Report - www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar

Report Overview

Submitted URL
www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
IP
182.61.201.92
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Submitted
2023-06-04 12:16:42
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-03	1.4 kB	7.6 kB	104.18.20.226
tututu46.oss-accelerate.aliyuncs.com	unknown	2012-04-01	2023-04-04	2023-06-03	1.3 kB	652 kB	47.254.187.169
u1011.com	unknown	2018-07-18	2021-02-01	2023-06-03	442 B	17 kB	103.170.15.50
ocsp.trust-provider.cn	unknown	2015-04-09	2022-02-10	2023-06-03	672 B	2.5 kB	47.246.44.205
kvezz.com	237784	2021-10-17	2021-10-17	2023-06-03	442 B	514 kB	13.227.254.18
tscf8.com	unknown	2023-05-28	2019-01-30	2023-06-03	2.2 kB	1.6 MB	172.83.155.45
ldbbs.ldmnq.com	unknown	2016-05-19	2022-01-01	2023-06-03	1.4 kB	1.9 MB	218.12.76.166
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-06-03	1.3 kB	338 kB	151.101.193.229
aaaaa699.com	unknown	2023-03-26	2023-04-04	2023-06-02	445 B	23 kB	103.189.109.49
121.204.246.23:7677	unknown	unknown	No data	No data	875 B	0 B	0.0.0.0
kjimg10.360buyimg.com	unknown	2009-09-10	2022-11-25	2023-06-03	1.5 kB	1.5 MB	121.226.246.3
www.linkpicture.com	86847	2018-06-25	2019-07-19	2023-06-03	862 B	123 kB	104.21.235.181
ocsp.buypass.com	157566	2004-08-13	2017-01-30	2023-06-03	660 B	4.4 kB	23.36.76.129
aaaaa366.com	unknown	2023-03-26	2023-04-08	2023-06-03	445 B	234 kB	103.189.109.58
www.yli029.com	unknown	2021-06-18	2015-04-02	2019-04-19	1.9 kB	4.8 kB	38.238.248.62
cdn.staticfile.org	46426	2013-03-29	2013-08-23	2023-06-03	1.8 kB	133 kB	47.246.44.211
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23	2023-06-03	1.4 kB	7.7 kB	104.18.20.226
xinchacha2dv.ocsp-certum.com	unknown	2013-12-19	2022-07-28	2023-06-03	1.0 kB	5.4 kB	23.36.79.10
lexs9.com	unknown	2023-05-28	2023-05-28	2023-06-03	884 B	692 kB	172.83.155.45
	unknown				2.8 kB	180 kB	45.119.98.132
ocsp.digicert.cn	37572	2006-01-24	2020-03-20	2023-06-03	990 B	2.9 kB	47.246.44.205
dimg04.c-ctrip.com	139731	2004-08-09	2014-05-08	2023-06-03	463 B	517 B	54.230.111.68
u1099.com	unknown	2018-07-18	2021-01-31	2023-06-03	456 B	520 kB	103.170.15.20
vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com	unknown	2012-04-01	2023-02-09	2023-06-03	907 B	451 kB	47.110.178.68
im.69im3.com	unknown	2023-03-23	2023-03-23	2023-06-02	435 B	352 B	0.0.0.0
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-03	2.0 kB	5.8 kB	104.18.14.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-04 12:16:27	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-04 12:16:27	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-04 12:16:29	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-04 12:16:29	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-04 12:16:30	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-04	medium	121.204.246.23
2023-06-04	medium	121.204.246.23

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.yli029.com/tj.js	786 B	2023-05-14	2023-06-04
Pretty URL www.yli029.com/tj.js IP 38.238.248.62 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 07:16:31 Last Seen2023-06-04 14:16:53 Times Seen6 Hash 03d759a8b076789cd0e7a49f667d3bbe 2f108f983aa14d9e413293be50c83283348c1145 ff66e9b0fe52146eba5b0c27935208e284bede33fc5a110ba5a19837feef4055 Loading...

	cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-23
Pretty URL cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 23:40:54 Times Seen12181 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-04-21
Pretty URL cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-21 20:16:37 Times Seen4072 Hash 112c8d1b40b3e62e883c743e9d71e0bf 338318e930487b2791a7bcf53ad4601630cc41e2 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e Loading...

	www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar	51 B	2023-06-02	2023-06-04
Pretty URL www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar IP 38.238.248.62 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 05:57:34 Last Seen2023-06-04 14:16:53 Times Seen2 Hash 75188efd442c7dbc95eed2819917c0c6 04475356da2c5bf4430c93bcc3f19d3f423b449f 526dd1e0cd7d301713dbc4ec392ac712f79323fec383303b892f8f1169d8d916 Loading...

	hltv27.cc:8443/	66 B	2023-03-08	2024-03-17
Pretty URL hltv27.cc:8443/ IP 45.119.98.132 ASN #133199 SonderCloud Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:26:09 Last Seen2024-03-17 13:51:53 Times Seen1338 Hash 32fc77b051231e7bb2e6ee95352f6d81 078f8e2864fec01448bf55bff5c73147a43cd8e7 17dbd716c59284fe6a9cf2e2bb04ba3bb66f771e479c486140f7c3c4909ea114 Loading...

	hltv27.cc:8443/	481 B	2023-03-07	2023-12-23
Pretty URL hltv27.cc:8443/ IP 45.119.98.132 ASN #133199 SonderCloud Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08:44 Last Seen2023-12-23 13:23:30 Times Seen733 Hash 2d6dee4061ef613903c1486b4d98cb7f 1b9905cb76914ccf420100b25ae70648b96bfffb d68bf1cf3170024e5f8958f30cac86ad02d382877a396da54784f2cbc0412bc7 Loading...

	www.g806f.xyz:4985/yECA/Z-14648-A-b/tCN/ed846y84643240844	48 B	2023-05-09	2024-01-06
Pretty URL www.g806f.xyz:4985/yECA/Z-14648-A-b/tCN/ed846y84643240844 IP 159.138.58.37 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 11:39:20 Last Seen2024-01-06 22:31:26 Times Seen1240 Hash 25b9fd2c8e4fe02360c2dd0ad4bbdb59 d610486231095a6670844fb30e9a43af66bdb7b0 ebf0829271b6502a221eb6fc96f3203e573db9b399f24a064bbd874c448182d3 Loading...

	www.yli029.com/common.js	1.5 kB	2023-04-01	2023-12-15
Pretty URL www.yli029.com/common.js IP 38.238.248.62 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:18:21 Last Seen2023-12-15 12:43:24 Times Seen285 Hash 8d962885534d0ebead5fb8f74fee1c3c f611f70c5ca5341f4d8ff8750a40be20ec403559 8e85b0741f73df4da2347d3b6b9b6e969b002826984b17897b4bc3f598462d46 Loading...

	hltv27.cc:8443/	74 B	2023-03-07	2024-04-13
Pretty URL hltv27.cc:8443/ IP 45.119.98.132 ASN #133199 SonderCloud Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:24 Last Seen2024-04-13 12:28:30 Times Seen683 Hash fecf0e0d3357fa72cd59069c9f081f16 3dff6fff704b485a0317d2612a55318fd2f1e515 27aa2c388fd2005b3bc0f4e3c9bc51d6aa1f2ffac10b78e5ccf06adef7da2bdd Loading...

	hltv27.cc:8443/	0 B	2023-03-07	2024-04-24
Pretty URL hltv27.cc:8443/ IP 45.119.98.132 ASN #133199 SonderCloud Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 01:46:25 Times Seen37029174 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	3.2 kB	2023-05-17	2023-06-22
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-17 02:17:33 Last Seen2023-06-22 03:40:42 Times Seen65 Hash 459fd091667f43b2b31482ef55378db1 0e0220a987b88f9c5d99ec933449f853a5801cbd f324ff826fa3e48570871f373a5674c93e6d418ac0babfb6042e853da911fad3 Loading...

	cdn.staticfile.org/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-23
Pretty URL cdn.staticfile.org/jquery/1.12.4/jquery.min.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 22:40:37 Times Seen118642 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7cdc7a87cd9a4663f2cfe6f55826b46c	483 B	2023-06-02	2023-06-04
Pretty Observations First Seen2023-06-02 05:57:34 Last Seen2023-06-04 14:16:53 Times Seen2 Hash 7cdc7a87cd9a4663f2cfe6f55826b46c 6b6015e87e269918f4133d1133fffc3fd8d95c88 fe7c94dd98b8d37c20a37b96ee1b34db960436c1937393e2a56680499297026e Loading...

		Size	First Seen	Last Seen
	#1 Write - 8d3d1aeb2a5ae3ba54b23e01d4541452	464 B	2023-06-02	2023-06-04
Pretty Observations First Seen2023-06-02 05:57:34 Last Seen2023-06-04 14:16:53 Times Seen2 Hash 8d3d1aeb2a5ae3ba54b23e01d4541452 39505cdcf0155a51c13d0c3ddd078efb0f6eb873 dd4d43fa10c4aa7da10c32a927ae1e78cb2ac639e99f8f9561eb5685767364de Loading...

