfR8ZGFq9hKPty3FqaxMHy:fNJPezytLF8VZRw2Pty3oPy","tlshash":"bda4238b4918250b08f09c69237679e5c5ded394284534bb3b73aa04cb1e79ff613aa6","first_seen":"2024-12-25T12:10:48.904509Z","last_seen":"2025-08-12T09:07:02.202798Z","times_seen":536,"resource_available":false,"data":null}},"time_used":7160,"timings":{"blocked":3042,"dns":2103,"connect":253,"send":0,"wait":238,"receive":799,"ssl":719},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vezknp-1005-ppp.oss-accelerate.aliyuncs.com/siteadmin/upload/img/1904394283844902914.gif","fqdn":"vezknp-1005-ppp.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 06 May 2025 02:12:11 GMT","end":"Tue, 03 Feb 2026 06:31:07 GMT"},"fingerprint":{"sha1":"82:9E:ED:B3:E5:61:6D:0D:52:77:3B:4A:1E:DF:68:54:AE:39:DA:01","sha256":"6C:66:0F:9B:EB:BF:7F:11:60:E4:7F:B8:4C:F8:F9:9E:79:94:1F:1C:BC:21:10:12:C5:AF:50:F5:4B:90:80:11"}}},"request":{"raw":"GET /siteadmin/upload/img/1904394283844902914.gif HTTP/1.1\r\nHost: vezknp-1005-ppp.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 11 May 2025 12:41:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 78724\r\nConnection: keep-alive\r\nx-oss-request-id: 68209B162599E020B51842BF\r\nAccept-Ranges: bytes\r\nETag: \"CB6137A04F0BF15ED4C4B9296D4CB00C\"\r\nLast-Modified: Tue, 25 Mar 2025 04:45:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9725466237501296877\r\nx-oss-storage-class: Standard\r\nCache-Control: max-age=86400\r\nx-oss-ec: 0048-00000111\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: y2E3oE8L8V7UxLkpbUywDA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":78724,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"cb6137a04f0bf15ed4c4b9296d4cb00c","sha1":"47b2a0310f9c1cad5b3fd0525e5bf50f79dfad9e","sha256":"fa32eb21e238418794aa858e55fa69910713babdb704fba45bee715f50678326","sha512":"20d89861493b05c05fba96baa615e1aba957baaeb4de9cbef0ea0df4c7151416ad4855f14e56c726048e16b142796e01cf1c04b264918e7fdc7bdaffae8144f3","ssdeep":"1536:uZ2yYpDKyoINa+ppk4UUtvxU9dRZrO2fHMnizUPU9g4bJB1X1wNnI8k2FZXT:smKT8a+Hk4UUJCDrrOKHgB4bBX1bPKZD","tlshash":"1573124a2596b137c601a2f03441b5238ad9626c860dc5930f87bfefb9ceac434f596a","first_seen":"2025-03-26T08:12:58.670988Z","last_seen":"2025-10-22T04:56:01.865044Z","times_seen":234,"resource_available":false,"data":null}},"time_used":3927,"timings":{"blocked":429,"dns":2814,"connect":21,"send":0,"wait":186,"receive":29,"ssl":448},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img.fjyyedu.com/388-960x80.gif","fqdn":"img.fjyyedu.com","domain":"fjyyedu.com","tld":"com"},"ip":{"addr":"123.6.18.119","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:58.783Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /388-960x80.gif HTTP/1.1\r\nHost: img.fjyyedu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://444329.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: NgxFence\r\nDate: Sun, 11 May 2025 12:41:59 GMT\r\nContent-Type: text/html\r\nContent-Length: 165\r\nConnection: close\r\nLocation: https://img.fjyyedu.com/388-960x80.gif\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":282970,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":1626,"timings":{"blocked":665,"dns":466,"connect":247,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/20/950X60.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/20/950X60.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 127443\r\nlast-modified: Thu, 20 Mar 2025 07:38:11 GMT\r\netag: \"67dbc5e3-1f1d3\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":127443,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 950 x 60","md5":"718d0fcb7f21db8cfc9f716aadcd3271","sha1":"1833e7c4e1e1808b03f79f31aa5d43b1cd45d75c","sha256":"cc9e87c5ac3930d85784e60223049a1d61b3d36d903d77135d00f9ed8146c1fb","sha512":"dc606551d1dcaefd2f1e6828e08a0354fc0aaed20ce91047242f5532431d6e4e385073a7f5f5bab41387f61990d54d3926eb549ef5ebaca5e8f0af0497745ffa","ssdeep":"3072:kitLYmw9REXVHnZaAZaA5onqJPxJSADQeML002wIxf4XRG:kiN/RxoOxJPcZL002Zf4hG","tlshash":"62c302358c01780568859130ba7774dcb29d9d36c8293bdce178394e6ec1a2ffd786a7","first_seen":"2024-07-04T07:59:36Z","last_seen":"2025-07-17T02:51:43.131368Z","times_seen":83,"resource_available":false,"data":null}},"time_used":1527,"timings":{"blocked":447,"dns":4,"connect":0,"send":0,"wait":660,"receive":401,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/22/960X70.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/22/960X70.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 102783\r\nlast-modified: Sat, 22 Mar 2025 15:01:10 GMT\r\netag: \"67ded0b6-1917f\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102783,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 840 x 70","md5":"1da10991e0fab0cb6ac8bbbaff0bb8f5","sha1":"995587a43f6360e7b473d5cdec2b702e56f16058","sha256":"0d10a1c4fa5731e86d4403ada1be6ed14b92518db7ced0f68e6d978ffd06bc39","sha512":"166dcf7f4a6c4cf40a5cffe76b984e462e9123b51d3bb70f8f281f7013d5fafe7483d3e3f70c31ed417f166658edce09a2b12724bf07127cbf6fd5ec456fe08d","ssdeep":"1536:Uf8pU7kI39cCXG/uG/uGPCm5UotEyZWtTwcNZ4hVHz6xQgzrxQgzrT5Q3xSZ+:cY+kI3KC1mWo2YuwBlOBhQ3K+","tlshash":"b1a302e7be37362b43a797b03cc3215e0ad294811f51956ace1a4665e4332fd199ce3c","first_seen":"2023-12-25T03:17:51Z","last_seen":"2026-04-05T08:45:06.751535Z","times_seen":413,"resource_available":false,"data":null}},"time_used":1534,"timings":{"blocked":446,"dns":4,"connect":0,"send":0,"wait":660,"receive":409,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.fjyyedu.com/388-960x80.gif","fqdn":"img.fjyyedu.com","domain":"fjyyedu.com","tld":"com"},"ip":{"addr":"123.6.18.119","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:59.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.fjyyedu.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 15 Apr 2025 07:38:14 GMT","end":"Fri, 15 May 2026 07:38:13 GMT"},"fingerprint":{"sha1":"7F:43:AC:F1:18:6B:32:B2:0A:05:20:F3:78:B7:34:A7:CA:79:85:1E","sha256":"3C:21:F3:A8:C2:B2:11:F0:27:93:C3:94:DA:CE:4E:59:AB:E3:39:07:3C:34:6B:CA:E3:13:01:F6:33:BF:BA:88"}}},"request":{"raw":"GET /388-960x80.gif HTTP/1.1\r\nHost: img.fjyyedu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444329.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Sun, 11 May 2025 12:42:00 GMT\r\ncontent-type: image/gif\r\ncontent-length: 282970\r\nx-oss-request-id: 68010AEFAD2E623E515CDD97\r\netag: \"AA45CC96703850EC0193212A950C0F10\"\r\nlast-modified: Sun, 23 Mar 2025 06:32:58 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4708328741112908902\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000103\r\ncontent-disposition: attachment\r\nx-oss-force-download: true\r\ncontent-md5: qkXMlnA4UOwBkyEqlQwPEA==\r\nx-oss-server-time: 3\r\nx-cache: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":282970,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"aa45cc96703850ec0193212a950c0f10","sha1":"093c3dc4d498a20afdb58d3f79df6bbafa922baa","sha256":"285347a74deb2ff669f9e3a1e15e7191c5a6239c8381b165ec87403eab4aa34f","sha512":"d082dd6084df251afe21702344efabfdb45697cb1f6a14d591710a6fb401834082e005a2ca8717cdb58499439747958904908488690b4426f5af4153448bdb8b","ssdeep":"6144:54/gyWTeMgaDdacs7A54iHsZ1VdQctaoZJ5d5bv6meKCeDST87yCds:53wcs7yfHsZy699dTNjDG87yCds","tlshash":"d6541305f7ce6024018b21764523b3eda504cdf052b7b0e6ebb92961c70d8faf865af9","first_seen":"2024-12-21T01:21:33.806485Z","last_seen":"2026-02-18T09:59:45.334722Z","times_seen":2497,"resource_available":false,"data":null}},"time_used":2459,"timings":{"blocked":533,"dns":2,"connect":255,"send":0,"wait":547,"receive":846,"ssl":273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/static/js/home.js","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.475Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/home.js HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:54 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 28 Apr 2020 14:28:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5ea83d72-994e\"\r\nExpires: Mon, 12 May 2025 00:41:54 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39246,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators","md5":"dace87b98369cd3a17614087ace567a7","sha1":"854eb995ab3a2ca08a785786c0ab1055eef1649d","sha256":"2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417","sha512":"c27abdad353ff3b5ef047690038e5a23e337f6aa15ca88abce98cf5c5865db1fb69a69f72ac2e44256f1dc9a3fe3564bb6212adadf0e6cd6aea4a64d8cb7f975","ssdeep":"768:qJqhbl1JbiPbhWODBb7z9n/bhb7m5gr9JQVT5E12r9luXT:qyODBNQUT","tlshash":"3c03724db697146450b3326a9f7b5a08df7b421f05008f49be7d00a41ff1a4eb616fad","first_seen":"2023-03-07T01:10:44Z","last_seen":"2026-03-18T14:17:29.255306Z","times_seen":551,"resource_available":true,"data":null}},"time_used":436,"timings":{"blocked":119,"dns":1,"connect":157,"send":0,"wait":158,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/i/77/ppgg-960-120.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"58.218.215.99","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Feb 2025 09:20:42 GMT","end":"Sun, 25 May 2025 09:20:41 GMT"},"fingerprint":{"sha1":"D7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4","sha256":"36:98:86:B5:F6:DA:70:1C:81:E3:41:B0:5E:FA:2F:1D:45:CA:33:4C:61:DD:F4:E1:47:45:0A:FC:ED:90:88:ED"}}},"request":{"raw":"GET /i/77/ppgg-960-120.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 167569\r\nstrict-transport-security: max-age=5184000\r\ndate: Wed, 07 May 2025 04:19:22 GMT\r\nlast-modified: Wed, 07 May 2025 04:10:38 GMT\r\nvary: Accept-Encoding\r\netag: \"681add3e-28e91\"\r\nexpires: Fri, 06 Jun 2025 04:19:22 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache28.l2cn2629[531,167,200-0,C], cache43.l2cn2629[169,0], kunlun9.cn192[0,0,200-0,H], kunlun1.cn192[1,0]\r\nage: 375754\r\nali-swift-global-savetime: 1746591562\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 07 May 2025 04:19:26 GMT\r\nx-swift-cachetime: 2591996\r\ntiming-allow-origin: *\r\neagleid: 3adad01517469673160646047e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":167569,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"4cbf0ed4cf23c024d7a42d23a59ba5b3","sha1":"1da1037d52142d60f45c10b2d49c68e2813d688b","sha256":"768f522404e018685e5e5fa068ad5da6a7f5bf2ea00412629f5e50f944f6d7be","sha512":"6a03c7ba606c184b1670bd1470686ec7c926192f881db55c1abd811fd2da639154c1d009690a3edb94f586377f233c2622d1f553459880bcfd86b3213d8332a6","ssdeep":"3072:vpLOVEGKmolt4XfgvjdcANs6NStzNBYUpj2IaL8OhB4kb/mNt8tXOKJf/:BLO1Kmolt4XedTNs6NiNBY/5ZhBpyNtQ","tlshash":"92f3127a7d2e6e88e0876210977cb285e78acf346e4c1d9527975666f802cc510cfde1","first_seen":"2025-05-11T05:57:28.201408Z","last_seen":"2025-05-12T00:23:16.855588Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2756,"timings":{"blocked":463,"dns":388,"connect":269,"send":0,"wait":1109,"receive":232,"ssl":281},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple-banana.oss-cn-shenzhen.aliyuncs.com/960x60.gxf","fqdn":"apple-banana.oss-cn-shenzhen.