HTTP Transactions (71)

URL IP Response Size

www.yli029.com/

38.238.248.62

552 B

URL
www.yli029.com/
IP
38.238.248.62:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (682), with CRLF line terminators
Size
552 B (552 bytes)
Hash
65bd365242134196f025ee01a38e6524
d2d8d90e8202ba769c80b11d55067cfca50f1f9c
97812757b8d1c8ab1ac71f1f2351ea2a65300b416a98dc6649fdbc08acb981b3

HTTP Headers

GET / HTTP/1.1
Host: www.yli029.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Jun 2023 12:16:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar

38.238.248.62

200 OK

552 B

URL User Request GET HTTP/1.1
www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
IP
38.238.248.62:80
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (682), with CRLF line terminators
Size
552 B (552 bytes)
Hash
65bd365242134196f025ee01a38e6524
d2d8d90e8202ba769c80b11d55067cfca50f1f9c
97812757b8d1c8ab1ac71f1f2351ea2a65300b416a98dc6649fdbc08acb981b3

HTTP Headers

GET /%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar HTTP/1.1
Host: www.yli029.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Jun 2023 12:16:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.yli029.com/common.js

38.238.248.62

200 OK

703 B

URL GET HTTP/1.1
www.yli029.com/common.js
IP
38.238.248.62:80
ASN
#174 COGENT-174

Requested by
http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar

File type
HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Size
703 B (703 bytes)
Hash
8d962885534d0ebead5fb8f74fee1c3c
f611f70c5ca5341f4d8ff8750a40be20ec403559
8e85b0741f73df4da2347d3b6b9b6e969b002826984b17897b4bc3f598462d46

HTTP Headers

GET /common.js HTTP/1.1
Host: www.yli029.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Jun 2023 12:16:26 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.yli029.com/tj.js

38.238.248.62

200 OK

786 B

URL GET HTTP/1.1
www.yli029.com/tj.js
IP
38.238.248.62:80
ASN
#174 COGENT-174

Requested by
http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar

File type
ASCII text, with CRLF line terminators
Size
786 B (786 bytes)
Hash
03d759a8b076789cd0e7a49f667d3bbe
2f108f983aa14d9e413293be50c83283348c1145
ff66e9b0fe52146eba5b0c27935208e284bede33fc5a110ba5a19837feef4055

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.yli029.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Jun 2023 12:16:27 GMT
Content-Type: application/x-javascript
Content-Length: 786
Connection: keep-alive

www.yli029.com/favicon.ico

38.238.248.62

200 OK

1.2 kB

URL GET HTTP/1.1
www.yli029.com/favicon.ico
IP
38.238.248.62:80
ASN
#174 COGENT-174

Requested by
http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.yli029.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Jun 2023 12:16:27 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 09 Jun 2023 12:16:27 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
cc9b07809fa28116f1b989e70d2dadc4
8060cdf0eb0ef3eba75c922b59850bfe99087378
06a52446558c7fadd76fa995d8b5318b285be5eea77a5c94a600d318b8e6a3fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Jun 2023 00:21:55 GMT
Expires: Sat, 10 Jun 2023 00:21:54 GMT
Etag: "8060cdf0eb0ef3eba75c922b59850bfe99087378"
Cache-Control: max-age=474926,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d201b6dfe1fb527-OSL

hltv27.cc:8443/template/kuli04/images/loading.svg

45.119.98.132

200 OK

506 B

URL GET HTTP/2
hltv27.cc:8443/template/kuli04/images/loading.svg
IP
45.119.98.132:8443
ASN
#133199 SonderCloud Limited

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecthltv27.cc
Fingerprint50:7E:0B:23:B6:02:90:26:AA:15:D9:23:45:AA:FC:DD:91:78:1E:E8
ValidityFri, 26 May 2023 03:48:19 GMT - Thu, 24 Aug 2023 03:48:18 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
506 B (506 bytes)
Hash
bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

HTTP Headers

GET /template/kuli04/images/loading.svg HTTP/1.1
Host: hltv27.cc:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:29 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Thu, 10 Feb 2022 09:49:32 GMT
etag: "6204dfac-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
f772f27af6f982c26ad9a03500b5e00b
425d71f60ea516dc2f1a5834ab016dcdd2b82d84
09a4b922238abdc167b060df45f5ee62325f43b771a9f9eccc4e8cb0d261fc5b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Sun, 04 Jun 2023 12:16:30 GMT
Ali-Swift-Global-Savetime: 1685880990
Via: cache11.l2de2[4,4,200-0,M], cache11.l2de2[5,0], cache1.se1[28,28,200-0,M], cache1.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 04 Jun 2023 12:16:30 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516858809907364347e

cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.js

47.246.44.211

200 OK

11 kB

URL GET HTTP/1.1
cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.js
IP
47.246.44.211:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerDigiCert Inc
Subject*.staticfile.org
FingerprintF3:77:67:81:E3:F1:30:9E:CC:CE:EB:B9:2B:C0:7B:08:AE:D4:60:15
ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (39553)
Size
11 kB (10926 bytes)
Hash
2f34b630ffe30ba2ff2b91e3f3c322a1
b16fd8226bd6bfb08e568f1b1d0a21d60247cefb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

HTTP Headers

GET /twitter-bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 10926
Connection: keep-alive
Date: Sun, 04 Jun 2023 07:47:09 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FrFv2CJr1r-wjlaPGx0KIdYCR877.gz"
Vary: Accept-Encoding
X-Reqid: wIEAAACg5VghZWUX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="bootstrap.min.js"; filename*=utf-8''bootstrap.min.js
Content-Md5: LzS2MP/jC6L/K5Hj88MioQ==
Content-Transfer-Encoding: binary
Last-Modified: Mon, 18 Feb 2019 14:03:03 GMT
Ali-Swift-Global-Savetime: 1685864829
Via: cache23.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache8.se1[0,12,200-0,H], cache3.se1[13,0]
Content-Encoding: gzip
Age: 16161
X-Cache: HIT TCP_HIT dirn:1:323297342
X-Swift-SaveTime: Sun, 04 Jun 2023 07:48:33 GMT
X-Swift-CacheTime: 86316
Timing-Allow-Origin: *
EagleId: 2ff62c9716858809907925835e

hltv27.cc:8443/template/kuli04/css/common.css?v=0426

45.119.98.132

200 OK

2.2 kB

URL GET HTTP/2
hltv27.cc:8443/template/kuli04/css/common.css?v=0426
IP
45.119.98.132:8443
ASN
#133199 SonderCloud Limited

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecthltv27.cc
Fingerprint50:7E:0B:23:B6:02:90:26:AA:15:D9:23:45:AA:FC:DD:91:78:1E:E8
ValidityFri, 26 May 2023 03:48:19 GMT - Thu, 24 Aug 2023 03:48:18 GMT

File type
gzip compressed data, from Unix\012- data
Size
2.2 kB (2223 bytes)
Hash
79e6cbc7f613c931a6909a14349e8c52
55fa56ac92f4994c0a7af2a229dd464eac17825d
280cf6c938d44fcd0868c7be782c12505ed81f422456a95882a351b19fb3a4ad

HTTP Headers

GET /template/kuli04/css/common.css?v=0426 HTTP/1.1
Host: hltv27.cc:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:29 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 11:16:22 GMT
vary: Accept-Encoding
etag: W/"6267d486-1b3f"
expires: Mon, 05 Jun 2023 00:16:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js

47.246.44.211

200 OK

1.3 kB

URL GET HTTP/1.1
cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js
IP
47.246.44.211:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerDigiCert Inc
Subject*.staticfile.org
FingerprintF3:77:67:81:E3:F1:30:9E:CC:CE:EB:B9:2B:C0:7B:08:AE:D4:60:15
ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (3309)
Size
1.3 kB (1308 bytes)
Hash
112c8d1b40b3e62e883c743e9d71e0bf
338318e930487b2791a7bcf53ad4601630cc41e2
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

HTTP Headers

GET /jquery.lazyload/1.9.1/jquery.lazyload.min.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 1308
Connection: keep-alive
Date: Sat, 03 Jun 2023 21:28:29 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FjODGOkwSHsnkae89TrUYBYwzEHi.gz"
Vary: Accept-Encoding
X-Reqid: OIAAAAAAHqxeQ2UX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename*=utf-8''jquery.lazyload.min.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:24:38 GMT
Ali-Swift-Global-Savetime: 1685827709
Via: cache11.l2de2[348,169,304-0,C], cache11.l2de2[171,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0]
Content-Encoding: gzip
Age: 53281
X-Cache: HIT TCP_MEM_HIT dirn:11:362391777
X-Swift-SaveTime: Sat, 03 Jun 2023 21:28:29 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: 2ff62c9616858809908442219e

ocsp.digicert.cn/

47.246.44.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
f772f27af6f982c26ad9a03500b5e00b
425d71f60ea516dc2f1a5834ab016dcdd2b82d84
09a4b922238abdc167b060df45f5ee62325f43b771a9f9eccc4e8cb0d261fc5b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Sun, 04 Jun 2023 12:16:30 GMT
Ali-Swift-Global-Savetime: 1685880990
Via: cache5.l2de2[195,195,200-0,M], cache5.l2de2[196,0], cache2.se1[216,217,200-0,M], cache2.se1[218,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 04 Jun 2023 12:16:30 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616858809907342102e

hltv27.cc:8443/

45.119.98.132

200 OK

47 kB

URL GET HTTP/2
hltv27.cc:8443/
IP
45.119.98.132:8443
ASN
#133199 SonderCloud Limited

Requested by
http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
Certificate
IssuerLet's Encrypt
Subjecthltv27.cc
Fingerprint50:7E:0B:23:B6:02:90:26:AA:15:D9:23:45:AA:FC:DD:91:78:1E:E8
ValidityFri, 26 May 2023 03:48:19 GMT - Thu, 24 Aug 2023 03:48:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF, LF line terminators
Size
47 kB (47169 bytes)
Hash
d0b6ac001968f9465446c7bb23a248ca
001a87e9f9ac2c9520d2345d456ba86018b1ce7e
c168e0c61f8b1a3202a05dc3a6dbc01e42be1442ec89d1a370334c13886c9ce7

HTTP Headers

GET / HTTP/1.1
Host: hltv27.cc:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.yli029.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticfile.org/twitter-bootstrap/3.4.1/css/bootstrap.min.css

47.246.44.211

200 OK

20 kB

URL GET HTTP/1.1
cdn.staticfile.org/twitter-bootstrap/3.4.1/css/bootstrap.min.css
IP
47.246.44.211:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerDigiCert Inc
Subject*.staticfile.org
FingerprintF3:77:67:81:E3:F1:30:9E:CC:CE:EB:B9:2B:C0:7B:08:AE:D4:60:15
ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65369)
Size
20 kB (19704 bytes)
Hash
7f89537eaf606bff49f5cc1a7c24dbca
b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

HTTP Headers

GET /twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 19704
Connection: keep-alive
Date: Sat, 03 Jun 2023 22:37:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FrCXL9zOgv1YPUwszD8uPfdAShnQ.gz"
Vary: Accept-Encoding
X-Reqid: _MoAAACFY00cR2UX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="bootstrap.min.css"; filename*=utf-8''bootstrap.min.css
Content-Md5: f4lTfq9ga/9J9cwafCTbyg==
Content-Transfer-Encoding: binary
Last-Modified: Mon, 18 Feb 2019 13:57:36 GMT
Ali-Swift-Global-Savetime: 1685831822
Via: cache5.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache1.se1[0,0,200-0,H], cache5.se1[2,0]
X-M-Log: QNM:jjh1904;QNM3:36/304
X-M-Reqid: JD8AACK38JVT-FMW
X-Qnm-Cache: Hit
Content-Encoding: gzip
Age: 49169
X-Cache: HIT TCP_HIT dirn:2:265154104
X-Swift-SaveTime: Sat, 03 Jun 2023 22:49:30 GMT
X-Swift-CacheTime: 85652
Timing-Allow-Origin: *
EagleId: 2ff62c9916858809912061996e

ocsp.digicert.cn/

47.246.44.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
f772f27af6f982c26ad9a03500b5e00b
425d71f60ea516dc2f1a5834ab016dcdd2b82d84
09a4b922238abdc167b060df45f5ee62325f43b771a9f9eccc4e8cb0d261fc5b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Sun, 04 Jun 2023 12:16:31 GMT
Ali-Swift-Global-Savetime: 1685880991
Via: cache6.l2de2[475,474,200-0,M], cache6.l2de2[476,0], cache3.se1[497,497,200-0,M], cache3.se1[498,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 04 Jun 2023 12:16:31 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716858809907375724e

dimg04.c-ctrip.com/images/0102j12000a00qtew4F2F.gif?proc=autoorient

54.230.111.68

200 OK

1 B

URL GET HTTP/2
dimg04.c-ctrip.com/images/0102j12000a00qtew4F2F.gif?proc=autoorient
IP
54.230.111.68:443
ASN
#16509 AMAZON-02

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.ctrip.com
Fingerprint2A:A1:E1:95:AD:B2:BF:67:9F:85:AF:6C:C2:2D:6F:FA:5E:69:AF:1E
ValidityWed, 22 Jun 2022 03:23:19 GMT - Mon, 24 Jul 2023 03:23:18 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

HTTP Headers

GET /images/0102j12000a00qtew4F2F.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 1
date: Sat, 22 Apr 2023 02:27:54 GMT
access-control-allow-origin: *
cache-control: max-age=7776000
expires: Fri, 21 Jul 2023 02:27:54 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ckFRhkonWcaUCQCUz01-ph7VHPJtn1iq5O-Cf66IXBiydbDvE-Z-Ww==
age: 3750517
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/wanli8899/August@main/h120-2.gif

151.101.193.229

200 OK

14 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/wanli8899/August@main/h120-2.gif
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
14 kB (13611 bytes)
Hash
621c123dc1f608aa00456b35d89116f0
0eb2717432f18008c8cbb112b8435ac72e80fb1b
6483eff85a695207805dcf1f04cf789fbac5ef7deb7001cd15391bf78a5e255c

HTTP Headers

GET /gh/wanli8899/August@main/h120-2.gif HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"352b-DrJxdDLxgAjIy7ESuENaxy6A+xs"
accept-ranges: bytes
date: Sun, 04 Jun 2023 12:16:31 GMT
age: 31662
x-served-by: cache-fra-eddf8230065-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13611
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/wanli8899/August@main/h80.gif

151.101.193.229

200 OK

265 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/wanli8899/August@main/h80.gif
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
265 kB (264929 bytes)
Hash
7362a9a768a9da19caf58c4d0b4a4784
b087e55f4bc24de0b97c24a9d221df3d131d9c4c
ef760b8996fecb3e4c85feda62708080306db9c6c4288e9a0bec610ee509eca2

HTTP Headers

GET /gh/wanli8899/August@main/h80.gif HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"40ae1-sIflX0vCTeC5fCSp0iHfPRMdnEw"
accept-ranges: bytes
date: Sun, 04 Jun 2023 12:16:31 GMT
age: 26963
x-served-by: cache-fra-eddf8230114-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 264929
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/wanli8899/August@main/h120-4.gif

151.101.193.229

200 OK

58 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/wanli8899/August@main/h120-4.gif
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
GIF image data, version 89a, 300 x 300\012- data
Size
58 kB (57589 bytes)
Hash
2b5f0d62edd98a680418d4237f99c813
7a8b80acb7d979198464f17e5efa8b20e4649a83
dc136150b9dd76aa8d45e8031b3545b292fc8e18191c3b4266ef8f695bfeb844

HTTP Headers

GET /gh/wanli8899/August@main/h120-4.gif HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"e0f5-eouArLfZeRmEZPF+XvqLIORkmoM"
accept-ranges: bytes
date: Sun, 04 Jun 2023 12:16:31 GMT
age: 38947
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57589
X-Firefox-Spdy: h2

www.linkpicture.com/q/120x120.gif

104.21.235.181

200 OK

24 kB

URL GET HTTP/2
www.linkpicture.com/q/120x120.gif
IP
104.21.235.181:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjectlinkpicture.com
Fingerprint67:33:2F:5C:D3:A8:72:65:A4:41:8E:4F:AA:99:57:73:CE:04:36:46
ValidityMon, 17 Apr 2023 03:21:55 GMT - Sun, 16 Jul 2023 03:21:54 GMT

File type
GIF image data, version 89a, 120 x 120\012- data
Size
24 kB (23800 bytes)
Hash
6057a03f4a6e6362bf078d82869045e2
f45f8a154f806624a69ab1a8af518bcc8aa66d84
4fa11a17e66fb52bb7ba19f06174b0980f6671060e98ed9a8b6608dc3f09e435

HTTP Headers

GET /q/120x120.gif HTTP/1.1
Host: www.linkpicture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 23800
last-modified: Mon, 13 Mar 2023 07:20:05 GMT
etag: "640ecea5-5cf8"
x-powered-by: PleskLin
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGcYlTGsGi5q9G9XES%2BihEqFLDBUcN1iM1iRfh72%2BdN9vExgpYoZ6tqhi1z3S%2BfY4as3MO%2BiR6MvQ3kM8Ds8uQ0tZjhufYsspkoy%2FMELGESpruLoyAo68VRRSO%2FKs0By5k%2BzzNjF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d201b84680f891e-LHR
X-Firefox-Spdy: h2

www.linkpicture.com/q/0512_960x80.gif

104.21.235.181

200 OK

98 kB

URL GET HTTP/2
www.linkpicture.com/q/0512_960x80.gif
IP
104.21.235.181:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjectlinkpicture.com
Fingerprint67:33:2F:5C:D3:A8:72:65:A4:41:8E:4F:AA:99:57:73:CE:04:36:46
ValidityMon, 17 Apr 2023 03:21:55 GMT - Sun, 16 Jul 2023 03:21:54 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
98 kB (98086 bytes)
Hash
11510055f728f48e97de96208c35545c
2e8623f5bbe7eff53060d84a300f7fe393cef775
b8ea6dd9328f61a854a74014c63d3009d90d501a5abac64ac366e8e7acefb766

HTTP Headers

GET /q/0512_960x80.gif HTTP/1.1
Host: www.linkpicture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 98086
last-modified: Fri, 12 May 2023 12:19:54 GMT
etag: "645e2eea-17f26"
x-powered-by: PleskLin
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yNa1uewuWFJn6b%2B%2FKL%2B5zoa9LrozvACNhDiMDlo64UTaFETHux4ENoXyfXg03gluSGVZWo1Y7J5mQE%2FfVN3qr7brsL4mrqebixaxBodZ7QcI6wIOGgqh7%2BpssrjVTQZ2BJ%2F7iTE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d201b84a85a891e-LHR
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.20.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
071f0d389e04df0496081501a7573a45
c386f700e294d32a510c1924bf173e7847448f3e
12822b77d01cbfc46b4e6de9e6bfb6747c34d6e82e0c1cda188b32a472d71dbe