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"112.74.1.166","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-cn-shenzhen.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 03 Jan 2025 03:21:02 GMT","end":"Wed, 04 Feb 2026 03:21:01 GMT"},"fingerprint":{"sha1":"03:70:E9:00:74:25:16:B5:BF:FF:00:CD:AB:10:06:8B:47:77:44:19","sha256":"22:DE:75:E4:0A:86:BA:6F:6F:7E:CC:B4:00:6F:BA:50:83:66:18:D2:A6:E6:ED:60:40:43:7A:4F:76:26:13:DF"}}},"request":{"raw":"GET /960x60.gxf HTTP/1.1\r\nHost: apple-banana.oss-cn-shenzhen.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 11 May 2025 12:41:58 GMT\r\nContent-Type: application/gxf\r\nContent-Length: 52039\r\nConnection: keep-alive\r\nx-oss-request-id: 68209B16AF475938350AF76E\r\nAccept-Ranges: bytes\r\nETag: \"3E32BDB2CD2A16E8C98CBCEBA9FF16F1\"\r\nLast-Modified: Wed, 15 Jan 2025 10:22:46 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11493420569303131402\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: PjK9ss0qFujJjLzrqf8W8Q==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52039,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"3e32bdb2cd2a16e8c98cbceba9ff16f1","sha1":"cd1f45f8f6ef778bc199b4d795ee172f3c4986da","sha256":"f05f7be16dee1385038f37c8d08e5dcbe03c2ffa5ecb2e40baade637bacb2ea3","sha512":"cd2c44d244147881e636dd046d4655f47f1ff206a86f87dc77014e2eece2db6bcf2c4056d5480de2f70570d68f0fb57a009dd51628edea112d627dd701952204","ssdeep":"1536:VpzSdNxbkulmlz5RcDRDfkIy4JSA3Va6YiXsYKL:iN4xSRTceZa6YwKL","tlshash":"7333f1e56e08e8419e3462c3aa66358bad460fe1bb38d1247577dc3ff801b54365b2d3","first_seen":"2025-01-13T23:24:54.853057Z","last_seen":"2026-02-19T21:08:23.326389Z","times_seen":100,"resource_available":false,"data":null}},"time_used":3914,"timings":{"blocked":447,"dns":1434,"connect":258,"send":0,"wait":261,"receive":49,"ssl":1465},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/i/1313/01960x60.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"58.218.215.99","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Feb 2025 09:20:42 GMT","end":"Sun, 25 May 2025 09:20:41 GMT"},"fingerprint":{"sha1":"D7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4","sha256":"36:98:86:B5:F6:DA:70:1C:81:E3:41:B0:5E:FA:2F:1D:45:CA:33:4C:61:DD:F4:E1:47:45:0A:FC:ED:90:88:ED"}}},"request":{"raw":"GET /i/1313/01960x60.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 125626\r\nstrict-transport-security: max-age=5184000\r\ndate: Sun, 13 Apr 2025 07:16:30 GMT\r\nlast-modified: Sun, 13 Apr 2025 06:52:44 GMT\r\nvary: Accept-Encoding\r\netag: \"67fb5f3c-1eaba\"\r\nexpires: Tue, 13 May 2025 07:16:30 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache56.l2cn3129[0,0,200-0,H], cache36.l2cn3129[0,0], kunlun8.cn192[0,0,200-0,H], kunlun1.cn192[1,0]\r\nage: 2438726\r\nali-swift-global-savetime: 1744528590\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 30 Apr 2025 18:07:28 GMT\r\nx-swift-cachetime: 1084142\r\ntiming-allow-origin: *\r\neagleid: 3adad01517469673160946125e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":125626,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"d866477ac7fecf778d0bdc40ca50ef80","sha1":"63e7ae4c5de9623a90952fe3f7e21f87cbfd23bc","sha256":"fc86bbf982ad2ccd90c095657b41ecbfcb36ff4d42aeba0eb3afddd4c72f3c65","sha512":"8f58a2b6e26e46b265dbd8a51d6a5ce750447639847522ff0bdba6205899989e508d0c2e6e28116a11c28fd9dc87e76aa0a63f6ab576d16a36ae14fa0a359e85","ssdeep":"1536:ob5XvxtKLnNWIRNFwmmiwRP/a3dCr6a3dCr6a3dmIcvKr8Yjio2r8Yjio2r8YjY:ob5XZt0NWMG8+CNmTNmTNmIHLn2Ln2L0","tlshash":"3fc30258873d2194ea1c793d2ffb824e1c458c31537d10f5c86daf6eeca42295cac6a6","first_seen":"2025-04-19T05:55:13.156581Z","last_seen":"2025-05-30T14:46:06.533359Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2817,"timings":{"blocked":438,"dns":388,"connect":296,"send":0,"wait":1292,"receive":101,"ssl":293},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ygpl.abctup.com/gif/960-120ok.gif","fqdn":"ygpl.abctup.com","domain":"abctup.com","tld":"com"},"ip":{"addr":"104.21.46.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abctup.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 May 2025 05:38:27 GMT","end":"Thu, 07 Aug 2025 06:37:11 GMT"},"fingerprint":{"sha1":"29:2F:E7:2C:65:01:17:5B:9D:22:96:0E:EB:7A:8A:F4:C2:5A:CC:B9","sha256":"A0:D4:0C:B8:D3:0F:0C:CF:D2:EF:B9:3B:17:37:DF:41:9D:41:4A:EA:69:44:07:44:FB:5A:63:2F:23:8A:FC:6D"}}},"request":{"raw":"GET /gif/960-120ok.gif HTTP/1.1\r\nHost: ygpl.abctup.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 334547\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 08 Apr 2025 07:17:02 GMT\r\netag: \"67f4cd6e-51ad3\"\r\nexpires: Sun, 08 Jun 2025 07:27:43 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 191654\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=daEgvpwtIBLR7N9aPSFTPdewAAaT7M7u5gP%2BZmA8AqwlSQswBcyNcxdk8U1CzeR%2F5b%2BAaVLwbjXw4JKaYdt8Mqh22%2FHdZQzqpoQeb5ij9K8orlq%2B2O135QUz1b%2FgzTcvLug%3D\"}]}\r\ncf-ray: 93e1c0e54cd60b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":334547,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"f95fc77d4e66d9f77c8be68c13604bb5","sha1":"0e43872f70345810b1a30a8dd6ef4d39fc074270","sha256":"ad0eac662c28ae170fd40f66af6781fc44be257141c28201267bd3b7b8144c64","sha512":"8029b22252beb40a945589fa69690ae28b0525d20ffcd911618ddfc42de950d53cb0f43bdb23fac91d3e06fafd5af9c949777a93b6dbbf910c27e6c9d50d0300","ssdeep":"6144:vDZgLxiwV6AAvqgS/dsWoZsC6ATJdoTtjMYn7fp74fnGh9i4UOuO:LZCVmqgS/d0AA8JXnbpcnGridO","tlshash":"2e64231b566e1495107f9a278b0e4c57faaf17f544a7f493f4bba87c88362b000f4a38","first_seen":"2025-04-08T10:14:40.169531Z","last_seen":"2025-12-03T10:24:35.485204Z","times_seen":94,"resource_available":false,"data":null}},"time_used":2831,"timings":{"blocked":436,"dns":1903,"connect":1,"send":0,"wait":31,"receive":14,"ssl":446},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/28/960-120.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/28/960-120.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 133309\r\nlast-modified: Fri, 28 Mar 2025 14:19:24 GMT\r\netag: \"67e6afec-208bd\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":133309,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"588f8a6bc2823c6e2b1bc2b8d28c4cf2","sha1":"3a13e77ce53ce6108759afbe7bc4a128876fb0f5","sha256":"fcaae4cf9008299986d9fc8ea60c9c1c459f2300ebc828368622fa934db23c1e","sha512":"7600d96b70c7ba5944e48781612f773b8b97ff5abd4324e2c7c265d1e395e9b085bf6b18287c9a34e90738274b28498dd90bf7d280bda210e1b0af05b077c362","ssdeep":"3072:ufjjpufL/2njerCmn/wkyyZRc1Yw3oWLfRDSO0vp:8jjGr2jeOm1pkYw9Lps","tlshash":"4ad3124e138f4a09a46ccb12f91997737a41efb8fdc8a94081bd2c71b5fb19b02465c9","first_seen":"2025-04-01T19:07:34.998393Z","last_seen":"2025-06-21T17:43:13.29341Z","times_seen":44,"resource_available":false,"data":null}},"time_used":1567,"timings":{"blocked":443,"dns":0,"connect":0,"send":0,"wait":660,"receive":464,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/static/js/jquery.lazyload.min.js","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.548Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/jquery.lazyload.min.js HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:54 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 26 Jan 2022 08:38:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"61f10888-d35\"\r\nExpires: Mon, 12 May 2025 00:41:54 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3381,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3309)","md5":"89c45121934ed4664ff3ca811a008226","sha1":"848216f1d67cc7c6c6214db1a771f8c4653f06d6","sha256":"e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7","sha512":"61a33e6453c52798cf127e93c3163344cea18bdcf31eea042653903b4653b1e5408942d7b3e09b33ac73c667d1b0161d1438cbaee8d517518352c7c88a9bcc3c","ssdeep":"","tlshash":"1861768d7f527839f0567a9e831f3106663ed46f81814c54b0c9ece4ecec7951236d9a","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-05T10:15:23.05033Z","times_seen":4385,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":204,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/static/js/jquery.js","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.473Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/jquery.js HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:54 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 04 Aug 2016 14:39:10 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"57a3538e-169d5\"\r\nExpires: Mon, 12 May 2025 00:41:54 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-05T11:38:40.333292Z","times_seen":60706,"resource_available":true,"data":null}},"time_used":650,"timings":{"blocked":117,"dns":1,"connect":153,"send":0,"wait":155,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/statics/css/font-awesome.min.css","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.477Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/css/font-awesome.min.css HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:54 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 01 Jun 2020 03:59:16 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5ed47d14-716c\"\r\nExpires: Mon, 12 May 2025 00:41:54 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29036,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28870)","md5":"19cc6875b7666438bda4970947c6e2a5","sha1":"4274869de2b4e0c7583d229883ac3d15a93cca4f","sha256":"f88fda84c45d9b780d504c8107293791d480ea55076f526d33b3bd18a27e20e7","sha512":"03ab90fee9da95c4c188d94f6115ef35ccde7c4154721f583c3ee11a4749e9d5c669cf3f815832a291ace99519b5914736d6dd1ed3ec65d052b814435f335473","ssdeep":"384:8u5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8SQ/8dwwdG:nlr+Klk3Yi+fwYUf8l8SQ/eC","tlshash":"cfd250e8e54c01d66731c48bff81b36862baf73dd5844d98f01f690c29d22a522c5fb9","first_seen":"2025-04-08T10:14:40.140802Z","last_seen":"2026-04-05T08:45:06.746219Z","times_seen":350,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":118,"dns":1,"connect":155,"send":0,"wait":157,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com/siteadmin/upload/img/1821437871279833090.gif","fqdn":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com","domain":"v7pyne-835-ppp.s3.ap-east-1.amazonaws.com","tld":""},"ip":{"addr":"3.5.238.168","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-east-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 29 Apr 2025 00:00:00 GMT","end":"Sat, 18 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C0:8F:91:8B:87:39:95:A3:68:A0:79:E7:10:5F:99:19:57:79:6C:78","sha256":"10:D3:AB:F7:F9:42:F3:C4:99:B4:7A:FB:CE:3C:E7:04:5F:94:9E:A8:A1:85:D9:71:A9:40:81:7D:54:72:68:F4"}}},"request":{"raw":"GET /siteadmin/upload/img/1821437871279833090.gif HTTP/1.1\r\nHost: v7pyne-835-ppp.s3.ap-east-1.