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:33:29 GMT
ETag: "c386f700e294d32a510c1924bf173e7847448f3e"
Last-Modified: Sun, 04 Jun 2023 11:33:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b852870b4f4-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.20.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
071f0d389e04df0496081501a7573a45
c386f700e294d32a510c1924bf173e7847448f3e
12822b77d01cbfc46b4e6de9e6bfb6747c34d6e82e0c1cda188b32a472d71dbe

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:33:29 GMT
ETag: "c386f700e294d32a510c1924bf173e7847448f3e"
Last-Modified: Sun, 04 Jun 2023 11:33:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b8529f5fac4-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.20.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
071f0d389e04df0496081501a7573a45
c386f700e294d32a510c1924bf173e7847448f3e
12822b77d01cbfc46b4e6de9e6bfb6747c34d6e82e0c1cda188b32a472d71dbe

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:33:29 GMT
ETag: "c386f700e294d32a510c1924bf173e7847448f3e"
Last-Modified: Sun, 04 Jun 2023 11:33:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b859902b4f4-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
5287c894b51b5694bc4b71cc5f2a9ac3
9e5ac9e5af2a65af72f39bd2048d5755d6c6a64f
4f4926982b278a2fe3a0bb70bfeeb3382d36e78c28fddb75a72ec32228429448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 12:08:12 GMT
Expires: Sun, 11 Jun 2023 12:08:11 GMT
Etag: "9e5ac9e5af2a65af72f39bd2048d5755d6c6a64f"
Cache-Control: max-age=603699,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d201b84aba8b527-OSL

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

1.5 kB

URL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
dcca862921b39b89799c3c80e8243209
d5618bd2bdc0f1be827f3599be085b2fddb91f46
9b0b0879f32479050658f577b637a31b762a7e52fce1f2eff8f20c581efabd49

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A020762C7FDC7F9526BBE79718CFB8332DADDC23"
Expires: Sun, 04 Jun 2023 23:00:00 GMT
Last-Modified: Sun, 04 Jun 2023 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 215
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b8609261bfe-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.20.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
8125c8a27ec90b9536bf6c4034dfd5df
649c39357ac60780632daa02a7d0f80990e84cb9
739f87973ae10a3897a2537c4cf811e03ee0bb769947ffe817594f6fbcd14369

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Thu, 08 Jun 2023 10:10:14 GMT
ETag: "649c39357ac60780632daa02a7d0f80990e84cb9"
Last-Modified: Sun, 04 Jun 2023 10:10:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2654
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b86bb30fac4-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
bd9bde7be994f948af7acf9cacd77f43
21c6fa4f53b7fd4f8a7d07f18440dcbe3e9ff001
20d4585edf27e396f3a356a84c4ce91dae415441cb0861572e04919143b7f39b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Jun 2023 15:22:04 GMT
Expires: Fri, 09 Jun 2023 15:22:03 GMT
Etag: "21c6fa4f53b7fd4f8a7d07f18440dcbe3e9ff001"
Cache-Control: max-age=442531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d201b86bec0b527-OSL

tututu46.oss-accelerate.aliyuncs.com/960x160.gif

47.254.187.169

200 OK

152 kB

URL GET HTTP/1.1
tututu46.oss-accelerate.aliyuncs.com/960x160.gif
IP
47.254.187.169:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-eu-central-1.aliyuncs.com
FingerprintDA:18:69:4C:8B:82:70:86:A9:16:CD:3D:78:02:BA:9D:A4:62:13:5C
ValidityMon, 30 Jan 2023 02:31:08 GMT - Sat, 02 Mar 2024 02:31:07 GMT

File type
GIF image data, version 89a, 960 x 160\012- data
Size
152 kB (151739 bytes)
Hash
37cf3a1123a7d05efc0c85d96bffcd90
f07470952ba341879dfd8e49d8b549ad83be8e0c
e0d0033ab0b27b81b9f926c39e5a6a3751a6e70572831d811640a6f104f19f4e

HTTP Headers

GET /960x160.gif HTTP/1.1
Host: tututu46.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: image/gif
Content-Length: 151739
Connection: keep-alive
x-oss-request-id: 647C809FE5E96366826A7596
Accept-Ranges: bytes
ETag: "37CF3A1123A7D05EFC0C85D96BFFCD90"
Last-Modified: Mon, 03 Apr 2023 12:35:02 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2353307901472230431
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: N886ESOn0F78DIXZa//NkA==
x-oss-server-time: 2

tututu46.oss-accelerate.aliyuncs.com/150x150.gif

47.254.187.169

200 OK

165 kB

URL GET HTTP/1.1
tututu46.oss-accelerate.aliyuncs.com/150x150.gif
IP
47.254.187.169:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-eu-central-1.aliyuncs.com
FingerprintDA:18:69:4C:8B:82:70:86:A9:16:CD:3D:78:02:BA:9D:A4:62:13:5C
ValidityMon, 30 Jan 2023 02:31:08 GMT - Sat, 02 Mar 2024 02:31:07 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
165 kB (164602 bytes)
Hash
12efba95b0f43cddde5b490ff112904a
869f5e97d48d0d6e0c9aaa704550ecfc2a6c8f22
b2aa0f045842f3e919bc7030e406efa082cc03889bf99bc5cbd2ea370e382054

HTTP Headers

GET /150x150.gif HTTP/1.1
Host: tututu46.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: image/gif
Content-Length: 164602
Connection: keep-alive
x-oss-request-id: 647C809FEF90829B5468909A
Accept-Ranges: bytes
ETag: "12EFBA95B0F43CDDDE5B490FF112904A"
Last-Modified: Mon, 03 Apr 2023 12:35:06 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5777801718063916714
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Eu+6lbD0PN3eW0kP8RKQSg==
x-oss-server-time: 2

u1011.com/27261a207ece4d06ad19f694d149de3b.png

103.170.15.50

200 OK

17 kB

URL GET HTTP/2
u1011.com/27261a207ece4d06ad19f694d149de3b.png
IP
103.170.15.50:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerSectigo Limited
Subjectu1011.com
Fingerprint86:0A:44:45:C5:90:7D:D9:53:79:87:5C:75:2B:A0:7C:E5:0C:5F:9B
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16893 bytes)
Hash
9b4c7a36586c545cdd3e07face654dd1
cfafdc41d87cdb440e5cd39efe3f358b8522a1c0
7160a510b35461ef2a94b9a725ebe0dfdf80496c58a2d504485f3b128bb0a1a6

HTTP Headers

GET /27261a207ece4d06ad19f694d149de3b.png HTTP/1.1
Host: u1011.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6478bc19-41fd"
server: nginx
date: Sat, 03 Jun 2023 21:33:17 GMT
content-type: image/png
last-modified: Thu, 01 Jun 2023 15:41:13 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-40
content-length: 16893
X-Firefox-Spdy: h2

ocsp.buypass.com/

23.36.76.129

1.7 kB

URL
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
609321620d4ee709a304aa8cc97547c3
4f2f506817ed87602cdad8a8fc00054412aaa5e7
c5039933d23d63c48db634e294b2c4112eecbcbd7113247070176ebf1c0aba3a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ef368053-cd1f-4dd2-b8bc-03060df9ea32
Content-Length: 1701
Date: Sun, 04 Jun 2023 12:16:32 GMT
Connection: keep-alive

ocsp.buypass.com/

23.36.76.129

1.7 kB

URL
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
609321620d4ee709a304aa8cc97547c3
4f2f506817ed87602cdad8a8fc00054412aaa5e7
c5039933d23d63c48db634e294b2c4112eecbcbd7113247070176ebf1c0aba3a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 3b1b3d61-d386-4ebb-8e93-adcb859155bb
Content-Length: 1701
Date: Sun, 04 Jun 2023 12:16:32 GMT
Connection: keep-alive

xinchacha2dv.ocsp-certum.com/

23.36.79.10

1.5 kB

URL
xinchacha2dv.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.5 kB (1538 bytes)
Hash
2e1d57b7eb35ea1f5b47fcefedf1807b
7bf0f73808b4975477a6cea130c526f30cb841a9
ef822745e0042a2f9ed2671b1035d740aa945451c02e53c818a1b03f582be0cb

HTTP Headers

POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=842
Date: Sun, 04 Jun 2023 12:16:32 GMT
Connection: keep-alive
X-N: S

xinchacha2dv.ocsp-certum.com/

23.36.79.10

1.5 kB

URL
xinchacha2dv.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.5 kB (1538 bytes)
Hash
2e1d57b7eb35ea1f5b47fcefedf1807b
7bf0f73808b4975477a6cea130c526f30cb841a9
ef822745e0042a2f9ed2671b1035d740aa945451c02e53c818a1b03f582be0cb

HTTP Headers

POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=882
Date: Sun, 04 Jun 2023 12:16:32 GMT
Connection: keep-alive
X-N: S

xinchacha2dv.ocsp-certum.com/

23.36.79.10

1.5 kB

URL
xinchacha2dv.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.5 kB (1538 bytes)
Hash
2e1d57b7eb35ea1f5b47fcefedf1807b
7bf0f73808b4975477a6cea130c526f30cb841a9
ef822745e0042a2f9ed2671b1035d740aa945451c02e53c818a1b03f582be0cb

HTTP Headers

POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sun, 04 Jun 2023 12:16:32 GMT
Connection: keep-alive
X-N: S

ocsp.trust-provider.cn/

47.246.44.205

599 B

URL
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
599 B (599 bytes)
Hash
b6ef8a15760717bf7637486d5c6b1ece
127345af7a0e26166836270670bf2b44ea32f273
5e021f3ce514ab1db10528ff3f4f3e216f663d02edb4f5f7a62924d26ec904e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 04 Jun 2023 12:16:32 GMT
last-modified: Sat, 03 Jun 2023 10:14:36 GMT
expires: Sat, 10 Jun 2023 10:14:35 GMT
etag: "127345af7a0e26166836270670bf2b44ea32f273"
cache-control: max-age=551405,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 7d201b8a7be0bbd3-FRA
via: cache11.l2de2[36,0], cache8.se1[57,0], cache1.se1[59,0]
timing-allow-origin: *, *
eagleid: 2ff62c9516858809923596233e, 2ff62c9516858809923596233e

ocsp.trust-provider.cn/

47.246.44.205

599 B

URL
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
599 B (599 bytes)
Hash
b6ef8a15760717bf7637486d5c6b1ece
127345af7a0e26166836270670bf2b44ea32f273
5e021f3ce514ab1db10528ff3f4f3e216f663d02edb4f5f7a62924d26ec904e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 04 Jun 2023 12:16:32 GMT
last-modified: Sat, 03 Jun 2023 10:14:36 GMT
expires: Sat, 10 Jun 2023 10:14:35 GMT
etag: "127345af7a0e26166836270670bf2b44ea32f273"
cache-control: max-age=510482,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 7d201b8a7c6f9a18-FRA
via: cache23.l2de2[34,0], cache8.se1[57,0], cache4.se1[59,0]
timing-allow-origin: *, *
eagleid: 2ff62c9816858809923675038e, 2ff62c9816858809923675038e

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
78b27dc2dda75f3bde1e3de8262be0ba
0f4d62755bd64c108e716c088116e2f562dbd896
342a04483e66ba5532a3d9a4f9d64dfe03ec17d3afea4b655e2807235eb2c59a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Jun 2023 11:48:11 GMT
Expires: Fri, 09 Jun 2023 11:48:10 GMT
Etag: "0f4d62755bd64c108e716c088116e2f562dbd896"
Cache-Control: max-age=429933,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d201b8a9ca4b527-OSL

tututu46.oss-accelerate.aliyuncs.com/960x80.gif

47.254.187.169

200 OK

334 kB

URL GET HTTP/1.1
tututu46.oss-accelerate.aliyuncs.com/960x80.gif
IP
47.254.187.169:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-eu-central-1.aliyuncs.com
FingerprintDA:18:69:4C:8B:82:70:86:A9:16:CD:3D:78:02:BA:9D:A4:62:13:5C
ValidityMon, 30 Jan 2023 02:31:08 GMT - Sat, 02 Mar 2024 02:31:07 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
334 kB (334447 bytes)
Hash
951b69336d9c15a474f41f1570950b3d
dbeb8fd225c80ce43707842386496340cd8d9bb4
76cce8df402fc0d22d11148e2c3234c754729790550a898bf49b5040b6c0e27a

HTTP Headers

GET /960x80.gif HTTP/1.1
Host: tututu46.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 04 Jun 2023 12:16:31 GMT
Content-Type: image/gif
Content-Length: 334447
Connection: keep-alive
x-oss-request-id: 647C809F817FCE00316B84C2
Accept-Ranges: bytes
ETag: "951B69336D9C15A474F41F1570950B3D"
Last-Modified: Mon, 03 Apr 2023 12:35:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12710462897319811913
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: lRtpM22cFaR09B8VcJULPQ==
x-oss-server-time: 2

www.g806f.xyz:4985/yECA/Z-14648-A-b/tCN/ed846y84643240844

159.138.58.37

165 B

URL GET
www.g806f.xyz:4985/yECA/Z-14648-A-b/tCN/ed846y84643240844
IP
159.138.58.37:0
ASN
#136907 HUAWEI CLOUDS

Requested by
https://hltv27.cc:8443/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectwww.g806f.xyz
Fingerprint7E:1F:6B:CE:05:2A:B5:A0:A2:24:94:EB:98:B0:D2:EE:3C:C9:3F:AF
ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
25b9fd2c8e4fe02360c2dd0ad4bbdb59
d610486231095a6670844fb30e9a43af66bdb7b0
ebf0829271b6502a221eb6fc96f3203e573db9b399f24a064bbd874c448182d3

HTTP Headers

GET /yECA/Z-14648-A-b/tCN/ed846y84643240844 HTTP/1.1
Host: www.g806f.xyz:4985
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, PATCH, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: AuthToken, Authorization, Origin, Content-Type, Accept, X-Requested-With
access-control-allow-origin: *
date: Sun, 04 Jun 2023 12:16:31 GMT
content-length: 165
X-Firefox-Spdy: h2

kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gif

13.227.254.18

200 OK

514 kB

URL GET HTTP/2
kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gif
IP
13.227.254.18:443
ASN
#16509 AMAZON-02

Requested by
https://hltv27.cc:8443/
Certificate
IssuerAmazon
Subjectkvezz.com
FingerprintA5:B5:0B:36:EB:55:F1:5A:6E:94:89:18:72:88:18:BA:E2:8A:13:FD
ValidityMon, 19 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
514 kB (513789 bytes)
Hash
cf359e5788472ae6d8dd1077b7178e46
b65c4ca87f886a8f875c92dd5230b882421cd0fc
754e73a6a2a86f8533f15bf92061610fa505787bce36a52c9e1944b44ae15364

HTTP Headers

GET /ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 513789
last-modified: Mon, 19 Dec 2022 08:20:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Jun 2023 11:36:14 GMT
etag: "cf359e5788472ae6d8dd1077b7178e46"
x-cache: Hit from cloudfront
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: ULzGraUAXDOB5I4axrJjauQCDvKe3NI9GbN7OeWyJlpReuLUSEfi6Q==
age: 2418
X-Firefox-Spdy: h2

tscf8.com/ba306bc87113a557ede08dd27e77f7a3.gif

172.83.155.45

200 OK

49 kB

URL GET HTTP/2
tscf8.com/ba306bc87113a557ede08dd27e77f7a3.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
49 kB (48550 bytes)
Hash
dcba8203c9183f2e83272957160fbd88
66dc3d5f3078891dd482f9596e7164f028c83c3f
f1a72472741925196d6383e1338dcc8066f2bfbe15c8c2802c6b88803ed1c184

HTTP Headers

GET /ba306bc87113a557ede08dd27e77f7a3.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 48550
last-modified: Sat, 22 Apr 2023 13:05:24 GMT
etag: "6443db94-bda6"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 257620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3M7Lw3%2FtjoZKIKUbXL4t38vUEZ9Ea5hZ%2FngHk4ib03fvO49eoGzsHz8%2FfYV1VBdO8B7r7omYTR3i6uciKdIrgXO%2FGdoxz%2BrO2NwP6lpEh%2FXpNcl2obDbgEBWtdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b45b289f283e-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

lexs9.com/b3564a92de8631ddfdf7c78523737164.gif

172.83.155.45

200 OK

390 kB

URL GET HTTP/2
lexs9.com/b3564a92de8631ddfdf7c78523737164.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjectlexs9.com
Fingerprint24:51:4A:21:30:1E:9B:D4:37:EA:7D:A1:40:DC:F7:CE:0D:E6:35:AF
ValiditySun, 28 May 2023 07:05:52 GMT - Sat, 26 Aug 2023 07:05:51 GMT

File type
GIF image data, version 89a, 1000 x 80\012- data
Size
390 kB (390191 bytes)
Hash
b055e4c122b2384e614803f369fa362d
0f2f9878079ee628d4bb3a8a588a7b2e86f53237
6506f0d4316d26536864df7f3ebe01ed26847604bb7fe964925b61a30a9915ac

HTTP Headers

GET /b3564a92de8631ddfdf7c78523737164.gif HTTP/1.1
Host: lexs9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 390191
last-modified: Sat, 18 Feb 2023 03:32:31 GMT
etag: "63f046cf-5f42f"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNpIpgzWdO73vcMH7TXm0sXEcxM8449fnDiuH36WdSkcf9AvzmgZV6m7O7GSqomzxSa7dnSZDdWnb7iecqQc0eRqHRQXXHcYtYAawh4yW217uRpT2BpWqnwpvQ0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b4e84eb5c6c5-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

tscf8.com/0e9f55a4618ee7c0c581873af31b4162.gif

172.83.155.45

200 OK

40 kB

URL GET HTTP/2
tscf8.com/0e9f55a4618ee7c0c581873af31b4162.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
40 kB (40352 bytes)
Hash
8199cd3d05617db3280dbd1937c1ab74
d1eda85a3e7b7ce9e9109002735059fddcd8917e
6573d580e35556ca8da98d8041d560f25a631b5f178d78429a733e7c330afe77