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: NvTv6NdCiq9yrwAwR5Oi5tx8nGnbi8CboM+TcoWfSNZaPaKnfvXMYvs/kbxRwwze/stnP+gMVpqLoBU98wkGSw==\r\nx-amz-request-id: WCFC1WK7G93KP462\r\nDate: Sun, 11 May 2025 12:41:58 GMT\r\nLast-Modified: Fri, 16 Aug 2024 07:08:12 GMT\r\nETag: \"716f782a5ef40e97cd18860b2f632514\"\r\nx-amz-server-side-encryption: AES256\r\nCache-Control: s-maxage=86400,max-age=1800,public\r\nx-amz-meta-mtime: 1723792004.834520441\r\nAccept-Ranges: bytes\r\nContent-Type: image/gif\r\nContent-Length: 45085\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45085,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"716f782a5ef40e97cd18860b2f632514","sha1":"5de682c467be3b591a6e948ff7e1c66bc8738154","sha256":"5b6b478c99e05be341638c47e99dabd3bc28725e8d68118738a3e62c110434f4","sha512":"fbb098539f1388874cfc9f6c8c4bafa3d876de1128f9a4b669a7742a963841e2ed649cea34a8f0b3e1dd33eb8ba51adc9e1597f8f9f816b5bc639b0fef1811be","ssdeep":"768:Q6GyPrkU8fbYndxd8r311DPWOjpdDUmqUCxG2YieClzJ1yuvMPb1:Qly98TYnPd8r3Fj3UmqP6IHIt5","tlshash":"b213f1b661c40b29e0b24ee8ac0acde336991c45f326d74afe7da376552887f3710d14","first_seen":"2025-05-11T05:57:28.140034Z","last_seen":"2026-02-19T21:08:23.371131Z","times_seen":33,"resource_available":false,"data":null}},"time_used":3624,"timings":{"blocked":439,"dns":1834,"connect":264,"send":0,"wait":285,"receive":266,"ssl":534},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7887f171a781a08a9fc1b8a997b61201","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:55.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /hm.js?7887f171a781a08a9fc1b8a997b61201 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11289\r\nContent-Type: application/javascript\r\nDate: Sun, 11 May 2025 12:41:58 GMT\r\nEtag: 27a5843b5478e813d1a043dd2b3133ed\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=51C62300750096BA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (619)","md5":"327a4ac4085ff9df74c4a703aeb2c1e8","sha1":"1f2e7f186338dfe9cc3b2740725c94cb9fc33363","sha256":"22195f049c9ef2bd338c39c1db4719cbf35875f08764729e7775bb78be65b7b2","sha512":"4e2bedbc7ff4e938f3d7b0da19b8d5646aa77843de65c5d13a0ef65882c8db8a4e0eed2acd55c5fb3c8c4f3637b67dff3d04c7bdf687ef02c99bf9ae045d6b05","ssdeep":"384:XEJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:XE4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"78d2d9a9b282713293a324a5153f324ef17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-05-11T12:42:29.692375Z","last_seen":"2025-05-11T12:42:29.692375Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3193,"timings":{"blocked":0,"dns":2210,"connect":232,"send":0,"wait":284,"receive":1,"ssl":459},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ckb2.cc/","fqdn":"ckb2.cc","domain":"ckb2.cc","tld":"cc"},"ip":{"addr":"198.16.60.58","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-11T12:41:52.047Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ckb2.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.0 200 OK\r\nConnection: close\r\nCache-Control: max-age=259200\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 423\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":423,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (423), with no line terminators","md5":"2232294fb48cadcfd7d9c8fad8e87c02","sha1":"5e2bb2dab36ae0737c5744439dfe4ff069592d60","sha256":"2fa6bb52f8e0fce38b81ab3babe3a0518a8c306f3f03db75244b133609f92e7a","sha512":"5088f1b1b48d128d1d6f94d61c0e14e368bf9c9709826715a6ea34cfb2bc3e83aa70abdb5866dcf4435eb963bf6c1703241381bb8d7da6487246d3210eedada9","ssdeep":"","tlshash":"6ce0ecf7289185306df53287db93bb552d1251c72a01b40150485ca5a51cf8ec63de99","first_seen":"2025-05-11T05:57:28.163433Z","last_seen":"2025-06-21T07:19:02.753589Z","times_seen":13,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":162,"dns":2,"connect":157,"send":0,"wait":0,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/statics/img/icon_seacrh.png","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:55.079Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/icon_seacrh.png HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/statics/css/stui_default.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:55 GMT\r\nContent-Type: image/png\r\nContent-Length: 348\r\nLast-Modified: Mon, 23 Jul 2018 17:00:44 GMT\r\nConnection: keep-alive\r\nETag: \"5b5609bc-15c\"\r\nExpires: Tue, 10 Jun 2025 12:41:55 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"f77344071bd77c499961fe76810f9270","sha1":"90ee6dc9968c857f546c60943c68dbc1dba1b8cc","sha256":"c35811436039fbd6efc50c0bb111831d8bf6d9afbe92a46a038cd9efb34738af","sha512":"419706e2817c1d4357cd9cb27cce9d5fd01da92743f0837114c2c5cfdb45ab9e54dd3a9e14196800c678d7c09125ba31b8bc9c3ea2920e3a0e9af2b2acc5accc","ssdeep":"","tlshash":"26e0c0dfe781f63d8aea7921c74c08048c3b194e1b705d9c0d1e41b42e31519c9d6642","first_seen":"2023-05-12T08:10:23Z","last_seen":"2026-04-05T08:45:06.755312Z","times_seen":921,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.607images.com:6699/images/960x60-1.gif","fqdn":"images.607images.com","domain":"607images.com","tld":"com"},"ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.607images.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 May 2025 15:47:36 GMT","end":"Fri, 01 Aug 2025 15:47:35 GMT"},"fingerprint":{"sha1":"26:9F:3A:9C:98:6B:4E:86:DA:83:BE:69:97:1B:A7:C0:A7:9D:7B:6E","sha256":"19:EF:8D:59:63:0B:B8:E7:25:C8:17:38:E4:C9:BC:1F:39:AE:6D:54:22:4F:4B:15:68:80:6F:B2:33:5A:91:DD"}}},"request":{"raw":"GET /images/960x60-1.gif HTTP/1.1\r\nHost: images.607images.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 10:44:06 GMT\r\netag: \"67a5d15a-60aac\"\r\nlast-modified: Sun, 11 May 2025 10:44:06 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 395948\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":395948,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"8059e22f7e86e84ac0f3f65d456ae3c9","sha1":"1dd26cbfa77f9d41325b8268c121e02edd6643a6","sha256":"cee2efd7da7ba5f56fd37b2c734db6d97db93963db35eea1a6af42597922e63f","sha512":"a4ed69050a656895213b066021b2388f62d76c37be5161a73badc5ab698f1706623d7d89b627755504c971ff13123c905b1991faf7a1f752d26b5fe532c6f323","ssdeep":"12288:HZjhLotS1MqiJw8qJNckkylwI6qoG4er6JeUUo:5jxohqIlqTcEb6qoNeruwo","tlshash":"8484230abc0d0cb9fb9675982f727dd01eb868ce785d533a68c5399005e927db444af3","first_seen":"2025-02-22T07:16:05.389354Z","last_seen":"2026-04-05T06:17:08.060098Z","times_seen":1052,"resource_available":false,"data":null}},"time_used":4324,"timings":{"blocked":455,"dns":1126,"connect":241,"send":0,"wait":241,"receive":1176,"ssl":1085},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.blkj58.com/images/91274636-75a7-4385-b3e7-cee240ce87ef","fqdn":"img.blkj58.com","domain":"blkj58.com","tld":"com"},"ip":{"addr":"128.1.52.179","port":443,"asn":21859,"as":"ZEN-ECN","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.blkj58.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Apr 2025 06:06:00 GMT","end":"Tue, 08 Jul 2025 06:05:59 GMT"},"fingerprint":{"sha1":"B6:48:36:B4:69:43:47:29:16:B4:8C:B6:D4:D8:5A:88:F5:CD:64:48","sha256":"E3:43:C2:F3:6F:1C:63:B6:29:21:6A:3A:46:77:10:4A:42:2A:53:6C:9B:86:5E:93:BB:3A:56:C2:F6:3D:D7:26"}}},"request":{"raw":"GET /images/91274636-75a7-4385-b3e7-cee240ce87ef HTTP/1.1\r\nHost: img.blkj58.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 11 May 2025 12:41:56 GMT\r\ncontent-length: 0\r\nlocation: https://cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif\r\nserver: BunnyCDN-MY1-966\r\ncdn-pullzone: 3585066\r\ncdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nstrict-transport-security: max-age=31536000\r\ncdn-proxyver: 1.27\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 302\r\ncdn-cachedat: 05/10/2025 14:35:34\r\ncdn-edgestorageid: 966\r\ncdn-requestid: 5f9bcaa4f57d1c59517f8d22d650a77f\r\ncdn-cache: HIT\r\ncdn-status: 302\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":273082,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":2528,"timings":{"blocked":444,"dns":1512,"connect":182,"send":0,"wait":186,"receive":0,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zb.ww57988tc.com:8686/bai960x240.gif","fqdn":"zb.ww57988tc.com","domain":"ww57988tc.com","tld":"com"},"ip":{"addr":"154.83.95.216","port":8686,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zb.ww57988tc.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Apr 2025 17:08:35 GMT","end":"Tue, 29 Jul 2025 17:08:34 GMT"},"fingerprint":{"sha1":"47:2F:63:8C:2D:0F:42:37:24:6D:62:8D:7D:15:CF:56:75:82:E3:14","sha256":"C4:2C:CE:AC:50:85:29:1A:F8:F3:85:28:67:9D:33:6D:95:DE:5F:01:B0:74:36:0C:8D:BD:CB:83:63:87:7E:0B"}}},"request":{"raw":"GET /bai960x240.gif HTTP/1.1\r\nHost: zb.ww57988tc.com:8686\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000\r\nContent-Length: 4614969\r\nContent-Type: image/gif\r\nDate: Sun, 11 May 2025 11:56:55 GMT\r\nEtag: \"680cba2c-466b39\"\r\nExpires: Tue, 10 Jun 2025 11:56:55 GMT\r\nLast-Modified: Sun, 11 May 2025 11:58:56 GMT\r\nServer: nginx\r\nX-Cache: HIT, policy, disk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4614969,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 240","md5":"2f1469b74de1feb973c078c637873ab9","sha1":"fa0531a3bed6ab67187828ef0efb3a0e1892f24a","sha256":"d0890d2df0311292704da5ea655c557030637b9e04d5f2951ae5552c2c970289","sha512":"157340942d92f8cdeb6b5300d47a6256984980e1da3a43efe6b16c3370575e08adb60e653f3720587e87ac9410c284320663cc8015dfcb681fd569405f32b4c9","ssdeep":"98304:zVlYmjOVMv2FZnG3Aby/g1pYXzDEYKtjb3Pce:ZlYE7eHG3Aby/CmXzDEnHUe","tlshash":"6626332a957ce4a8843fa563898977d48e08dc791c684f3021f1726472535fffca2b5e","first_seen":"2025-05-11T05:57:28.161404Z","last_seen":"2025-05-12T00:23:16.889513Z","times_seen":3,"resource_available":false,"data":null}},"time_used":6003,"timings":{"blocked":435,"dns":2162,"connect":238,"send":0,"wait":229,"receive":2210,"ssl":726},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/02/xpj960u60.