HTTP Headers

GET /0e9f55a4618ee7c0c581873af31b4162.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 40352
last-modified: Fri, 23 Dec 2022 12:54:30 GMT
etag: "63a5a506-9da0"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 66172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCQV4qGfu4%2Bu8R6T7sppiB7%2FzLeihCDO22HBw%2B3MqPzMzzv2CZ59mV0MeFE8eSLoFyGxLf6dx1smWe8%2BeloCfnSVM31VPZHhuZdkgskRF1XoFtWVpuE%2Btno5xq2J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b45b9e81c39c-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

lexs9.com/29bcb0c77e52fe486f47bfa7e80b7908.gif

172.83.155.45

200 OK

301 kB

URL GET HTTP/2
lexs9.com/29bcb0c77e52fe486f47bfa7e80b7908.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjectlexs9.com
Fingerprint24:51:4A:21:30:1E:9B:D4:37:EA:7D:A1:40:DC:F7:CE:0D:E6:35:AF
ValiditySun, 28 May 2023 07:05:52 GMT - Sat, 26 Aug 2023 07:05:51 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
301 kB (300799 bytes)
Hash
bde9b2338e4fb17e0b3397e02ec45b67
a3093debe3c0210398d4d45a6687e7103f69f9f1
ad6c8f8db00cec2b49e7b1e492c5b8e7e0c1540b2650af5eb64ca5c0a458ca12

HTTP Headers

GET /29bcb0c77e52fe486f47bfa7e80b7908.gif HTTP/1.1
Host: lexs9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 300799
last-modified: Sat, 18 Feb 2023 03:31:21 GMT
etag: "63f04689-496ff"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 39
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA3Uxr%2FdseCXV%2B6xTRMx2qJl85jUbFg%2BF5GsJyfRJiL2G7nAuWK%2BLerl8E5cfJe6ISHF%2BA7NhPDcgvkiXwYR5Rio6pfCqNk%2FneUKSROodguEEHRTETtt8WVy%2B9%2B4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b4ec698bc535-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

u1099.com/2a321d26dec441afaeb732c7c0e3a094.gif

103.170.15.20

200 OK

519 kB

URL GET HTTP/2
u1099.com/2a321d26dec441afaeb732c7c0e3a094.gif
IP
103.170.15.20:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerSectigo Limited
Subjectu1099.com
Fingerprint65:DD:90:49:71:EA:0C:91:25:96:45:F0:79:E8:12:7B:34:54:BB:B5
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
519 kB (519306 bytes)
Hash
5e530dbf8e7dfab35b57c9cbe75f14cc
de94895cb8bff889d9d0ed0f9c21999831c42c45
ee1b4f206d897fa560b1a87eef7f2a8047ea49d2703c68c985d7263b86c0a8c3

HTTP Headers

GET /2a321d26dec441afaeb732c7c0e3a094.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
etag: "64776834-7ec8a"
server: nginx
date: Fri, 02 Jun 2023 05:02:29 GMT
content-type: image/gif
last-modified: Wed, 31 May 2023 15:31:00 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-10
content-length: 519306
X-Firefox-Spdy: h2

tscf8.com/2f6b3bec582f9b841581acd197a97a9f.gif

172.83.155.45

200 OK

592 kB

URL GET HTTP/2
tscf8.com/2f6b3bec582f9b841581acd197a97a9f.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT

File type
GIF image data, version 89a, 960 x 240\012- data
Size
592 kB (592278 bytes)
Hash
91594e06fe3d3f9d1119a20e81b18964
ddae23a2a137379a6d2923e1744d0c64245e1aa7
0e3482aed24b16d737556af9c23093e2b37288eaca4ac8b485f9a30f354af2d0

HTTP Headers

GET /2f6b3bec582f9b841581acd197a97a9f.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 592278
last-modified: Tue, 18 Apr 2023 13:29:02 GMT
etag: "643e9b1e-90996"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1028429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KRnCi0ZEreSk8wDPQNQdXKyOrnmowO%2F3UPkm05uPmno3%2FYD%2BdtoelLG%2B8Ab3khwlpRIp%2FsGneal%2Bnd8zsLGbJ9zqcbd0Mg7Mq%2FFIpdC8bSppv9%2FdCCgEPFQOfO9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b458e878c384-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com/882-150x150.gif

47.110.178.68

200 OK

199 kB

URL GET HTTP/1.1
vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com/882-150x150.gif
IP
47.110.178.68:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-cn-hangzhou.aliyuncs.com
Fingerprint1D:79:0F:5A:99:E6:4D:DC:A2:70:A6:80:16:6D:82:2B:62:EA:34:B8
ValidityWed, 15 Feb 2023 06:06:07 GMT - Mon, 18 Mar 2024 06:06:06 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
199 kB (199438 bytes)
Hash
d6b073bcb9e3a5b05995e5ed89074837
73d15072f6eeb2d2a82c67f394ea61fc8f56d09e
cc11f2fc838272567eb8b3151d122390b326c8486fd1af8f6007ef0b1ec6d813

HTTP Headers

GET /882-150x150.gif HTTP/1.1
Host: vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 04 Jun 2023 12:16:32 GMT
Content-Type: image/gif
Content-Length: 199438
Connection: keep-alive
x-oss-request-id: 647C80A07F57C53531E4B84B
Accept-Ranges: bytes
ETag: "D6B073BCB9E3A5B05995E5ED89074837"
Last-Modified: Wed, 08 Feb 2023 06:25:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12082038096429576854
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 1rBzvLnjpbBZleXtiQdINw==
x-oss-server-time: 2

tscf8.com/8f48f887e0c4110a67ca8e85bd201a8a.gif

172.83.155.45

200 OK

486 kB

URL GET HTTP/2
tscf8.com/8f48f887e0c4110a67ca8e85bd201a8a.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT

File type
GIF image data, version 89a, 960 x 100\012- data
Size
486 kB (485451 bytes)
Hash
c32fc22899b5bdfcc45976f5519a98ed
35ade236cc82bb09a86be58be6805315178e9bb1
73d57d938f63728e69df2c0236986dc3af3ca4105977af8436d2712fb3fa97c1

HTTP Headers

GET /8f48f887e0c4110a67ca8e85bd201a8a.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 485451
last-modified: Tue, 18 Apr 2023 13:28:32 GMT
etag: "643e9b00-7684b"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1028429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHL3biJXo4Usk8GlbGG6jJRx%2BWvVianSqQ0AFIEKk8sHVcg3LSytRk8tLARF%2FfJBWMotYAJpB8rnhc8gh2j7OUPlyHS6JYOasE8mzJ4NBeoLL43%2Bw21QzjWe0FAI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7d16b458ebc4c382-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

tscf8.com/3a42b77b06a321ae0a42e47f62868fd8.gif

172.83.155.45

200 OK

476 kB

URL GET HTTP/2
tscf8.com/3a42b77b06a321ae0a42e47f62868fd8.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecttscf8.com
Fingerprint5E:80:E1:2C:CF:58:95:9F:92:1B:EE:12:F4:69:64:75:13:C3:06:59
ValiditySun, 28 May 2023 07:06:25 GMT - Sat, 26 Aug 2023 07:06:24 GMT

File type
GIF image data, version 89a, 1000 x 80\012- data
Size
476 kB (476331 bytes)
Hash
3bb0a63f311f773d037332df59db4adf
084055c87bfae01407820232bc8069750f5da023
4cae409bb456a7e01557fb38a9e2490535d48158d0f6a5daf24fa2dd3de13646

HTTP Headers

GET /3a42b77b06a321ae0a42e47f62868fd8.gif HTTP/1.1
Host: tscf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:31 GMT
content-type: image/gif
content-length: 476331
last-modified: Fri, 19 Aug 2022 17:02:35 GMT
etag: "62ffc22b-744ab"
expires: Mon, 05 Jun 2023 00:16:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 156915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDip6xNUXiAgS9qy%2FHXunJBpXpuK1dEDLTl36vJXXp6su2B2Auukc6LP8QDbDeqz5WCuQ4ZRIdd%2BQwEDxd0RmBD4UpU%2F1Xa1KYsg99bSGS4QQ6uhoHqn801fXLVO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7d172865dc41c390-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ldbbs.ldmnq.com/bbs/topic/images/2023-5/654c4173-639b-4d35-942a-7e8dfb39e1ee.gif

218.12.76.166

200 OK

131 kB

URL GET HTTP/1.1
ldbbs.ldmnq.com/bbs/topic/images/2023-5/654c4173-639b-4d35-942a-7e8dfb39e1ee.gif
IP
218.12.76.166:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hltv27.cc:8443/
Certificate
IssuerBeijing Xinchacha Credit Management Co., Ltd.
Subject*.ldmnq.com
Fingerprint67:C6:22:70:18:8C:8D:1C:18:77:EF:C9:FF:3D:79:77:55:92:98:4A
ValidityMon, 10 Oct 2022 06:12:34 GMT - Tue, 10 Oct 2023 06:12:33 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
131 kB (130902 bytes)
Hash
6179a193590bb24eaa36ebf361eeefc9
c38607726a6448e688a70e4495b877e501959939
f9e86721182cba557a2c72a9ce9a278bdb7bfee989f1bf2f79626cf6a9d24580

HTTP Headers

GET /bbs/topic/images/2023-5/654c4173-639b-4d35-942a-7e8dfb39e1ee.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:32 GMT
Content-Type: image/gif
Content-Length: 130902
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-request-id: 00000187EBAB8FDF90100DB73C799DD8
ETag: "6179a193590bb24eaa36ebf361eeefc9"
Last-Modified: Fri, 05 May 2023 10:15:35 GMT
Content-Encoding: utf-8
x-amz-storage-class: STANDARD_IA
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSpblL8FRXPJlsAQpH4lR8lYyT3iQDlj
via: CHN-HEshijiazhuang-AREACUCC1-CACHE24[3],CHN-HEshijiazhuang-AREACUCC1-CACHE42[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE97[8],CHN-TJ-GLOBAL1-CACHE64[0,TCP_HIT,1]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
Age: 2594877
Accept-Ranges: bytes

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
295b1b34004893294e5c8b8d48a85347
18b25ad80d04f176b8fa757521bd4946ec7cd7ed
244e785feef8af4396a160f07a943aa63c1de9246288c00979b5fa0e9cf515b7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:29:04 GMT
ETag: "18b25ad80d04f176b8fa757521bd4946ec7cd7ed"
Last-Modified: Sun, 04 Jun 2023 11:29:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b900dd2b50c-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
295b1b34004893294e5c8b8d48a85347
18b25ad80d04f176b8fa757521bd4946ec7cd7ed
244e785feef8af4396a160f07a943aa63c1de9246288c00979b5fa0e9cf515b7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:29:04 GMT
ETag: "18b25ad80d04f176b8fa757521bd4946ec7cd7ed"
Last-Modified: Sun, 04 Jun 2023 11:29:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b90097bb4eb-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
295b1b34004893294e5c8b8d48a85347
18b25ad80d04f176b8fa757521bd4946ec7cd7ed
244e785feef8af4396a160f07a943aa63c1de9246288c00979b5fa0e9cf515b7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:29:04 GMT
ETag: "18b25ad80d04f176b8fa757521bd4946ec7cd7ed"
Last-Modified: Sun, 04 Jun 2023 11:29:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d201b901a96fac4-OSL

vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com/882-960x80.gif

47.110.178.68

200 OK

250 kB

URL GET HTTP/1.1
vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com/882-960x80.gif
IP
47.110.178.68:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-cn-hangzhou.aliyuncs.com
Fingerprint1D:79:0F:5A:99:E6:4D:DC:A2:70:A6:80:16:6D:82:2B:62:EA:34:B8
ValidityWed, 15 Feb 2023 06:06:07 GMT - Mon, 18 Mar 2024 06:06:06 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
250 kB (250356 bytes)
Hash
782f1eaf936342eb06b81643ed729d79
72c2a74a7b0d2414f719abde06117ee783bab8b3
bf5bbe7ca20750cd6a00e690f4726ae7a1f0f125e98736c50b599bb1b65351f7

HTTP Headers

GET /882-960x80.gif HTTP/1.1
Host: vnsguanggaotu.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 04 Jun 2023 12:16:32 GMT
Content-Type: image/gif
Content-Length: 250356
Connection: keep-alive
x-oss-request-id: 647C80A05878D23832F9407E
Accept-Ranges: bytes
ETag: "782F1EAF936342EB06B81643ED729D79"
Last-Modified: Wed, 08 Feb 2023 06:25:09 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10008971337816098083
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: eC8er5NjQusGuBZD7XKdeQ==
x-oss-server-time: 3

ldbbs.ldmnq.com/bbs/topic/images/2023-5/95b6a684-b3e7-46a5-9f27-a5474b52031c.gif

218.12.76.166

200 OK

580 kB

URL GET HTTP/1.1
ldbbs.ldmnq.com/bbs/topic/images/2023-5/95b6a684-b3e7-46a5-9f27-a5474b52031c.gif
IP
218.12.76.166:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hltv27.cc:8443/
Certificate
IssuerBeijing Xinchacha Credit Management Co., Ltd.
Subject*.ldmnq.com
Fingerprint67:C6:22:70:18:8C:8D:1C:18:77:EF:C9:FF:3D:79:77:55:92:98:4A
ValidityMon, 10 Oct 2022 06:12:34 GMT - Tue, 10 Oct 2023 06:12:33 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
580 kB (580501 bytes)
Hash
62ed8a3729a0ef26d8c9222b9b8ab2f4
2edad13b51dec57cf917451cb53083b2b2516479
9ba6a079e2f219e626f051fa77791a10d28855f369c6bcef27cf9312a4f81996

HTTP Headers

GET /bbs/topic/images/2023-5/95b6a684-b3e7-46a5-9f27-a5474b52031c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:32 GMT
Content-Type: image/gif
Content-Length: 580501
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-request-id: 00000187EB6609EE981482093E216CF0
ETag: "62ed8a3729a0ef26d8c9222b9b8ab2f4"
Last-Modified: Fri, 05 May 2023 10:12:09 GMT
Content-Encoding: utf-8
x-amz-storage-class: STANDARD_IA
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSs4IXGIBHl4tlNOJfgbLnozisih6s6J
via: CHN-HEshijiazhuang-AREACUCC1-CACHE32[3],CHN-HEshijiazhuang-AREACUCC1-CACHE52[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE17[37],CHN-TJ-GLOBAL1-CACHE52[0,TCP_HIT,34]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
Age: 2599181
Accept-Ranges: bytes

ldbbs.ldmnq.com/bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif

218.12.76.166

200 OK

1.2 MB

URL GET HTTP/1.1
ldbbs.ldmnq.com/bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif
IP
218.12.76.166:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://hltv27.cc:8443/
Certificate
IssuerBeijing Xinchacha Credit Management Co., Ltd.
Subject*.ldmnq.com
Fingerprint67:C6:22:70:18:8C:8D:1C:18:77:EF:C9:FF:3D:79:77:55:92:98:4A
ValidityMon, 10 Oct 2022 06:12:34 GMT - Tue, 10 Oct 2023 06:12:33 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.2 MB (1197751 bytes)
Hash
6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6

HTTP Headers

GET /bbs/topic/images/2023-5/8fd632bf-2ad6-4752-8fcf-b70aa0583df1.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:32 GMT
Content-Type: image/gif
Content-Length: 1197751
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-request-id: 00000187EB7CE23794136B91380B9E1B
ETag: "6938343bc2a842c4d2c9c96f4dde0298"
Last-Modified: Fri, 05 May 2023 10:14:58 GMT
Content-Encoding: utf-8
x-amz-storage-class: STANDARD_IA
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSmAfv0AYqNRDfSOQNsAPy33rsnWmMQO
via: CHN-HEshijiazhuang-AREACUCC1-CACHE47[5],CHN-HEshijiazhuang-AREACUCC1-CACHE19[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE92[26],CHN-TJ-GLOBAL1-CACHE3[0,TCP_HIT,23]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
Age: 2597828
Accept-Ranges: bytes

aaaaa366.com/4bf5fa829cf7487b8d2af1df71854576.gif

103.189.109.58

200 OK

233 kB

URL GET HTTP/1.1
aaaaa366.com/4bf5fa829cf7487b8d2af1df71854576.gif
IP
103.189.109.58:443
ASN
#0

Requested by
https://hltv27.cc:8443/
Certificate
IssuerSectigo Limited
Subjectaaaaa366.com
Fingerprint85:99:AB:E9:57:DB:49:14:72:84:BA:7A:85:A8:F7:1B:F8:53:E9:61
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
233 kB (233337 bytes)
Hash
646f9eae2c893c67dc361a8d9b53c475
5cc10957c18a230738e672ad488fa0c3db4dd72e
e99cd96a2d28404ab2152308c458a800e3a822cb76745369c8a5cc43d64277d2

HTTP Headers

GET /4bf5fa829cf7487b8d2af1df71854576.gif HTTP/1.1
Host: aaaaa366.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6442a6df-38f79"
Date: Fri, 02 Jun 2023 04:44:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 21 Apr 2023 15:08:15 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-048
Content-Length: 233337

kjimg10.360buyimg.com/ott/jfs/t1/11485/26/19993/159344/6380cff8Eaddb83ad/2d34199053adb89b.gif

121.226.246.3

200 OK

159 kB

URL GET HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/11485/26/19993/159344/6380cff8Eaddb83ad/2d34199053adb89b.gif
IP
121.226.246.3:443
ASN
#4134 Chinanet

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT

File type
GIF image data, version 89a, 500 x 500\012- data
Size
159 kB (159344 bytes)
Hash
71bae233ea1e379c74b3b0c30a05abd5
32a4238cc7028a47cb701f66eb3919a0fe48e485
232d6ba8191916248cea4a25cd7fdf86b3c997406244d7ac6df9aa21571a577b