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/02/xpj960u60.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 473537\r\nlast-modified: Sun, 02 Mar 2025 14:09:14 GMT\r\netag: \"67c4668a-739c1\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":473537,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"dd883b8804f423546973e92458d5d39a","sha1":"d8ceb95d36b1fe6d091d819e5b41d7d49d48f490","sha256":"d8479625690f91532c194cbfff87093c49a2fba3db82c35c752723df0e2445f9","sha512":"f24968e239a1cda5a62a0d9b4a488aa69fd5f0c3e9297354a32501b67008ed5e74b2091eaa4591231450e235c40dea9b5e0e26187a24a4cf865ec58dca17ce48","ssdeep":"12288:6Ip0W3W3duOhPyaMg3OhPyaMg3OhP1ASrWHVrWHL:6zek9ASCVCL","tlshash":"49a4131130e78f50cd4be53460fe29b82a2ba37a1e540605df25e548faeb657f4232d7","first_seen":"2025-03-05T01:59:19.647776Z","last_seen":"2025-05-14T14:43:51.625057Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1767,"timings":{"blocked":468,"dns":0,"connect":0,"send":0,"wait":660,"receive":639,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"555jnc.img3174125953.com/8888/jnc/jnc80.gif","fqdn":"555jnc.img3174125953.com","domain":"img3174125953.com","tld":"com"},"ip":{"addr":"198.200.56.161","port":443,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"555jnc.img3174125953.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 May 2025 05:50:14 GMT","end":"Sun, 03 Aug 2025 05:50:13 GMT"},"fingerprint":{"sha1":"36:C0:3F:F3:6C:0A:D3:B5:AC:EE:CC:C4:31:D0:B0:D4:4E:D3:19:3D","sha256":"BE:C4:86:B5:CB:21:77:B7:7B:4C:4D:42:71:E7:96:DC:89:03:48:D8:6D:5C:41:50:12:63:30:CD:1D:B0:DF:FB"}}},"request":{"raw":"GET /8888/jnc/jnc80.gif HTTP/1.1\r\nHost: 555jnc.img3174125953.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 12:39:43 GMT\r\netag: \"664dc89d-b334b\"\r\nexpires: Tue, 10 Jun 2025 12:39:43 GMT\r\nlast-modified: Sun, 11 May 2025 12:40:21 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 734027\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":734027,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"0fb098e34cbb802f261ed3126bf9e701","sha1":"cd79336a660e7fcca51c79deb880daf66a860b94","sha256":"b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150","sha512":"12ecd0fcc783c92d04e8883cfec8700a1f662d5b5b241ff09e2cf5abc5c42e1c49642f9c333ce456a8bd94e1a77c4d86b2fef3c6f0669cd90054ed44f7bc9237","ssdeep":"12288:aazR5YYYYsiMwOMwOMwOMwOMwOMwOeUWaaUWaaUWaaUWaaUWaaUWaaUWKejzBa0f:ZTYYYYYtUWaaUWaaUWaaUWaaUWaaUWas","tlshash":"4ff412aff58e18ca095e142773174f1964957086049178c787cdaf2ed287efb3a36938","first_seen":"2023-09-16T22:15:15Z","last_seen":"2026-04-05T08:45:06.749682Z","times_seen":2443,"resource_available":false,"data":null}},"time_used":4796,"timings":{"blocked":431,"dns":2722,"connect":151,"send":0,"wait":170,"receive":780,"ssl":541},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=51C62300750096BA\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=2062612496\u0026si=7887f171a781a08a9fc1b8a997b61201\u0026su=http%3A%2F%2Fckb2.cc%2F\u0026v=1.3.2\u0026lv=1\u0026sn=823\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2F444329.xyz%2F\u0026tt=%E9%BB%84%E8%89%B2%E4%BB%93%E5%BA%93-huangsecangku.net","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:58.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 08 Jul 2024 01:41:02 GMT","end":"Sat, 09 Aug 2025 01:41:01 GMT"},"fingerprint":{"sha1":"EF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0","sha256":"90:73:DE:D9:D9:93:A9:34:C2:9C:5E:C3:C6:AF:A7:28:6D:2F:0F:88:48:35:2F:94:D0:20:35:86:5D:85:68:E2"}}},"request":{"raw":"GET /hm.gif?hca=51C62300750096BA\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=2062612496\u0026si=7887f171a781a08a9fc1b8a997b61201\u0026su=http%3A%2F%2Fckb2.cc%2F\u0026v=1.3.2\u0026lv=1\u0026sn=823\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2F444329.xyz%2F\u0026tt=%E9%BB%84%E8%89%B2%E4%BB%93%E5%BA%93-huangsecangku.net HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Sun, 11 May 2025 12:41:58 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=398F625AF147B975; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T11:45:00.709948Z","times_seen":327731,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-11T12:41:53.940Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ckb2.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:54 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":67256,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (37666), with NEL line terminators","md5":"6afe31f322b9e1491e1fc3c0af2ebb31","sha1":"f31923972f5963dd1cefefd2c264ef456c69fde2","sha256":"96492d6584b4639a5eea7e6f8563c08e3c4c448de618318edb354f973ef41ff5","sha512":"b57b542d841e5bb8a178cada0767b8865c7ec902275be69513591d59b1c2eafd9d21c340b31784a63b4df4f68637a2b9e42d81ebb411836b8a3cc844983e57c5","ssdeep":"768:ZV/IIP9t3YbBUcnRZ1Z1K7U5zcR8R9D2xyVbqgCfh6t6UAMLp3O0H0RzyMMv0:ZRIIV5KJj1Z2Y92YPUROBv0","tlshash":"1c6312a28092a73752bbc9dee1a467df79d392ddc6438e00bbfc51d427cad54b01a01e","first_seen":"2025-05-11T12:42:29.702378Z","last_seen":"2025-05-11T12:42:29.702378Z","times_seen":1,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":154,"dns":2,"connect":155,"send":0,"wait":180,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pg555111.img6857783384.com:8585/8888/pg507/80.gif","fqdn":"pg555111.img6857783384.com","domain":"img6857783384.com","tld":"com"},"ip":{"addr":"154.83.95.216","port":8585,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pg555111.img6857783384.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 May 2025 07:58:15 GMT","end":"Sat, 02 Aug 2025 07:58:14 GMT"},"fingerprint":{"sha1":"0A:43:E9:2C:10:B0:FE:1D:4E:FC:AB:6D:82:8F:71:C4:67:99:44:C2","sha256":"DF:10:71:E8:3D:79:52:D6:E9:BB:C7:5C:C3:E1:31:C4:C5:61:F7:0A:84:EA:56:06:74:80:D4:99:A3:85:31:9E"}}},"request":{"raw":"GET /8888/pg507/80.gif HTTP/1.1\r\nHost: pg555111.img6857783384.com:8585\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 12:29:55 GMT\r\netag: \"68035ccc-b9fc7\"\r\nexpires: Tue, 10 Jun 2025 12:29:55 GMT\r\nlast-modified: Sun, 11 May 2025 12:30:07 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 761799\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":761799,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"882998dc044a88fc9c665d8d417fb5b7","sha1":"d1541ed879daa6b35442f3767e8167d29decdd32","sha256":"7cd5b59a4ababd5029397754e912d0b0e9f3f6b0b2b18136d2ce7ce05406a8ea","sha512":"24e8c06894b4dd0368e1d774cd82975ad99ec1c3ed22371794c9161c0b20061ea18fcabd72c7fd134ff2397595db76123cd4b0e6b96441688e975edcb4f68c2e","ssdeep":"12288:w+zzzz8LaxmTArEaxmTArEaxmTArEaxmTArEaxmTvd7o7o7o7oOD25////D:w+zzzz8L5ArE5ArE5ArE5ArE54I////D","tlshash":"c6f423f7faf8e246b111d41e738379990632f5a48ab3b8caf04d251ce67e0db901d958","first_seen":"2025-04-23T19:37:43.602292Z","last_seen":"2026-04-05T08:50:59.218814Z","times_seen":1600,"resource_available":false,"data":null}},"time_used":4606,"timings":{"blocked":452,"dns":1819,"connect":234,"send":0,"wait":232,"receive":1365,"ssl":503},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN01eDRouH1Bs33QbUWzs_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN01eDRouH1Bs33QbUWzs_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 217977\r\ndate: Sat, 10 May 2025 12:38:30 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5319917468807106141661e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache28.l2fr1[0,0,200-0,H], cache19.l2fr1[0,0], ens-cache17.fr6[0,0,200-0,H], ens-cache6.fr6[109,0]\r\naccess-control-allow-origin: *\r\nage: 86607\r\nali-swift-global-savetime: 1746880710\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 10 May 2025 12:40:17 GMT\r\nx-swift-cachetime: 31535893\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9a17469673175272906e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":217977,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"228152c32a6f95070687c75137e14a22","sha1":"e307843a355bee858bd9384f3e8eda6620729005","sha256":"230638b3c76e032b8e0a75045b9221b8f69727c415ace62477b05370def9fa5a","sha512":"d67cb64c4fb2ab9c0c7726af7a11152e0bc8efce6180458b6ef2073b567c9829152041647be287bacba1f5b8792f3e7a72875e4889f6a735c40a2b72b8acd61a","ssdeep":"6144:P9IbgCkIbgCkISNmyFfeUqFjqxoqFjqxoqFj+:PWb9Nb9NSNmyFGUejqxoejqxoej+","tlshash":"122402b5ed21032bf793c6bcbd79a4796598a1e3c7045631ac68cd0876d728783e14f2","first_seen":"2025-04-10T19:18:00.104522Z","last_seen":"2025-06-26T14:48:31.953778Z","times_seen":76,"resource_available":false,"data":null}},"time_used":3220,"timings":{"blocked":445,"dns":1819,"connect":36,"send":0,"wait":191,"receive":45,"ssl":678},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/20/960x60.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/20/960x60.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 34603\r\nlast-modified: Thu, 20 Mar 2025 12:33:17 GMT\r\netag: \"67dc0b0d-872b\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34603,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"de188ff2f399dc26073544ca5e0047e0","sha1":"b6645cf44f9c6eaeec5283ad354de54d4e24ccb4","sha256":"a8f693afbf98ee5f99857e44e5212bcaf5207726da4d9cca86b50d68f0b580d2","sha512":"13b193ea9ba4bd954574741a3e28c6f63e67722bb99939bcb63c179aec535ebec927611b68c5b58646054187a66d2e5c72be39adf2f43057eef48ec5c9408d65","ssdeep":"768:ZNhEQybuSX7q2NOXSjvK5E2wgpddg6MeNvlUau7KcFgFmrY73lr9m9eRJ+1e:1jWBNnjvK5E2bHdgb0GEZ92WB","tlshash":"13f2f20ce494f20b0ddfed1c1937aa970a476ba575c2ac79a8cc995143207ec64af3c3","first_seen":"2025-03-11T06:21:31.066069Z","last_seen":"2025-05-12T00:23:16.853512Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1408,"timings":{"blocked":437,"dns":4,"connect":0,"send":0,"wait":656,"receive":291,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/statics/css/img/fontawesome-webfont.woff2?v=4.6.3","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:55.126Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/css/img/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/statics/css/font-awesome.min.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:55 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 71896\r\nLast-Modified: Mon, 01 Jun 2020 04:00:13 GMT\r\nConnection: keep-alive\r\nETag: \"5ed47d4d-118d8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71896,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 71896, version 4.393","md5":"e6cf7c6ec7c2d6f670ae9d762604cb0b","sha1":"97e438cc545714309882fbceadbf344fcaddcec5","sha256":"7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73","sha512":"dd945face918edf20b7283b7416ae7b3735269945e3f3e379e770425024c1de1fcdc7cfb952381d295d0d1f58c8ab191fd29030f2051d10501557bd7bfbe3658","ssdeep":"1536:tA4xrPyfyECsyz2wCjYfhO/ORzc7erabg5Z06GEQMo:t3jayEC/2/OI/gcq+bg5C6G7","tlshash":"756302f87e71b01d5a306f74e56730e2491c9283e79593f8a8297cb681b2f493742c7a","first_seen":"2023-04-05T09:22:06Z","last_seen":"2026-04-05T10:59:12.205572Z","times_seen":33002,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":287,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"444329.xyz/","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-11T12:41:53.285Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://ckb2.cc/\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":252,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2024/06/08/6662eda7a97f0204d37e1da5.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2024/06/08/6662eda7a97f0204d37e1da5.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 700682\r\nlast-modified: Sat, 08 Jun 2024 04:02:45 GMT\r\netag: \"6663d7e5-ab10a\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":700682,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 750 x 80","md5":"7b25222bb9335d03824dabc0734f9ce7","sha1":"985ced82b60470ded947469bb9c1012ca87d8eb8","sha256":"f5e997f8942156a3166acd8e27cb128e32d36bca447909d1549ee189c98299b3","sha512":"479063bd22df7d31fde204f0b4f04800a56106af5b0013a5f93526a7bb71223ab9835de334af55d56fda7baf15396b601781677785424705a124c0160fa9d66a","ssdeep":"12288:yrw51cJ1cJ1cJ1cJ1u+5X+X+X+X+TBUs11Bs11Bs11Bs11Bs7:Cw5+J+J+J+JB71q1q1q1G","tlshash":"56e41243de8f4dc26d33686172d07b09abb234e46989dff436219f06f27b12698361d6","first_seen":"2024-07-04T07:59:35Z","last_seen":"2025-07-22T03:27:59.380077Z","times_seen":154,"resource_available":false,"data":null}},"time_used":2314,"timings":{"blocked":485,"dns":51,"connect":152,"send":0,"wait":303,"receive":977,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/i/22/xx960-120.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"58.218.215.99","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Feb 2025 09:20:42 GMT","end":"Sun, 25 May 2025 09:20:41 GMT"},"fingerprint":{"sha1":"D7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4","sha256":"36:98:86:B5:F6:DA:70:1C:81:E3:41:B0:5E:FA:2F:1D:45:CA:33:4C:61:DD:F4:E1:47:45:0A:FC:ED:90:88:ED"}}},"request":{"raw":"GET /i/22/xx960-120.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 110659\r\nstrict-transport-security: max-age=5184000\r\ndate: Fri, 02 May 2025 06:35:40 GMT\r\nlast-modified: Fri, 02 May 2025 06:10:52 GMT\r\nvary: Accept-Encoding\r\netag: \"681461ec-1b043\"\r\nexpires: Sun, 01 Jun 2025 06:35:40 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache4.l2cn2655[0,0,200-0,H], cache31.l2cn2655[0,0], kunlun6.cn192[0,0,200-0,H], kunlun1.cn192[1,0]\r\nage: 799575\r\nali-swift-global-savetime: 1746167741\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 02 May 2025 06:35:42 GMT\r\nx-swift-cachetime: 2591999\r\ntiming-allow-origin: *\r\neagleid: 3adad01517469673160796082e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110659,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"2686937d2551b6245781a1b4daefb404","sha1":"67de3ca7c0989997e7d8e20ce0b166369b54ce73","sha256":"56803b2757e23f4f64143a3a072d8f69f729479647ea1038f6ae439c0613943b","sha512":"d816d557fd997b2206e7ba810d11122a73534a51dc179119fcf67e06a23e77833bea95a05d5f2669453735c7bf2a1eed374ef861dfe6a2b4449f24ce6521b151","ssdeep":"3072:Arc3UTp5Se2uQVtcInjY95BYxLKtq7/I7u9:ZUTjSe2uQVtcIjY9fAKvq9","tlshash":"4db312fec0819d914f13c07f19f5457d035102adaa58a829edbcea2009ef2beebe114d","first_seen":"2025-05-11T05:57:28.189207Z","last_seen":"2025-05-12T00:23:16.880603Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2775,"timings":{"blocked":462,"dns":388,"connect":270,"send":0,"wait":1307,"receive":37,"ssl":294},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"777abc777abc.com/a61f77a18e1145a9ac6bf306fd7fa251.gif","fqdn":"777abc777abc.com","domain":"777abc777abc.com","tld":"com"},"ip":{"addr":"104.160.179.194","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"777abc777abc.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 12 Apr 2025 00:00:00 GMT","end":"Fri, 11 Jul 2025 23:59:59 GMT"},"fingerprint":{"sha1":"54:C9:6A:09:C6:5B:AC:10:6E:3B:53:2E:FC:79:46:2B:3F:C7:1B:B8","sha256":"19:6C:BD:F9:34:BB:1A:E1:7F:30:D2:FC:62:8E:9B:D4:99:FA:E2:17:53:95:E6:5C:2A:05:A5:62:20:16:A4:65"}}},"request":{"raw":"GET /a61f77a18e1145a9ac6bf306fd7fa251.gif HTTP/1.1\r\nHost: 777abc777abc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 794947\r\nlast-modified: Sun, 20 Apr 2025 06:47:25 GMT\r\netag: \"6804987d-c2143\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":794947,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"fd4dc53c49dec4f03bfdee5e8cb17967","sha1":"32c1b4810a444f08814892309516c2cb21f350b2","sha256":"eb2c67124cdbcbfcd845a873260ca4868bb555e49693ddf1c61543fbdb33e3b5","sha512":"d2edef873a25d5643ce92be5047db013d52f3298d4f57daae5f2c8ad9634745219a880b13880524bae99a8f0b4080c18b645270a2fd00ba1f76a0f805249aede","ssdeep":"12288:l8FXVyKxlhWCyKxlhWCyKxlhWCyKtURXfHGfHGfHGfHGVBE+o+o+o+34i5GNUuPM:l8FljjjqR/OOOngCPgCPgCPgCPgd","tlshash":"00f422fd63357a56ba1254bec891aa25ff81e1391711742b2883bdca362237cb4d1cf4","first_seen":"2025-04-10T19:18:00.081449Z","last_seen":"2025-06-25T09:26:23.280137Z","times_seen":166,"resource_available":false,"data":null}},"time_used":3915,"timings":{"blocked":451,"dns":1173,"connect":169,"send":0,"wait":339,"receive":787,"ssl":996},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-11","alert":"Sinkholed","trigger":"777abc777abc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"555sx.img1368680550.com/8888/samsung/80.gif","fqdn":"555sx.img1368680550.com","domain":"img1368680550.com","tld":"com"},"ip":{"addr":"156.243.244.252","port":443,"asn":0,"as":"","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"555sx.img1368680550.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 May 2025 05:50:13 GMT","end":"Sun, 03 Aug 2025 05:50:12 GMT"},"fingerprint":{"sha1":"49:FD:48:13:85:1C:91:60:F1:F1:B2:01:38:86:37:A9:82:FB:0C:C4","sha256":"E1:E9:EB:A3:25:19:B9:E6:B8:31:62:E7:1A:28:D9:DF:E6:64:9E:9F:90:4E:E8:9E:89:66:4A:C2:9A:B6:BC:5C"}}},"request":{"raw":"GET /8888/samsung/80.gif HTTP/1.1\r\nHost: 555sx.img1368680550.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 11:59:19 GMT\r\netag: \"67e016f9-69afc\"\r\nexpires: Tue, 10 Jun 2025 11:59:19 GMT\r\nlast-modified: Sun, 11 May 2025 12:06:12 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, memory\r\ncontent-length: 432892\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":432892,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"8b824ef7db4f221bc5fd39750d287ad3","sha1":"9821e7af1f2900965033e9aa73ac53e77d5a554c","sha256":"0a7c6457de4ee4692e2018df42a252af9c0745f25705245d18d9b8caf74e51df","sha512":"be7dd3a5211ecbeae2f4075d017d4240cb8e9aacc338afc07ddb5a45f8db98002dbdbf1ccb186d9e159fe3ce77162771fdbd0338217765949a62ff208309ad1a","ssdeep":"12288:E8pABRvJRvJRvJQyAr3TM0wcV0exwA+7giZiZia:E8AZJZJZJpArDM0wctuA67UUa","tlshash":"a994127c58e4cd93e5bd7b46420190f847a8d2e8b08d2b6b3de36a97453847f8c5263e","first_seen":"2025-03-27T22:21:40.168508Z","last_seen":"2025-12-13T14:51:27.799471Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5464,"timings":{"blocked":432,"dns":2723,"connect":229,"send":0,"wait":229,"receive":1129,"ssl":722},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif","fqdn":"cbu01.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"163.181.253.194","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:57.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 06 Mar 2025 10:12:19 GMT","end":"Mon, 21 Jul 2025 09:06:01 GMT"},"fingerprint":{"sha1":"DA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5","sha256":"90:CE:EB:B4:94:30:E1:A8:3F:B5:2F:79:8D:96:46:0D:88:A3:DF:8A:B8:AE:83:53:91:0B:0E:97:FC:3E:04:B5"}}},"request":{"raw":"GET /img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif HTTP/1.1\r\nHost: cbu01.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444329.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 273082\r\ndate: Sun, 13 Apr 2025 01:58:19 GMT\r\nlast-modified: Sat, 12 Apr 2025 11:47:07 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.031\r\ntraceid: a3b5fdad17445094993892372e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2\r\ncache-control: max-age=31536000\r\nvia: cache34.l2fr1[270,270,200-0,M], cache19.l2fr1[271,0], ens-cache37.fr6[0,0,200-0,H], ens-cache6.fr6[13,0]\r\naccess-control-allow-origin: *\r\nage: 2457818\r\nali-swift-global-savetime: 1744509499\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 13 Apr 2025 01:58:19 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9a17469673176452949e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":273082,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 80","md5":"e177d0a4d35da475cd7719317ff6b8f9","sha1":"bfd3b08a0bba91c7b03e7f67f1c2ce6c3c4f30c3","sha256":"291cdacbef5e7ea7ad0a0455bcac9c825fd0e27f50a05e0d37ad906c111e7a70","sha512":"90640282f3a18f753d4fc7b7d1b0b4b49d5ad94dfc621b2dfab781cfc62c06d5f4d4d64fdd3ac20a9c5574831da30bc2c15f4c48466b45ae27389071569f02c5","ssdeep":"6144:Zvdaf9xf9xf9xfmCAkkka3cIMpfcIMpfcIMpfcI3YzTUTUTUd:Z4f9xf9xf9xfmCAkkka3cJfcJfcJfckT","tlshash":"fb44f1f9c69b86f7f414c73aca7202d980d8c91bef87d28a3e2d06474b65b5a4704772","first_seen":"2025-04-13T04:07:52.734619Z","last_seen":"2025-06-12T21:21:56.532003Z","times_seen":244,"resource_available":false,"data":null}},"time_used":685,"timings":{"blocked":0,"dns":353,"connect":39,"send":0,"wait":99,"receive":24,"ssl":156},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"999abc999abc.com/060de9292e8f4438808994e979e23b36.gif","fqdn":"999abc999abc.com","domain":"999abc999abc.com","tld":"com"},"ip":{"addr":"104.160.179.194","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"999abc999abc.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Tue, 18 Mar 2025 00:00:00 GMT","end":"Mon, 16 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"04:C1:9A:EC:1F:94:06:18:6C:42:54:00:99:48:09:7C:38:74:DA:D6","sha256":"28:00:85:18:8A:1F:5F:CD:1D:5E:6C:36:8C:C8:CF:A6:49:83:19:06:EA:10:E4:07:5D:FB:39:E6:A1:85:D7:30"}}},"request":{"raw":"GET /060de9292e8f4438808994e979e23b36.gif HTTP/1.1\r\nHost: 999abc999abc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 519540\r\nlast-modified: Thu, 03 Apr 2025 07:00:31 GMT\r\netag: \"67ee320f-7ed74\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":519540,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"60e1c0f876b706692c2cbe1acd30a930","sha1":"1c53805587aa5e9f1ac3330db493a71d1e079d1f","sha256":"8aabc04551c9ac6f90015d382ff43f2dc650ea9eb34e7eb00a1e6be92a6ae407","sha512":"6ef3cfb1cde9c7febb137f61862cc2502bbfaa0b11077d295c2e72fa4a2028dd34f2b487244d7dfff9c1c53fb6bd04e7a3de07bea1a217189a2c4cd5bda8df42","ssdeep":"12288:3BamBamBamBamtJtJtHBmImIm6/OkX+qmhrMM3/OkX+qmhfgggr:FffHULL6/VX+qm2M3/VX+qmk","tlshash":"ddb4122bce37e861d46fb30269bc062a811e654a1cbfb5507773ab77016a44cb0ddc6e","first_seen":"2024-10-04T17:54:07Z","last_seen":"2026-03-20T17:54:44.975598Z","times_seen":751,"resource_available":false,"data":null}},"time_used":4293,"timings":{"blocked":463,"dns":2160,"connect":167,"send":0,"wait":326,"receive":694,"ssl":477},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tu.astem.vip/images/newyear/960hf.gif","fqdn":"tu.astem.vip","domain":"astem.vip","tld":"vip"},"ip":{"addr":"90.84.161.22","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.astem.vip","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 May 2025 06:51:21 GMT","end":"Wed, 06 Aug 2025 06:51:20 GMT"},"fingerprint":{"sha1":"08:90:10:25:3F:17:14:AB:50:F3:71:B6:4F:7F:89:DE:FF:12:00:EF","sha256":"EC:F0:D5:44:32:31:8D:E9:D4:02:79:E3:F6:9D:64:31:93:D3:57:C6:AF:91:85:8E:D4:DC:9D:F9:55:7A:AE:EF"}}},"request":{"raw":"GET /images/newyear/960hf.gif HTTP/1.1\r\nHost: tu.astem.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 11 May 2025 12:41:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 141261\r\nConnection: keep-alive\r\nServer: openresty\r\nLast-Modified: Tue, 11 Mar 2025 13:15:11 GMT\r\nVary: Accept-Encoding\r\nETag: \"67d0375f-227cd\"\r\nExpires: Mon, 09 Jun 2025 15:42:43 GMT\r\nvia: EU-GER-frankfurt-EDGE5-CACHE4[6],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,4],EU-GBR-london-GLOBAL1-CACHE17[12],EU-GBR-london-GLOBAL1-CACHE20[0,TCP_HIT,6],EU-FRA-paris-GLOBAL1-CACHE24[832],EU-FRA-paris-GLOBAL1-CACHE20[517,TCP_MISS,826]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 2592000\r\nX-CCDN-REQ-ID-46B1: 05b4a21d2b4218eef4afbcb07c5c75f8\r\nnginx-hit: 1\r\nAge: 75514\r\nCache-Control: max-age=2592000\r\nX-CCDN-Expires: 2516486\r\nAccept-Ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":141261,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 360","md5":"746499c003fbefb5bab24954e4e820c5","sha1":"10340e08d494d9f0d0410ad09007c1802c14b52c","sha256":"008ba1aac71e3d79c0d3261631b76a8fbc572401bcfac8157842977c9747fd9a","sha512":"ff4d09e7c84b81cf0336528d61c90de5500232d0b1e632a3c79887c0bc0cd8ac487fe11a985294ea549adbd92f25a24572b16ec4e1274adda2f37f81726586d2","ssdeep":"3072:H0gogn2TilIroTELFnZXSFzMBNNGRCV+9X96pfdpn223fACMle0C7N:H0csiknZXScN0g+9X96pDnrvACMleFN","tlshash":"ddd3236678aaae746552872cb370935faf03a58f0752f41df9049e8e24d51cd0bec4f2","first_seen":"2025-03-15T20:40:34.176512Z","last_seen":"2025-08-03T15:57:47.6922Z","times_seen":69,"resource_available":false,"data":null}},"time_used":4128,"timings":{"blocked":434,"dns":3485,"connect":27,"send":0,"wait":53,"receive":68,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/statics/img/favicon.ico","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:42:00.406Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/favicon.ico HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nCookie: Hm_lvt_7887f171a781a08a9fc1b8a997b61201=1746967318; Hm_lpvt_7887f171a781a08a9fc1b8a997b61201=1746967318; HMACCOUNT=51C62300750096BA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:42:00 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 435\r\nLast-Modified: Thu, 25 Jul 2019 09:09:34 GMT\r\nConnection: keep-alive\r\nETag: \"5d3971ce-1b3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":435,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5a618bb8283df8869d378696553fc9f0","sha1":"69bf9563f4b780b2b1f13c98d70d7f6a6269c4cb","sha256":"0b03001b4c97bc38642fa793efb1de638bcfdad4606a5582ae4ac065668b78c5","sha512":"030c6bf58d180df80e88c95bb2100f2144eda9b5bbad472d273c2f3001f4906b91bbc0599fc58ed2fee01446c8585f557f3dca5136de83654d4aac0942b617f9","ssdeep":"","tlshash":"bce0237580490504b2144be18c171cd0fccd64dc22342cf6d336e27b002d862d0a9703","first_seen":"2023-06-10T10:31:18Z","last_seen":"2026-04-05T08:45:06.734042Z","times_seen":441,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":132,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/template/images/laba.png","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.545Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/images/laba.png HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:55 GMT\r\nContent-Type: image/png\r\nContent-Length: 2105\r\nLast-Modified: Sat, 15 Aug 2020 11:45:58 GMT\r\nConnection: keep-alive\r\nETag: \"5f37caf6-839\"\r\nExpires: Tue, 10 Jun 2025 12:41:55 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2105,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 83 x 64, 8-bit/color RGBA, non-interlaced","md5":"2413ea57d1b48744057b73602e79734b","sha1":"c473b53a5ebb3c3f8b5328bd5d1d04a0a55ccc62","sha256":"3a4652637a0b8575db478c4c06cd14e62d8e5604b0177862674ffdf39180d23b","sha512":"78bb28ffedb1b10e396ebc21b21e23882282f3f28c7ba89129a00eaf5e3d4109e688d5cdd2e546494d5496abd75b7493c3a715300ce6fef8083a41c3a659ce2e","ssdeep":"","tlshash":"2941181219f00ab723df3066496358408b3e5bbfb5a2415c046628b0f1bbc7bb3eb14e","first_seen":"2023-06-10T10:31:17Z","last_seen":"2026-04-05T08:45:06.734674Z","times_seen":430,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":425,"dns":0,"connect":0,"send":0,"wait":157,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ckb2.cc/","fqdn":"ckb2.cc","domain":"ckb2.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-11T12:41:51.309Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ckb2.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"69vvnstttaaa888.cqpwy.com/yhgifjiami/JT%E6%98%9F%E9%99%85/960x60-2.gif","fqdn":"69vvnstttaaa888.cqpwy.com","domain":"cqpwy.com","tld":"com"},"ip":{"addr":"183.60.255.95","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"69vvnstttaaa888.cqpwy.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 05:10:47 GMT","end":"Wed, 23 Jul 2025 05:10:46 GMT"},"fingerprint":{"sha1":"49:FC:00:B9:EE:08:85:78:2C:95:53:B0:E9:20:5E:25:55:B4:54:BE","sha256":"D4:8B:3F:72:90:87:D8:66:05:07:8C:02:CC:7E:7B:92:00:29:FD:44:3E:5C:2B:47:8D:D2:AF:68:5B:79:3B:58"}}},"request":{"raw":"GET /yhgifjiami/JT%E6%98%9F%E9%99%85/960x60-2.gif HTTP/1.1\r\nHost: 69vvnstttaaa888.cqpwy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: image/gif\r\ncontent-length: 244117\r\nserver: openresty\r\nlast-modified: Wed, 30 Apr 2025 02:41:41 GMT\r\nvary: Accept-Encoding\r\netag: \"68118de5-3b995\"\r\nexpires: Fri, 30 May 2025 03:12:14 GMT\r\nvia: CHN-GDguangzhou-CT2-CACHE38[4],CHN-GDguangzhou-CT2-CACHE37[0,TCP_HIT,1],CHN-HNchangsha-GLOBAL1-CACHE46[7],CHN-HNchangsha-GLOBAL1-CACHE102[0,TCP_HIT,5]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: ccd84f8ad3c422ec5791ea3a6a50410c\r\nnginx-hit: 1\r\nage: 975937\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=63072000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":244117,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"d876263724d3fe5f61329423eee53459","sha1":"a6d1dc66287047dcd56e0c80804908415065c5ca","sha256":"4538c76a09daeab10ab79d131ba28198b833e6cc8ea12f1053e426400b8f1525","sha512":"884fafa6038a49ae1c28b18c97dd8ab6eb5a8eac1e3f70ea570e71e293acafc8019136d8e5c7304b19049b8f8676c59dacb8bfa468fc68974465ac2ccdee1ebf","ssdeep":"6144:X/cnFjLZ3MEH7gtrZiTzoLpaplwFx8LH6cNB:wFHG2QFW8iJH6+B","tlshash":"3134122bda4a36011db770e0f7324e021a56d7c16038e273a9fe3ee552672627dd3672","first_seen":"2025-05-11T05:57:28.16541Z","last_seen":"2025-06-07T06:00:57.459754Z","times_seen":15,"resource_available":false,"data":null}},"time_used":3953,"timings":{"blocked":460,"dns":2003,"connect":241,"send":0,"wait":266,"receive":559,"ssl":421},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xm55511.img9879125675.com:8686/8888/xm/508/80.gif","fqdn":"xm55511.img9879125675.com","domain":"img9879125675.com","tld":"com"},"ip":{"addr":"156.231.117.216","port":8686,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xm55511.img9879125675.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 May 2025 07:58:18 GMT","end":"Sat, 02 Aug 2025 07:58:17 GMT"},"fingerprint":{"sha1":"AD:A4:AA:E5:1F:F1:06:5A:2D:75:58:29:FE:DF:D0:87:70:5A:BA:72","sha256":"4A:5E:A9:53:F1:25:34:9A:5D:84:AC:FB:CC:10:D6:A6:79:62:79:07:CB:C2:D1:42:82:72:58:FD:76:99:72:8B"}}},"request":{"raw":"GET /8888/xm/508/80.gif HTTP/1.1\r\nHost: xm55511.img9879125675.com:8686\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 10:46:52 GMT\r\netag: \"66b3688a-4e9c7\"\r\nexpires: Tue, 10 Jun 2025 10:46:52 GMT\r\nlast-modified: Sun, 11 May 2025 10:47:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 321991\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":321991,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"8eb97ba562904f64f2af2389f0d3eda9","sha1":"d484a2e519bf260b9eb53cfa5605220cd47879f2","sha256":"e1d1188c5ea2f2e00d0bb7212087e87ab63c898e2795c95bd1ca8ee0d09725fc","sha512":"3dc76ebf8c5b24a977ccdfae07d5e12b91d2ca2e4a08d4db2f5f9278e83417e27b3c738bf15b18597b3eca766d2766df81c4e99c3435004c6aa2d888efff49b0","ssdeep":"6144:GYfxY0XuOEXuOEXuOEXuYA24yAiwYpsv92JDiq85S92JDiq85S92JDiq85S92JDH:PzNaNaNaDAOAfYvmfDmfDmfDhMDeMDep","tlshash":"e86402bb13074bc9dafa4dc519289bd6af0524642cb39c37408d746e132673faba1f94","first_seen":"2024-08-13T16:44:54Z","last_seen":"2026-04-05T08:45:06.750968Z","times_seen":2920,"resource_available":false,"data":null}},"time_used":4290,"timings":{"blocked":454,"dns":1818,"connect":229,"send":0,"wait":229,"receive":1050,"ssl":509},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gif.zhidi66.com/am1991-960x80.gif","fqdn":"gif.zhidi66.com","domain":"zhidi66.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gif.zhidi66.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 23 Mar 2025 06:58:52 GMT","end":"Wed, 22 Apr 2026 06:58:51 GMT"},"fingerprint":{"sha1":"9C:B5:97:BC:19:88:96:53:FF:B1:C4:D2:98:3D:26:57:B8:71:53:D3","sha256":"4F:42:67:5E:AA:7A:5B:E3:9D:BB:21:20:19:4F:08:C5:5C:76:E1:49:72:72:E9:50:DD:15:83:E0:98:22:6F:9F"}}},"request":{"raw":"GET /am1991-960x80.gif HTTP/1.1\r\nHost: gif.zhidi66.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: NgxFence\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: http://img.fjyyedu.com/am1991-960x80.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":324884,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":3473,"timings":{"blocked":453,"dns":1380,"connect":336,"send":0,"wait":479,"receive":0,"ssl":823},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/28/900-200.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/28/900-200.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 288653\r\nlast-modified: Fri, 28 Mar 2025 14:19:20 GMT\r\netag: \"67e6afe8-4678d\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":288653,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 900 x 200","md5":"d413d6564f6db3f8f68e1091144e746e","sha1":"d8c18dfab88c752e8cd0e80ed02e1d046cb2ff48","sha256":"a879e3c0f2886280d3d46314de8be373316dfba832853018be2a81b92fefdc1c","sha512":"ec99749aadaf674dca51116e48bbe4dcf03b5115b7ed87d5331cc3728e26b863a3115dd6bb306095f1958ff64f3fa43491e20ea664b54fc760fbaba40a75a305","ssdeep":"6144:bbO40fuztbttC1OTXTdvN5dbSDDv1qfZpbEDWhS3WK/EQK7zKkF0:bbywbttaaTZzo3v1YzbEDjmwkF0","tlshash":"dc5423a42852863cde5a88b4bc38e62054914c3f5c8574027a79d47de772bfef2bcd68","first_seen":"2025-04-01T19:07:35.027354Z","last_seen":"2025-06-21T17:43:13.324654Z","times_seen":44,"resource_available":false,"data":null}},"time_used":1628,"timings":{"blocked":447,"dns":0,"connect":0,"send":0,"wait":656,"receive":525,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"444329.xyz/statics/img/load.gif","fqdn":"444329.xyz","domain":"444329.xyz","tld":"xyz"},"ip":{"addr":"172.247.166.38","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:55.082Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/img/load.gif HTTP/1.1\r\nHost: 444329.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/statics/css/stui_default.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6115\r\nLast-Modified: Tue, 23 Jul 2019 10:12:32 GMT\r\nConnection: keep-alive\r\nETag: \"5d36dd90-17e3\"\r\nExpires: Tue, 10 Jun 2025 12:41:55 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6115,"size_decoded":0,"mime_type":"image/gif","magic":"PNG image data, 220 x 325, 8-bit/color RGBA, non-interlaced","md5":"16b8fb3cdb755610f7c59b069df2a915","sha1":"f0ad3a325e2acecfa67d3fa245bdb020d1166b2c","sha256":"e5645d37867dd1e7a069d2991293057e384be9f661e0caa884ba9489aa53f3e4","sha512":"f90cc569e3359ecd20bffe26cb8627f7511fca1cea11a2e1e46dce24af25f2836e1086dcfb29f9fe396f355b8ad1d30beb715c37fba01d6c2056953241648fd1","ssdeep":"96:2T5HDj6mCZiEWy3ltH02Dvq6h9dVtmyqrGvjZwztTtxy:IHDj6yitU2zq6TqS7+zE","tlshash":"b4c16427946eef6c8b5aaca18bc84f81c30214d6224964cede631ccc2e97354a95fd5f","first_seen":"2023-06-10T10:31:17Z","last_seen":"2026-04-05T08:45:06.749123Z","times_seen":429,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":158,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"333abc666abc.com/d1232bb9e69e4edf869b13e8162fb60d.gif","fqdn":"333abc666abc.com","domain":"333abc666abc.com","tld":"com"},"ip":{"addr":"104.160.179.194","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"333abc666abc.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Tue, 18 Mar 2025 00:00:00 GMT","end":"Mon, 16 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"23:54:15:C2:98:1E:03:B2:89:C5:0D:42:B7:3F:75:D5:22:44:4A:3C","sha256":"EF:6B:D2:F9:FD:0D:E5:BA:FD:29:F0:4C:10:F2:5C:5B:89:2F:E8:59:55:59:CD:98:B0:E0:86:45:3F:6C:1E:D9"}}},"request":{"raw":"GET /d1232bb9e69e4edf869b13e8162fb60d.gif HTTP/1.1\r\nHost: 333abc666abc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 527584\r\nlast-modified: Thu, 27 Feb 2025 05:01:10 GMT\r\netag: \"67bff196-80ce0\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":527584,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"12a18284c3c1a292df1f17318b47b42f","sha1":"6f360f6bfe1833a35973e714b6d48602cdc1e983","sha256":"575b153cadbb95622a9cbba815b799504a575d3a7d69a04ffbb3c75964f3e4d9","sha512":"910e838a4a47a5cbaaa21a8b95b678af050e1685c5bc53bab009634600ccc10809b65b23ef6d7e5134c89bd3e355aa4afb8efd15e5a065bf94bb535c254aaa54","ssdeep":"12288:YHOoKdmzAF/D2LfvQr2xUhD2iF8JzP7q5kVfo4whJz+L0a+7+0eQs+p:YHOowmzm/IkD5aoRb60v1p","tlshash":"78b423ecd8e42170d971a456fa720d46c210803c576eff3fff541e95a90af7a24982ea","first_seen":"2025-01-18T18:34:29.611471Z","last_seen":"2025-05-30T17:15:41.998096Z","times_seen":29,"resource_available":false,"data":null}},"time_used":3095,"timings":{"blocked":464,"dns":294,"connect":164,"send":0,"wait":328,"receive":669,"ssl":1175},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"333wy888bb.com/ad9e37239e764947ace6a4e215321b0c.gif","fqdn":"333wy888bb.com","domain":"333wy888bb.com","tld":"com"},"ip":{"addr":"104.160.179.228","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"333wy888bb.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Mar 2025 16:24:19 GMT","end":"Sun, 22 Jun 2025 16:24:18 GMT"},"fingerprint":{"sha1":"55:91:F2:06:C2:39:5C:A4:65:BA:EC:F8:28:81:F2:AE:B1:2C:04:31","sha256":"6E:6B:50:3F:36:0E:75:58:C7:AE:27:CA:BB:3E:36:97:38:E4:48:28:F9:26:A4:39:B4:C5:9F:2F:5A:3A:3A:87"}}},"request":{"raw":"GET /ad9e37239e764947ace6a4e215321b0c.gif HTTP/1.1\r\nHost: 333wy888bb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:59 GMT\r\ncontent-type: image/gif\r\ncontent-length: 367151\r\nlast-modified: Tue, 14 Jan 2025 14:15:12 GMT\r\netag: \"67867170-59a2f\"\r\npsc-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":367151,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"a59b1cbd9343c6199cf82b69b4a8fce0","sha1":"404f1fa01aec4effcbaab329f0207e87d3679141","sha256":"5d92bb49e4ea2ed6af9761abd3768f7238f5fd438d75e2b935dc6a82c86e979c","sha512":"f7ae2d89c329a4aa061eea302c632fcde22a2850086224db35b5f8fa867e0ca292e8f971850e592a0e8d555f3004a046180b5b4c4eb6d9992d7dceaa4f67117d","ssdeep":"6144:U7xZM7xZ/zddfl/0NS/0rm+uWiujxXyS8BhehfGhehf5:UMrdT0e0rmcxX98BchfGchf5","tlshash":"c074127755a88790b38813fa7fdab3da83da39fb6c341dfe99003601d5096ee8563640","first_seen":"2025-01-15T15:36:59.926807Z","last_seen":"2025-09-27T15:45:47.812608Z","times_seen":144,"resource_available":false,"data":null}},"time_used":5451,"timings":{"blocked":456,"dns":3585,"connect":165,"send":0,"wait":328,"receive":592,"ssl":324},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.835images20.com:6699/images/960-80.gif","fqdn":"images.835images20.com","domain":"835images20.com","tld":"com"},"ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.835images20.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Apr 2025 15:37:05 GMT","end":"Wed, 16 Jul 2025 15:37:04 GMT"},"fingerprint":{"sha1":"CB:A4:EE:87:E5:00:C5:E6:E4:B1:82:8B:32:0E:0C:24:0F:49:8A:BC","sha256":"DC:5A:F1:1D:DA:66:DC:3F:BF:64:9B:F8:53:C0:4E:99:69:7C:57:F6:0F:50:77:91:9E:F2:A0:DC:00:AA:51:B9"}}},"request":{"raw":"GET /images/960-80.gif HTTP/1.1\r\nHost: images.835images20.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 11:28:09 GMT\r\netag: \"6770fe82-9cd32\"\r\nlast-modified: Sun, 11 May 2025 11:28:09 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 642354\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":642354,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"2c643dfd108ed9a53c3fcd428cbe66d5","sha1":"3cbff6bb2c961fe0a94d8c54f4c30db6fe3fd701","sha256":"45514474bc5eef13da3c42acc96b21696d342522f173c435ef69b6a55f80df23","sha512":"3a0bd50bcf68d928b2a1b01780b0bd9e9fe0774a092479aa6bd81a9b095d4592622b4bc259f451026cf4fd257a7ecc0ab107ee87febe3295b47f1013b6cea98e","ssdeep":"12288:WqwphqwphqwphqwmqVrcLOPY2QqVrcLOPY2QqVrcLOPY2QqVrcLOPY2kGXgMXgMH:PUgUgUgJqVcLNqVcLNqVcLNqVcLRhXXM","tlshash":"cfd4238c52fb5cd042b0a8e548acd77f000d95f6496e44d3ab02f982ba4d6ebdd81e7d","first_seen":"2024-06-16T17:39:28Z","last_seen":"2026-04-05T08:50:59.193018Z","times_seen":1254,"resource_available":false,"data":null}},"time_used":3866,"timings":{"blocked":456,"dns":1170,"connect":240,"send":0,"wait":241,"receive":1342,"ssl":416},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"311050.xyz:8899/?u=http://ckb2.cc/\u0026p=/","fqdn":"311050.xyz","domain":"311050.xyz","tld":"xyz"},"ip":{"addr":"198.16.60.50","port":8899,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-11T12:41:52.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"311050.xyz","organization":""},"issuer":{"commonName":"GeoSSL DV TLS CA","organization":"GeoSSL, Inc."},"validity":{"start":"Fri, 18 Apr 2025 06:16:56 GMT","end":"Sat, 18 Apr 2026 06:15:56 GMT"},"fingerprint":{"sha1":"79:B1:E6:2E:52:48:FE:B6:6E:A1:FF:5B:65:6C:8C:5F:F3:D2:40:F1","sha256":"1E:BE:EA:0C:03:FD:30:90:30:E9:D8:73:9B:82:28:EF:30:0A:0C:7A:02:18:C7:5A:93:74:0C:12:D4:E3:84:D5"}}},"request":{"raw":"GET /?u=http://ckb2.cc/\u0026p=/ HTTP/1.1\r\nHost: 311050.xyz:8899\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ckb2.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sun, 11 May 2025 12:41:53 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: http://444329.xyz\r\nX-Frame-Options: SAMEORIGIN\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":1444,"timings":{"blocked":592,"dns":70,"connect":152,"send":0,"wait":258,"receive":0,"ssl":369},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2024/04/02/58ee3d6d55fbb2fb04d1c429094a20a44623dc17.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2024/04/02/58ee3d6d55fbb2fb04d1c429094a20a44623dc17.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 505775\r\nlast-modified: Tue, 02 Apr 2024 11:11:24 GMT\r\netag: \"660be7dc-7b7af\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":505775,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 750 x 80","md5":"c26316acdf7138cc40514fb1ebb4d1a3","sha1":"61900ab6b13d8aba5a92328c7b9ca4f869a9b487","sha256":"70e80e59f3946f02968c979b5b0759f383cac9d86398b62d565f4ed5d541fd00","sha512":"d16b58b68f3bf30456de27550364eba9c16865175f3778cb5198978d05b805733ecbaaea337b9ed7ba999631f7d11715eb74b3304ccfae0ee72920698ed3fb79","ssdeep":"12288:1FZ6ZQLKyiAOUAOlPTriDnZTriDnZTriDnZTrQoR8JXoR8JXoR8k:1FZ6ZQLZW4PsssxGWGWGk","tlshash":"25b412b7dcbaf2164d1be561362f721b4d9a046fbd2f361ebb909c49b8a117704c08c6","first_seen":"2024-04-18T08:55:23Z","last_seen":"2026-04-05T08:45:06.753395Z","times_seen":595,"resource_available":false,"data":null}},"time_used":1731,"timings":{"blocked":492,"dns":1,"connect":0,"send":0,"wait":656,"receive":563,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhapk777.getehu.com/3391/1372/1372-960x60.gif","fqdn":"hhapk777.getehu.com","domain":"getehu.com","tld":"com"},"ip":{"addr":"58.218.215.99","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhapk777.getehu.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 24 Feb 2025 09:20:42 GMT","end":"Sun, 25 May 2025 09:20:41 GMT"},"fingerprint":{"sha1":"D7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4","sha256":"36:98:86:B5:F6:DA:70:1C:81:E3:41:B0:5E:FA:2F:1D:45:CA:33:4C:61:DD:F4:E1:47:45:0A:FC:ED:90:88:ED"}}},"request":{"raw":"GET /3391/1372/1372-960x60.gif HTTP/1.1\r\nHost: hhapk777.getehu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 352323\r\nstrict-transport-security: max-age=5184000\r\ndate: Wed, 30 Apr 2025 09:51:04 GMT\r\nlast-modified: Mon, 20 Jan 2025 07:20:27 GMT\r\nvary: Accept-Encoding\r\netag: \"678df93b-56043\"\r\nexpires: Fri, 30 May 2025 09:51:04 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: cache11.l2cn7831[0,0,200-0,H], cache45.l2cn7831[1,0], kunlun3.cn192[0,0,200-0,H], kunlun1.cn192[1,0]\r\nage: 960652\r\nali-swift-global-savetime: 1746006664\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 30 Apr 2025 18:07:21 GMT\r\nx-swift-cachetime: 2562223\r\ntiming-allow-origin: *\r\neagleid: 3adad01517469673160345972e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":352323,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"435499d04011ec9133fa9d5527ec9e73","sha1":"24e8f809d0112ac9fdba7e9c95ccace634c857fd","sha256":"b0716b1b4d8d192f4f86466d96518463d17d7775ce20d0c515a94eace4e7b3e6","sha512":"d83f66edcd7043f241d274d9307d93fbf9f6597defb4f2aef33b8a64a728be499aa534561d1fe43cc5004e5f478bdd02dac16d8052870a3897df3a835d0ef568","ssdeep":"6144:ovQ8jwY95jRi6nG/qRnCZd/JRJgaqiJFktJHXfuEMMCS+JHiE2AW:oIwXRisEZxJ5qRXXfu5fS+0E2AW","tlshash":"177423888e370663a45c5eeed2ff2bb35e426ed2c0346f59a0b73b1a813355b590b1c5","first_seen":"2025-01-30T13:52:53.164441Z","last_seen":"2025-12-28T07:04:58.339202Z","times_seen":316,"resource_available":false,"data":null}},"time_used":2531,"timings":{"blocked":471,"dns":388,"connect":261,"send":0,"wait":267,"receive":870,"ssl":273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"666834.xyz/images/2025/03/27/960-60863b93c023e4ee5d.gif","fqdn":"666834.xyz","domain":"666834.xyz","tld":"xyz"},"ip":{"addr":"23.224.148.243","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"666834.xyz","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Mar 2025 20:27:41 GMT","end":"Sat, 14 Jun 2025 20:27:40 GMT"},"fingerprint":{"sha1":"9C:C0:26:59:6B:00:A0:C8:7B:12:B6:25:D5:5C:10:E9:BD:ED:B2:76","sha256":"E6:92:BE:7F:E6:0D:EE:B7:15:A6:55:36:8F:D8:BB:0D:DD:DD:5B:10:19:07:E7:1E:BE:DF:4F:DE:F1:80:94:B5"}}},"request":{"raw":"GET /images/2025/03/27/960-60863b93c023e4ee5d.gif HTTP/1.1\r\nHost: 666834.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 11 May 2025 12:41:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 92302\r\nlast-modified: Thu, 27 Mar 2025 08:03:21 GMT\r\netag: \"67e50649-1688e\"\r\nexpires: Tue, 10 Jun 2025 12:41:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92302,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"c7215d9dc3ef7db8e500f60192943de8","sha1":"68eb4e0a5b3900f0674be8bff547ab411b8a8134","sha256":"7533b0a7fb88dae77f7c31fa7840ce5460691aef771343fb81b77f7a7c619a11","sha512":"0eb8af4258e07c69bc8f2e8a1a28d8d10ffe2edd68dc00796e46948add4b8ff35536283185d590066b916e9ad68e50d38bda9825d87139c7109545aea3f3da63","ssdeep":"1536:c9Y5H+bRXGhXFkX+uwXFkX+uwXFkXS6OaXe7OOnXowlTXe7OOnXowlTXe7OOnXGS:H5HERXGvtuwtuwL7zqzqS4uRIBuRIBu6","tlshash":"3093e1be803d0aaacc3641a8518ab357d32d65b3b416221e7bdd7f2c203da6c55d9db0","first_seen":"2025-03-27T22:21:40.153811Z","last_seen":"2025-06-04T10:34:17.383371Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1534,"timings":{"blocked":442,"dns":4,"connect":0,"send":0,"wait":660,"receive":412,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.537images23.com:6699/images/cc960-80.gif","fqdn":"images.537images23.com","domain":"537images23.com","tld":"com"},"ip":{"addr":"154.83.95.216","port":6699,"asn":984,"as":"OWS","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.537images23.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 19 Apr 2025 03:04:22 GMT","end":"Fri, 18 Jul 2025 03:04:21 GMT"},"fingerprint":{"sha1":"EC:F9:69:48:8A:E0:4C:3E:91:D9:6B:7E:F9:A4:FD:F1:38:AF:56:E1","sha256":"F5:2F:89:FC:0A:D7:05:A8:36:26:0A:AC:03:9C:12:BC:74:7F:4A:90:F3:51:8B:9F:C7:38:AC:98:B1:22:F9:E0"}}},"request":{"raw":"GET /images/cc960-80.gif HTTP/1.1\r\nHost: images.537images23.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\ndate: Sun, 11 May 2025 12:31:07 GMT\r\netag: \"672db7b7-73e90\"\r\nlast-modified: Sun, 11 May 2025 12:31:08 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 474768\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":474768,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"bcd29a0c575d452a77662e537168e3e0","sha1":"5c9065d710653a13657ac5ee8dab6b2e869d15d2","sha256":"cb3e2c5ff473d4cc41fc584935127947dff00e82b64293432c542e2f72a1831a","sha512":"5083a517190af083c61f21ce749c6725958083b17ea26851ecd422fda5486f5cea241b5f03c8b1955250800fd80439c68a3754feb27d3020bc5a8886e2e5cb25","ssdeep":"12288:hR5jbQLLbPReXFkpVfaTAlSMUFEng31W956goZABRJ:hRx8HbPEyVkAPj21W9QgoZA5","tlshash":"e3a42300483d7a25985a1ddc6ae88ffb18da755577e88c531ceb39c2b12f8f2d4a0d2d","first_seen":"2024-12-02T22:27:30.895702Z","last_seen":"2026-04-05T08:45:06.757141Z","times_seen":680,"resource_available":false,"data":null}},"time_used":4384,"timings":{"blocked":454,"dns":1462,"connect":238,"send":0,"wait":239,"receive":1230,"ssl":760},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-11","alert":"Sinkholed","trigger":"537images23.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gif.zhidi66.com/388-960x80.gif","fqdn":"gif.zhidi66.com","domain":"zhidi66.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:54.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gif.zhidi66.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 23 Mar 2025 06:58:52 GMT","end":"Wed, 22 Apr 2026 06:58:51 GMT"},"fingerprint":{"sha1":"9C:B5:97:BC:19:88:96:53:FF:B1:C4:D2:98:3D:26:57:B8:71:53:D3","sha256":"4F:42:67:5E:AA:7A:5B:E3:9D:BB:21:20:19:4F:08:C5:5C:76:E1:49:72:72:E9:50:DD:15:83:E0:98:22:6F:9F"}}},"request":{"raw":"GET /388-960x80.gif HTTP/1.1\r\nHost: gif.zhidi66.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://444329.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: NgxFence\r\ndate: Sun, 11 May 2025 12:41:57 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: http://img.fjyyedu.com/388-960x80.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":282970,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":3452,"timings":{"blocked":452,"dns":1380,"connect":330,"send":0,"wait":486,"receive":0,"ssl":801},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.fjyyedu.com/am1991-960x80.gif","fqdn":"img.fjyyedu.com","domain":"fjyyedu.com","tld":"com"},"ip":{"addr":"123.6.18.119","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"http://444329.xyz/","date":"2025-05-11T12:41:59.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.fjyyedu.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 15 Apr 2025 07:38:14 GMT","end":"Fri, 15 May 2026 07:38:13 GMT"},"fingerprint":{"sha1":"7F:43:AC:F1:18:6B:32:B2:0A:05:20:F3:78:B7:34:A7:CA:79:85:1E","sha256":"3C:21:F3:A8:C2:B2:11:F0:27:93:C3:94:DA:CE:4E:59:AB:E3:39:07:3C:34:6B:CA:E3:13:01:F6:33:BF:BA:88"}}},"request":{"raw":"GET /am1991-960x80.gif HTTP/1.1\r\nHost: img.fjyyedu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://444329.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Sun, 11 May 2025 12:42:00 GMT\r\ncontent-type: image/gif\r\ncontent-length: 324884\r\nx-oss-request-id: 68010B00EF90825EF390C174\r\netag: \"76C92ABAC3549E5C0D2617877777FC85\"\r\nlast-modified: Sun, 23 Mar 2025 06:33:37 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1133992588214598428\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000103\r\ncontent-disposition: attachment\r\nx-oss-force-download: true\r\ncontent-md5: dskqusNUnlwNJheHd3f8hQ==\r\nx-oss-server-time: 3\r\nx-cache: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":324884,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 80","md5":"76c92abac3549e5c0d2617877777fc85","sha1":"5c24dec769a78278fcde3b783567af3ee0c6dbe8","sha256":"86644637eae7c8932e3738c56f14aeff3c23f7f864a64e32fbea8ce936f6be8e","sha512":"235fc385c306ba1e0424817ccfe4ab80a3b745a523a18de3e76c90d0aa654370cd93465f04755639ca99fc6e62eb39b51a359add9e9e7fe28b9f82b9a04216e3","ssdeep":"6144:f8jZkV43ueyRQQewKU3GFyEralNHCxuNcR2q8mRSIkIL9yR0+CuX5hJhWHBdidZD:kV9qzEeHHaR9kIpyXX5LdOINIf8T","tlshash":"ae641397e49ea1f9b4a398352d57c661b0b3535bacdcf91e14743b2e28c7709c0b2683","first_seen":"2025-03-05T23:26:40.080751Z","last_seen":"2025-06-07T10:44:22.775606Z","times_seen":534,"resource_available":false,"data":null}},"time_used":2959,"timings":{"blocked":797,"dns":1,"connect":254,"send":0,"wait":1104,"receive":260,"ssl":538},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}