HTTP Headers

GET /ott/jfs/t1/11485/26/19993/159344/6380cff8Eaddb83ad/2d34199053adb89b.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:33 GMT
content-type: image/gif
content-length: 159344
cache-control: max-age=15552000
expires: Mon, 27 Nov 2023 21:14:41 GMT
last-modified: Fri, 25 Nov 2022 14:23:52 GMT
age: 313312
via: http/1.1 ORI-CLOUD-HUZ-MIX-25 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-12 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1685567681492-0-0-0-25-25;200;200-1685757258855-0-0-0-2-2;200-1685880993621-0-0-0-1-1
X-Firefox-Spdy: h2

kjimg10.360buyimg.com/ott/jfs/t1/201003/1/29449/45553/63819a65Ee13e1e99/4a0401f3b5e938b6.gif

121.226.246.3

200 OK

46 kB

URL GET HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/201003/1/29449/45553/63819a65Ee13e1e99/4a0401f3b5e938b6.gif
IP
121.226.246.3:443
ASN
#4134 Chinanet

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
46 kB (45553 bytes)
Hash
0565518c535dd6a9f6344aa1220c33ab
12ee73274f0496cf82c9a82b276fc3305ba51799
ae649cc3544778e3ca8c64069743dfe28864e1468852db94950c8042e5511eaf

HTTP Headers

GET /ott/jfs/t1/201003/1/29449/45553/63819a65Ee13e1e99/4a0401f3b5e938b6.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:33 GMT
content-type: image/gif
content-length: 45553
cache-control: max-age=15552000
expires: Tue, 28 Nov 2023 06:28:39 GMT
last-modified: Sat, 26 Nov 2022 04:47:33 GMT
age: 280074
via: http/1.1 ORI-CLOUD-HUZ-MIX-20 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1685600919397-0-0-0-77-77;200;200-1685716366095-0-0-0-1-1;200-1685880993630-0-0-0-1-1
X-Firefox-Spdy: h2

aaaaa699.com/1813d88c405c4fd49e62bd30e5d20f3d.gif

103.189.109.49

200 OK

23 kB

URL GET HTTP/1.1
aaaaa699.com/1813d88c405c4fd49e62bd30e5d20f3d.gif
IP
103.189.109.49:443
ASN
#0

Requested by
https://hltv27.cc:8443/
Certificate
IssuerSectigo Limited
Subjectaaaaa699.com
FingerprintEA:27:73:1E:3A:DD:00:9E:7C:82:A2:8D:80:56:C7:B3:35:D5:90:83
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
23 kB (22633 bytes)
Hash
954b9b5e333191ee8431570039c4b2c2
092bd5760988d7b0f40e69515903fdf590815619
28c6dff9afdad8d9b7dec5fa4190a34607c26d6c6722c3a795d9e8c6bc5c29a3

HTTP Headers

GET /1813d88c405c4fd49e62bd30e5d20f3d.gif HTTP/1.1
Host: aaaaa699.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "643ab195-5869"
Date: Fri, 26 May 2023 13:39:18 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 15 Apr 2023 14:15:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb109-039
Content-Length: 22633

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0c0f1f8286664033d79bb0554b6e2795
5fb64453c1d7b660da79b983ba8e4851dd4f5b2e
a1b26e27dd4e4de60360105dc07489a35adc9483a64edf10d00accf4ea8dfe21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 22:50:18 GMT
Expires: Thu, 08 Jun 2023 22:50:17 GMT
Etag: "5fb64453c1d7b660da79b983ba8e4851dd4f5b2e"
Cache-Control: max-age=383022,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d201b8e7e67b518-OSL

kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif

121.226.246.3

200 OK

1.3 MB

URL GET HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
IP
121.226.246.3:443
ASN
#4134 Chinanet

Requested by
https://hltv27.cc:8443/
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.3 MB (1296026 bytes)
Hash
5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320

HTTP Headers

GET /ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:33 GMT
content-type: image/gif
content-length: 1296026
cache-control: max-age=15552000
expires: Tue, 28 Nov 2023 02:55:46 GMT
last-modified: Sat, 26 Nov 2022 04:47:38 GMT
age: 292847
via: http/1.1 ORI-CLOUD-HUZ-MIX-24 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-12 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1685588146605-0-0-0-148-148;200;200-1685753930749-0-0-0-11-11;200-1685880993646-0-0-0-1-1
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0c0f1f8286664033d79bb0554b6e2795
5fb64453c1d7b660da79b983ba8e4851dd4f5b2e
a1b26e27dd4e4de60360105dc07489a35adc9483a64edf10d00accf4ea8dfe21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 12:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 22:50:18 GMT
Expires: Thu, 08 Jun 2023 22:50:17 GMT
Etag: "5fb64453c1d7b660da79b983ba8e4851dd4f5b2e"
Cache-Control: max-age=383022,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d201b8e1968b527-OSL

user-redirect-url-9.com:2083/New/a.php

45.119.98.135

302 Found

76 kB

URL GET HTTP/2
user-redirect-url-9.com:2083/New/a.php
IP
45.119.98.135:2083
ASN
#133199 SonderCloud Limited

Requested by
http://www.yli029.com/%E7%BA%A2%E9%A2%9C%E5%88%BA%E5%BD%B1%E4%B8%87%E5%8A%AB.rar
Certificate
IssuerSectigo Limited
Subjectuser-redirect-url-9.com
Fingerprint51:BB:B1:19:5C:0E:38:86:60:94:B0:1C:D7:28:2A:22:5C:A8:D5:85
ValidityThu, 30 Mar 2023 00:00:00 GMT - Fri, 29 Mar 2024 23:59:59 GMT

File type

Size
76 kB (75953 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /New/a.php HTTP/1.1
Host: user-redirect-url-9.com:2083
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.yli029.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sun, 04 Jun 2023 12:16:28 GMT
content-type: text/html; charset=UTF-8
location: https://hltv27.cc:8443
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

hltv27.cc:8443/template/kuli04/css/style.css

45.119.98.132

200 OK

52 kB

URL GET HTTP/2
hltv27.cc:8443/template/kuli04/css/style.css
IP
45.119.98.132:8443
ASN
#133199 SonderCloud Limited

Requested by
https://hltv27.cc:8443/
Certificate
IssuerLet's Encrypt
Subjecthltv27.cc
Fingerprint50:7E:0B:23:B6:02:90:26:AA:15:D9:23:45:AA:FC:DD:91:78:1E:E8
ValidityFri, 26 May 2023 03:48:19 GMT - Thu, 24 Aug 2023 03:48:18 GMT

File type

Size
52 kB (51887 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /template/kuli04/css/style.css HTTP/1.1
Host: hltv27.cc:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 12:16:29 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:49:31 GMT
vary: Accept-Encoding
etag: W/"6204dfab-caaf"
expires: Mon, 05 Jun 2023 00:16:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

121.204.246.23:7677/photo/960800401.gif

0.0.0.0

0 B

URL GET
121.204.246.23:7677/photo/960800401.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://hltv27.cc:8443/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /photo/960800401.gif HTTP/1.1
Host: 121.204.246.23:7677
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.staticfile.org/jquery/1.12.4/jquery.min.js

47.246.44.211

200 OK

97 kB

URL GET HTTP/1.1
cdn.staticfile.org/jquery/1.12.4/jquery.min.js
IP
47.246.44.211:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://hltv27.cc:8443/
Certificate
IssuerDigiCert Inc
Subject*.staticfile.org
FingerprintF3:77:67:81:E3:F1:30:9E:CC:CE:EB:B9:2B:C0:7B:08:AE:D4:60:15
ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32077)
Size
97 kB (97163 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Content-Length: 33987
Connection: keep-alive
Date: Sun, 04 Jun 2023 07:15:41 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "Flqdz772VaJmjni66-qo3G9B2Nq7.gz"
Vary: Accept-Encoding
X-Reqid: rCAAAAAEjK9pY2UX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Content-Transfer-Encoding: binary
Last-Modified: Fri, 21 Oct 2016 08:51:50 GMT
Ali-Swift-Global-Savetime: 1685862941
Via: cache26.l2de2[188,188,304-0,M], cache19.l2de2[189,0], cache8.se1[0,0,200-0,H], cache2.se1[0,0]
Content-Encoding: gzip
Age: 18049
X-Cache: HIT TCP_MEM_HIT dirn:4:171040842
X-Swift-SaveTime: Sun, 04 Jun 2023 07:15:41 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: 2ff62c9616858809909652354e

im.69im3.com/wg-2023440066/960-80.gif

0.0.0.0

0 B

URL GET
im.69im3.com/wg-2023440066/960-80.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://hltv27.cc:8443/
Certificate
IssuerBuypass AS-983163327
Subjectim.69im3.com
Fingerprint28:8F:3C:3B:B9:34:C5:A8:F8:B0:BD:C5:7F:81:05:30:8D:3F:9E:89
ValidityThu, 23 Mar 2023 09:39:40 GMT - Mon, 18 Sep 2023 21:59:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wg-2023440066/960-80.gif HTTP/1.1
Host: im.69im3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Sun, 04 Jun 2023 03:49:31 GMT
etag: "1685878717_br"
expires: Tue, 04 Jul 2023 03:49:31 GMT
last-modified: Sun, 04 Jun 2023 11:38:37 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, memory
X-Firefox-Spdy: h2

121.204.246.23:7677/photo/1501500411.gif

0.0.0.0

0 B

URL GET
121.204.246.23:7677/photo/1501500411.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://hltv27.cc:8443/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /photo/1501500411.gif HTTP/1.1
Host: 121.204.246.23:7677
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hltv27.cc:8443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML