{"report_id":"fc26e81a-4af3-47c5-bd53-a0f26457e3d9","version":6,"status":"done","tags":[],"date":"2025-11-21T12:16:12Z","url":{"schema":"http","addr":"hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"104.21.56.107","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"title":"小学生_搜索_第1页 - 小淑娘","dom":{"size":55021,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (43409), with no line terminators","md5":"6ae885d093ffec8c1bbe6eec7508691c","sha1":"73c41e57334c78077e30989b101baec3c3057fc4","sha256":"6b8747ccdee08aea5861dbf377888811729d2acc948b90e8aa83f75241b277d1","sha512":"2d43e4efeda28f104c6a0525072226e3f1081e613d5bb1e423678a6a938560459c71a34a94fe64d1c01d7daf1660be8869c17c57f247209a7501be024c38904e","ssdeep":"1536:ys9xDzP4VYfAsHagQfel2hMvMI0EsdrV6YCt/:7xn4u2hMvM6ss/","tlshash":"2f33c922d1c6667f071fc6c0af802b18a137137f8b530f46b9ea51b576c6ea5ac095cb","dom_hash":"domhashe6b8ab390e1d42c15de3dbe44ef3aa20","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"104.21.56.107","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-26T12:16:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-21T12:15:50Z","timestamp":1763727350,"ip_dst":{"addr":"47.79.65.159","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.10","port":50546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-11-21T12:15:50.463256+0000\",\"flow_id\":21744747613634,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.10\",\"src_port\":50546,\"dest_ip\":\"47.79.65.159\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"971tu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":4682,\"start\":\"2025-11-21T12:15:49.855490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-21T12:15:50Z","timestamp":1763727350,"ip_dst":{"addr":"47.79.65.159","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.10","port":50556,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-11-21T12:15:50.701494+0000\",\"flow_id\":1247388827566550,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.10\",\"src_port\":50556,\"dest_ip\":\"47.79.65.159\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"971tu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2025-11-21T12:15:50.115158+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"thjpg10.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"img2.gayzyimage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"v.155251105.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"thjpg10.top","ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2025-07-25","domain_rank":1625868,"first_seen":"2025-07-27T05:09:07.160248Z","last_seen":"2025-11-15T02:36:16.587708Z","alert_count":2,"request_count":2,"received_data":166131,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"images.20images32.com","ip":{"addr":"108.186.124.93","port":6699,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"domain_registered":"2025-10-05","domain_rank":0,"first_seen":"2025-10-08T23:30:16.61265Z","last_seen":"2025-11-19T08:04:42.171034Z","alert_count":0,"request_count":1,"received_data":512418,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pic.imgdd.cc","ip":{"addr":"162.159.38.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-18","domain_rank":0,"first_seen":"2025-04-19T13:53:55.178388Z","last_seen":"2025-11-19T19:17:54.323975Z","alert_count":0,"request_count":1,"received_data":56899,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"xm99.img4758972832.com","ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-09-20","domain_rank":0,"first_seen":"2025-09-23T02:00:58.693964Z","last_seen":"2025-11-19T06:13:15.060137Z","alert_count":0,"request_count":1,"received_data":443596,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"xing.sex8sex833.com","ip":{"addr":"216.180.228.114","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2025-02-25","domain_rank":0,"first_seen":"2025-09-30T04:22:11.843559Z","last_seen":"2025-11-21T00:42:15.108438Z","alert_count":0,"request_count":2,"received_data":17525,"sent_data":904,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"971tu.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.65.159","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-11-21T08:35:08.889924Z","last_seen":"2025-11-21T08:35:08.889924Z","alert_count":0,"request_count":1,"received_data":139918,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"la.lashayu.com","ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-05-31","domain_rank":3641502,"first_seen":"2025-06-14T15:54:25.098652Z","last_seen":"2025-11-14T15:56:39.913165Z","alert_count":0,"request_count":1,"received_data":108195,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pic.sex8sex844.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-25","domain_rank":0,"first_seen":"2025-11-17T08:50:51.130806Z","last_seen":"2025-11-17T08:50:51.130806Z","alert_count":0,"request_count":5,"received_data":588709,"sent_data":2250,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hpxjxc.xsn5.fit","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-09","domain_rank":0,"first_seen":"2025-11-21T04:59:08.142821Z","last_seen":"2025-11-21T04:59:08.142821Z","alert_count":0,"request_count":12,"received_data":327240,"sent_data":6637,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tuaskbgnekr.com","ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2025-03-12","domain_rank":193855,"first_seen":"2025-03-16T23:57:53.559575Z","last_seen":"2025-11-19T00:45:21.207897Z","alert_count":0,"request_count":7,"received_data":873646,"sent_data":3136,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"txdy.8rs8i.com","ip":{"addr":"138.113.20.20","port":443,"asn":54994,"as":"ML-1432-54994","country":"United Kingdom","country_code":"GB"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-10-24T02:48:28.910738Z","last_seen":"2025-11-14T12:27:27.433647Z","alert_count":0,"request_count":1,"received_data":119690,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"d18wfmxtvthwf6.cloudfront.net","ip":{"addr":"3.167.7.64","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-10-19T14:31:41.989548Z","last_seen":"2025-11-21T00:35:55.207265Z","alert_count":0,"request_count":5,"received_data":2012577,"sent_data":2282,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"img.bttimg.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-06-21","domain_rank":0,"first_seen":"2022-08-09T22:01:26Z","last_seen":"2025-11-21T06:07:45.778179Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"image.what.qpon","ip":{"addr":"172.67.222.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-27","domain_rank":0,"first_seen":"2025-10-14T08:22:48.958286Z","last_seen":"2025-11-16T06:17:50.520974Z","alert_count":0,"request_count":1,"received_data":1739558,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.jkuntp.com","ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2023-02-23","domain_rank":3345365,"first_seen":"2023-03-12T07:09:25Z","last_seen":"2025-11-21T00:45:21.858336Z","alert_count":0,"request_count":2,"received_data":109878,"sent_data":965,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"jkunnzyx.com","ip":{"addr":"23.226.76.18","port":443,"asn":53755,"as":"IOFLOOD","country":"United States","country_code":"US"},"domain_registered":"2025-04-21","domain_rank":376120,"first_seen":"2025-05-09T15:55:11.644647Z","last_seen":"2025-11-15T00:52:22.007851Z","alert_count":0,"request_count":3,"received_data":134288,"sent_data":1335,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img1.ah7907.com","ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-11-08T09:13:57.808607Z","last_seen":"2025-11-15T14:16:00.27445Z","alert_count":0,"request_count":4,"received_data":771438,"sent_data":1757,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"yj99.img4939463946.com","ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-09-20","domain_rank":0,"first_seen":"2025-09-22T06:11:16.161623Z","last_seen":"2025-11-19T16:22:40.512214Z","alert_count":0,"request_count":1,"received_data":643937,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pg99.img5504422276.com","ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-09-20","domain_rank":0,"first_seen":"2025-09-23T12:49:37.50716Z","last_seen":"2025-11-21T11:13:29.690942Z","alert_count":0,"request_count":1,"received_data":732503,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"v.155251105.top","ip":{"addr":"172.66.155.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-06","domain_rank":0,"first_seen":"2025-11-10T08:37:30.669181Z","last_seen":"2025-11-19T20:59:58.668559Z","alert_count":1,"request_count":1,"received_data":414,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"img1.askcdn1.com","ip":{"addr":"64.112.76.23","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2023-07-22","domain_rank":0,"first_seen":"2023-07-26T18:48:12Z","last_seen":"2025-11-15T05:06:19.122396Z","alert_count":0,"request_count":1,"received_data":11108,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.tibwf.top","ip":{"addr":"104.26.0.40","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-31","domain_rank":0,"first_seen":"2025-11-12T12:25:32.913932Z","last_seen":"2025-11-19T16:22:40.612569Z","alert_count":0,"request_count":1,"received_data":597799,"sent_data":458,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"img2.gayzyimage.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-07-25","domain_rank":3140778,"first_seen":"2024-12-14T05:52:43.803415Z","last_seen":"2025-11-21T00:36:57.718781Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.siwazywimg2.com","ip":{"addr":"64.112.77.33","port":5278,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2023-05-19","domain_rank":3750644,"first_seen":"2023-05-20T06:35:28Z","last_seen":"2025-11-15T00:36:44.277519Z","alert_count":0,"request_count":1,"received_data":30216,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"mbh99.img3229438778.com","ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"domain_registered":"2025-09-20","domain_rank":0,"first_seen":"2025-09-22T06:11:17.63324Z","last_seen":"2025-11-21T11:14:45.894723Z","alert_count":0,"request_count":1,"received_data":542736,"sent_data":458,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":61670,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2025-11-18T04:59:53.234065Z","alert_count":0,"request_count":13,"received_data":4509114,"sent_data":6361,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-21T12:15:50Z","timestamp":1763727350,"ip_dst":{"addr":"47.79.65.159","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.10","port":50546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-11-21T12:15:50.463256+0000\",\"flow_id\":21744747613634,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.10\",\"src_port\":50546,\"dest_ip\":\"47.79.65.159\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"971tu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":4682,\"start\":\"2025-11-21T12:15:49.855490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-21T12:15:50Z","timestamp":1763727350,"ip_dst":{"addr":"47.79.65.159","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.10","port":50556,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-11-21T12:15:50.701494+0000\",\"flow_id\":1247388827566550,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.10\",\"src_port\":50556,\"dest_ip\":\"47.79.65.159\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"971tu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2025-11-21T12:15:50.115158+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/static/js/jquery.js","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-05T08:45:06.752766Z","times_seen":60692,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d784a3ac7bef0efc43d4e8215083ccf","sha1":"6ef5054e9b6f183a502cae427baa7d5482db084c","sha256":"9f7da37444581b8825bca89e6046bfa0386ec88c786a7e5dbd3302913d989fc6","sha512":"98f8af1e486d681be19c0bb08a6ffc2f3a37180832abf58756148b8fa068a1bfed3d262f15446ab0286e8fae8b2efefb4df1db06659e89dc0b277f31cdfaff68","ssdeep":"","tlshash":"ffe0e526a5c15809495b7371e8ce05855775780368514f1cc00ad832afe91b8687fadc","size":403,"data":"","first_seen":"2025-04-02T02:40:05.557205Z","last_seen":"2025-12-10T14:10:20.947748Z","times_seen":4050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e98b7e186df9ba2b0f478161adaab44","sha1":"93011271af47c6421aa5b2abd549a598921bcbf3","sha256":"124039e4698f19d1d73819799ecfb2be5bb05a7c2a032732235f78e604339e42","sha512":"0c3ff496cee56fbeb94c1c91a7c3370d2a24285c63f6c08c19197c3f84f66eb5857e7f8762fbd7b40c02081383145aa349fafdeaef088454663199e0b7970f4e","ssdeep":"","tlshash":"c8e05c191b931039c1db73dbf5ed63a1157413041458a551850eced61e61e5ce9cf4e2","size":428,"data":"","first_seen":"2025-11-21T12:16:20.842313Z","last_seen":"2025-11-21T12:16:20.842313Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"57ca1679beecd06eaa00944bec96c8d5","sha1":"90d2c545a94b7fa7ea2a0bb2e79d47db91cf7164","sha256":"7c766318d776596c427c9707337cc501d4a06a8186257b80a24d129fc3b97d42","sha512":"971021ae72ea21612944d42c4b9048028e447eb31df65c34a3311c1a6246773b9d8465eb20cb52c6b34099d5a7a714d791cd2eed9323764eed0b3addd104aa6b","ssdeep":"","tlshash":"27e07d9a8841d2e6d986b3bbffe0d368e8983b193817d83207101cd6221336fd446b4d","size":332,"data":"","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-05T07:51:05.449808Z","times_seen":8968,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"pic.sex8sex844.com/20251119/umGnWoNk/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 12:24:41 GMT","end":"Thu, 12 Feb 2026 13:23:25 GMT"},"fingerprint":{"sha1":"5B:BB:AE:DD:E6:FC:52:AA:4B:4B:08:22:8C:6A:23:29:62:A0:F2:AC","sha256":"9F:BD:DA:CD:05:A4:E9:EA:25:05:88:FD:B5:97:F5:EE:83:AD:81:0E:17:F5:82:6B:A4:63:C5:75:97:EE:7A:04"}}},"request":{"raw":"GET /20251119/umGnWoNk/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:50 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 165711\r\nserver: cloudflare\r\nlast-modified: Wed, 19 Nov 2025 10:36:16 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691d9da0-2874f\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 17\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZqbsMmMjlcTRiVgDTqRcx4g97qA0O%2Bigo08nbTlxcivUaqXmq2pIWxY3Im8CpKruIzSMKAuyulLDPJC6MmhDBOm%2Fn1Bu3sZ9wblblkipoQmJWQ%3D%3D\"}]}\r\ncf-ray: 9a201d61cade76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":165711,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x538, components 3","md5":"c568e2d8cc15169fdf7efe59f27b3da0","sha1":"f01a2a82e0030effdb7267de472e287ac94ee111","sha256":"8ad531aabe9c6e76600ae72c7d76390320cbd47466aa3146c4c3cf779e891190","sha512":"b28c657e0408ae45bae86d43b51dbeb2512cd6c88feaca585c78948746a9215812bc13d4ada43ea530fbd452709e7d05e87b86d2be0235be6fa0c12329fe65cf","ssdeep":"3072:+fdRWcGYiab5qnNvttngfm1ZED6TTpbWNkrjPOtCE4LVyYbduOoEkORvreQs:EY/Xab5qnjtnu0aIoNOOtCbLVv/oEJRA","tlshash":"def313336d79504173804a7eee163a5d0ae5c87351b8bf306efa2edbec26d258e45093","first_seen":"2025-07-26T14:12:49.528557Z","last_seen":"2025-11-21T12:16:20.776473Z","times_seen":3,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":141,"dns":0,"connect":0,"send":0,"wait":29,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntp.com/upload/vod/20251117-23/ba954af0dd51caacb58cdac52b4c1385.jpg","fqdn":"www.jkuntp.com","domain":"jkuntp.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntp.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 16 Mar 2025 16:00:52 GMT","end":"Wed, 15 Apr 2026 16:00:51 GMT"},"fingerprint":{"sha1":"13:82:6E:FD:22:A6:75:AF:0E:AE:85:B2:6A:97:BC:28:30:41:41:12","sha256":"50:62:73:3B:FC:2E:0C:CA:14:8B:44:E2:B4:B5:5B:20:6C:AA:A6:E4:97:C1:05:C1:6A:A6:C0:5E:92:40:4F:5A"}}},"request":{"raw":"GET /upload/vod/20251117-23/ba954af0dd51caacb58cdac52b4c1385.jpg HTTP/1.1\r\nHost: www.jkuntp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 21 Nov 2025 12:15:51 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 37920\r\nConnection: keep-alive\r\nLast-Modified: Mon, 17 Nov 2025 02:32:26 GMT\r\nVary: Accept-Encoding\r\nETag: \"691a893a-9420\"\r\nExpires: Wed, 17 Dec 2025 02:53:48 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37920,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, extended sequential, precision 8, 260x360, components 3","md5":"d2ff4fde20a2e6ae12ceda68ae9bc312","sha1":"76d85c1d26b8465b6acb1a4a76f3c3c8c3b66cc8","sha256":"5405e4a3817d6659390d7da9138061c1528ca70cdcad4da5a3f32ab6e780c129","sha512":"9cd115cae3c7e8ce2150be953e45191eb9ccb206963a25b792e144b8f850bd054edbef7cb4a6195b7196cfecce61b60cf30237d68d3ac817d72fea4f96954195","ssdeep":"768:DcrG/L7NNOZhsR5m/elDflqjT1HdBZIsX7px3wwXL3z2gBBsPjLfUUuz:aGYsRmgRARGkRFXDSeePjLMUuz","tlshash":"ca03f19ab37c41bfe392841141a722f852fc1d882889bec3516114d5bf4ecd2f4a9a5e","first_seen":"2025-11-19T02:09:57.80848Z","last_seen":"2025-11-21T12:16:20.77724Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1999,"timings":{"blocked":-1,"dns":4,"connect":146,"send":0,"wait":189,"receive":167,"ssl":1491},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN01c50sbQ22AEqpNP0zZ_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN01c50sbQ22AEqpNP0zZ_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 871697\r\ndate: Wed, 05 Nov 2025 07:20:59 GMT\r\nlast-modified: Wed, 05 Nov 2025 07:13:37 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.019\r\ntraceid: a3b5f3a417623272591807076e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache1.l2de3[0,0,200-0,H], ens-cache15.l2de3[1,0], ens-cache7.se2[0,0,200-0,H], ens-cache7.se2[5,0]\r\naccess-control-allow-origin: *\r\nage: 1400090\r\nali-swift-global-savetime: 1762327259\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 05 Nov 2025 07:36:08 GMT\r\nx-swift-cachetime: 31535091\r\nvary: Accept\r\ns-rt: 5\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496698017e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":871697,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"9cf1b99e57cd615d9f338db3dc12717c","sha1":"12c33441ad7526f90c526e51da32427931e64a87","sha256":"a792896bac85c7746d1bd39dacc8b37d067a0aa6db310b582e47232d123704b0","sha512":"e8a20443228be32642f94cc0a56b044843cb737565281ad6db9a0eff43c048a58f657c4c269118f45a22a6bb7a7d43723fc763a3bf38ed042f75c9e17ad9e1ef","ssdeep":"24576:vBsNCFG6mmO3izqR9299hTO8wolcjH17R6Lw:vfG6mmuizqnK9U8wookw","tlshash":"8a05330e49a136d50209d3b963354fe2aa2ded76160b05d549477e24bf0b9bca8703ff","first_seen":"2025-11-07T23:18:50.649061Z","last_seen":"2026-02-28T02:39:37.298598Z","times_seen":2678,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":330,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/img/titlebg.png","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:51.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/img/titlebg.png HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/main.css\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 11109\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 08:23:37 GMT\r\nvary: Accept-Encoding\r\netag: \"630f1a89-2b65\"\r\nexpires: Sun, 21 Dec 2025 05:31:59 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 18\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cHs f ])\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ESLotci2vbBbXBImKQnD7R6lptM6VpCTR6DoPKuECRDO4bda7%2Ft3cDefxkH%2BGoDWfe9MY7tLe%2B7m1Mej7Yk6xe4WQbqeHaWm%2FdwJpDtojg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a201d699ada0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11109,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1142 x 38, 8-bit/color RGBA, non-interlaced","md5":"15b8f1c4482a937c4e86fb9e36f81340","sha1":"9ef97a7020e59e676117b2cf96d430bad5efdd2e","sha256":"4eb6effa4591a54e0b223700d183f5093b6d4a7281bc3d1bb6221e7202576167","sha512":"5854379277017f9e2861589659c70fb4e3476397e622ee310c43ec649b4b693262bbefa8b8caae26f932066763bf9429fa72b229959abcae29ad28dc3535b951","ssdeep":"192:QDu5jNjEWsibE0/P0WLeOgB6vYEuZ2o30LOItEejTNb2aGlLtAVZVHx:QDuFNj7sM/PY8vYE2LevNb259OnVR","tlshash":"0232bfdaf964b426c29a916170eb4012412a1db5cce7b835c64ed0e00f9f5f5826cbc7","first_seen":"2025-11-21T12:16:07.256693Z","last_seen":"2026-02-22T09:39:41.866681Z","times_seen":5,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tibwf.top/images/6870b3c7e71fc091f5bcf32c.gif","fqdn":"www.tibwf.top","domain":"tibwf.top","tld":"top"},"ip":{"addr":"104.26.0.40","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.tibwf.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 31 Oct 2025 23:28:23 GMT","end":"Fri, 30 Jan 2026 00:28:17 GMT"},"fingerprint":{"sha1":"35:05:9A:48:ED:82:07:C8:F6:EC:7D:6E:06:38:F2:D9:9E:59:47:CB","sha256":"45:E8:7A:22:0A:BC:65:B3:8A:A1:E8:F8:AA:18:95:55:6F:CC:8D:D4:E0:ED:6D:EC:4D:24:3D:5E:82:3C:A4:DF"}}},"request":{"raw":"GET /images/6870b3c7e71fc091f5bcf32c.gif HTTP/1.1\r\nHost: www.tibwf.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: image/gif\r\ncontent-length: 597107\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nlast-modified: Fri, 11 Jul 2025 06:48:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 28347\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zZGLdbWrgJSUlFQaGwkQkc%2FMGMB9P2vs10J84ww4INjnTmffv6Gr6XKRDt1bDWuBu3l46G2jSy80imOJGNM6MYf71tGar2IEahqMnFQ%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9a201d5f3fb12efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":597107,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"e1bfe1c54709bc1941efbb1359932a57","sha1":"fc0cf4f6ec82402eb43139b0af32f76aa9fc903f","sha256":"8f2e9c492179ba0851f52d197057b7d600de36ff10d08d4d1b1cb218e0c0b58a","sha512":"ed015dad8e3a269268c8256776c8f14fb7424300d467d8c35116b45692949e3b9b7127f92ab321752f43cef86f98396d3e47dd44b6dc3636ef2aa146a7145c49","ssdeep":"12288:dqk4zizyNDq3fhJz69bXfXSsGbrP47xOjBGclmJ7:sk4XDqz67CsG44Nzq","tlshash":"78c42377b85ca50fc86ca417fac8eeb51c438a4f79d2e8d18aa43593b74446d388e436","first_seen":"2025-08-31T07:56:49.464425Z","last_seen":"2026-01-04T07:59:32.818675Z","times_seen":4438,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":2,"connect":3,"send":0,"wait":7,"receive":22,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jkunnzyx.com/20250606/CDqjtnFl/1.jpg","fqdn":"jkunnzyx.com","domain":"jkunnzyx.com","tld":"com"},"ip":{"addr":"23.226.76.18","port":443,"asn":53755,"as":"IOFLOOD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkunnzyx.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 21 Apr 2025 22:32:53 GMT","end":"Thu, 21 May 2026 22:32:52 GMT"},"fingerprint":{"sha1":"5C:AB:E5:A8:E4:AE:C3:22:F4:0A:A8:5E:67:A2:82:7C:2F:E9:FF:15","sha256":"F0:E6:94:84:C1:8B:61:08:C8:8B:73:5D:FC:4C:45:F6:D0:B9:83:3B:D9:48:CA:24:D1:E5:E2:E6:94:A4:A5:2C"}}},"request":{"raw":"GET /20250606/CDqjtnFl/1.jpg HTTP/1.1\r\nHost: jkunnzyx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 18247\r\nlast-modified: Sat, 07 Jun 2025 01:47:34 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"68439a36-4747\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18247,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 399x225, components 3","md5":"c881776c26f0f4b0b6b81f4726998a25","sha1":"abe88f8bb2f5c9a00742b1f6cc560f9c63d9a1d0","sha256":"8fd23bedc4bd162a119ead0361f61e9588fa1c23e43a67a83d68611d04211bbd","sha512":"c92ae418cc4d33d45c3408f10a2af32f65c5f551c478945a17e24b6e55ec5029ebe59e7d85900d9f6d6b20080147bbbb2cc36cf16c18bde41e5c502f750c105a","ssdeep":"384:GibJG8RwfdnZQDKZ2B/psGwQnvJ3NomVcUDwHTAzQy+aiF+xfb:GilifyHnsGrhXZsH0sy+1I","tlshash":"2a82d1aa5b13a3768b0b1fc35f41495815079eeac4bf1b721017836c58a5ddff2d02da","first_seen":"2025-11-21T12:16:07.311838Z","last_seen":"2025-11-21T12:16:20.781993Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2214,"timings":{"blocked":229,"dns":3,"connect":149,"send":0,"wait":145,"receive":143,"ssl":1542},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20250321/xvPLY0Gu/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20250321/xvPLY0Gu/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 120207\r\nlast-modified: Sat, 22 Mar 2025 02:48:37 GMT\r\netag: \"67de2505-1d58f\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120207,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1436x808, components 3","md5":"178bbb428701f63b479307e9a8d3ca29","sha1":"c3f3fcc044539f70d152c696806386ac138d82ee","sha256":"92013bd233be7f0c096554629b4e66445d5b124ddcecc3a87a1dd207280ee6fe","sha512":"c2f96203e75fc2c430647edfae2d7d87f71311d8532030f4bee6a05783ae05e90b714d96ef1b508b386435d27ff843529820eae200079be249cc01d095d8e224","ssdeep":"3072:Kk0Aj5jwLuyuT8/26ONXWcubxXl9WdTfdBjvtk4qHZqEZf8KQ90Km:KDAj9w4T8dOXWjxV9kfzjvtk4qHZqEGO","tlshash":"78c31209605b0f94f46646bc1edcc4a8f3dfa150b5160262b89a9d079bffb506e8cf25","first_seen":"2023-09-13T01:48:22Z","last_seen":"2026-02-01T14:42:50.955859Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2136,"timings":{"blocked":-1,"dns":7,"connect":152,"send":0,"wait":148,"receive":423,"ssl":1379},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thjpg10.top/upload/vod/20251118-1/ff21795dab41ea6189ceab71d7b93dd0.png","fqdn":"thjpg10.top","domain":"thjpg10.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thjpg10.top","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Thu, 23 Oct 2025 00:00:00 GMT","end":"Sun, 22 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A1:DD:6F:C8:CB:E5:E4:9A:08:29:AE:9D:02:A4:3A:C4:A4:54:50:DF","sha256":"2A:56:36:CC:F2:D8:91:6F:CC:98:1D:43:D0:BC:EC:7E:0D:B7:58:7B:CD:1F:F6:45:BE:B6:F1:44:38:00:C7:47"}}},"request":{"raw":"GET /upload/vod/20251118-1/ff21795dab41ea6189ceab71d7b93dd0.png HTTP/1.1\r\nHost: thjpg10.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=2592000\r\nContent-Type: image/png\r\nDate: Mon, 17 Nov 2025 17:00:23 GMT\r\nEtag: W/\"691b518e-13e3d\"\r\nExpires: Wed, 17 Dec 2025 17:00:23 GMT\r\nLast-Modified: Mon, 17 Nov 2025 17:00:23 GMT\r\nServer: nginx\r\nVary: Accept-Encoding\r\nX-Cache: HIT, policy, disk\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81469,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"189e3fcb25a899955ab61be2711deb5d","sha1":"04768ce93f33561e7fc18ecdcc4554531455f8aa","sha256":"4c9a38d859327bd13caa2e7ca4c717892c38ae5056fce861867b9783be4065a3","sha512":"408160822012fff3434cb00b180e625542be99551049e89ca638e723bacf86cb5a24769d1b4abb057ffc57300ac97789bf164e9da2fa942951895e337378a959","ssdeep":"1536:sZBwaC1rB1hRzb3Ftca7aMeM73Cn3e2IpCoKby4Z4G4wuhIDshY4Y21ZAMluebwf:WBwvrdR3FCa75eKC35bHZ9NuNhY4Y48v","tlshash":"4183025ca719f6e8b41d62e0ecf3a79bc9973a180dc3e55b213c5b5ab1941c6383d05c","first_seen":"2025-11-21T12:16:07.233657Z","last_seen":"2025-11-21T12:16:20.784796Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2287,"timings":{"blocked":493,"dns":3,"connect":107,"send":0,"wait":108,"receive":300,"ssl":1275},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"thjpg10.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:52.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 292628\r\ndate: Tue, 11 Nov 2025 08:54:59 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 2ff6319517628512988766131e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache6.l2de3[0,0,200-0,H], ens-cache5.l2de3[0,0], ens-cache20.se2[0,0,200-0,H], ens-cache7.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 876053\r\nali-swift-global-savetime: 1762851299\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 11 Nov 2025 09:03:40 GMT\r\nx-swift-cachetime: 31535479\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273524282671e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":292628,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"3a29654deae45805d8794954abbb5044","sha1":"42691fc8287fde23d6f03fb34434deabb343df14","sha256":"cc2627b8bf79a940675f68df3fcdb91bf14a94b98c1938dd334c2bfc62538bb3","sha512":"b272db82b275b8f2f0fe414b1f339432bc2663520931f602714e2ede08e8b655f766060cff98dda94f176180b3bcdc53a6e382c4faa10ce67ca13e8008f65353","ssdeep":"6144:Nq0IoTY/D/9IDmn8IDVS+jIDmn0JVr3AW9DuCDP:LTcNl5H03QuDuCDP","tlshash":"3c541216e3668b1f117098c1a1f16d7efaedaa1736f5aef1450c4c42053f9e8a339c62","first_seen":"2025-11-09T02:30:37.967304Z","last_seen":"2026-04-05T07:51:05.446961Z","times_seen":7820,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/static/css/a_pc_wap.css","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/static/css/a_pc_wap.css HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 24 Oct 2022 09:16:10 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 21 Nov 2025 16:58:41 GMT\r\ncache-control: max-age=43200\r\nage: 26228\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MxpayH%2FmTzt21tRh43md759tkq1OhAk16JfFNh1pS%2B2CZp8%2Fcg%2B96dPOwOPo75nzR23dwR4I%2FNImlaWWFQg3rPfH40AlxnUu2OGcXqu0gg%3D%3D\"}]}\r\netag: W/\"635657da-b3c\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d5efb320daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2876,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"74a8b81d486fd0fab0c1e1a21faf815c","sha1":"3671d10e96160cba777510eafe225a6fab98dbdf","sha256":"db0fd01915d66b5e8e03851256f02c85422be168cf9b2b68ab776878447f9e1c","sha512":"9399229eae7fd56b29d69e0cacc7b2a439aa45fb392df8549e04ed3fd81ee280694bf2a96acebdfc759862fb7a863fcba5e4adc4228c40bb25ac75fbca504226","ssdeep":"","tlshash":"2e515a162b6f2488a80ba1b85fb567686a294053bb0fcc2975547324ff4e78d09b2789","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-05T07:51:05.444704Z","times_seen":9239,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN010VSdzL22AEqzDrltk_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN010VSdzL22AEqzDrltk_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 502695\r\ndate: Tue, 11 Nov 2025 11:45:37 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: a3b5398b17628615373413615e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache11.l2de3[0,0,200-0,H], ens-cache4.l2de3[3,0], ens-cache20.se2[0,0,200-0,H], ens-cache7.se2[1,0]\r\naccess-control-allow-origin: *\r\nage: 865812\r\nali-swift-global-savetime: 1762861537\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 11 Nov 2025 16:54:42 GMT\r\nx-swift-cachetime: 31517455\r\nvary: Accept\r\ns-rt: 1\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496948044e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":502695,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"240edf1eb782e5d0fbdf779d8d4a68c7","sha1":"ebe3001ffc36bdace312bccae848d78da5c4418a","sha256":"82557455514232bc7e961f4b6e6d7b8a72448a682730bd77e616fdb53b0bb356","sha512":"d4ede7b3daf2692bb4468770e56008b82620ec15a12de90c1c58c1bd95dad8fdf1c2676e89764d10c885136e41b57c9790edb2fd74ddb9da01559339248512d0","ssdeep":"12288:iIGndvZPj+qNK6OGO0dy2Wcmg9qtgfJLozo+:vGvyqNK6OGO0EcBqcLozo+","tlshash":"70b423c44b398516e0b8497e619d0baf6c95dca8a323dcf523148cb7e1c96f5b498ef0","first_seen":"2025-11-12T07:17:27.687216Z","last_seen":"2026-02-28T02:39:37.387515Z","times_seen":4075,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":4,"connect":11,"send":0,"wait":117,"receive":12,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.8rs8i.com/960x120.gif","fqdn":"txdy.8rs8i.com","domain":"8rs8i.com","tld":"com"},"ip":{"addr":"138.113.20.20","port":443,"asn":54994,"as":"ML-1432-54994","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.8rs8i.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 22 Oct 2025 00:00:00 GMT","end":"Mon, 19 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8B:87:AA:E8:24:6F:3E:F5:A9:13:11:F0:F9:2F:60:08:5B:31:E3:CC","sha256":"E8:EF:03:B7:B4:CA:29:85:50:10:C4:6D:D9:32:35:51:C2:A7:3A:1E:F4:99:5A:7F:E0:A1:DB:87:DC:16:90:14"}}},"request":{"raw":"GET /960x120.gif HTTP/1.1\r\nHost: txdy.8rs8i.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/gif\r\ncontent-length: 119152\r\nexpires: Wed, 17 Dec 2025 04:15:54 GMT\r\nserver: nginx\r\nlast-modified: Wed, 12 Feb 2025 08:43:50 GMT\r\nvary: Accept-Encoding\r\netag: \"67ac5f46-1d170\"\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: 1.1 PS-ORD-04i3e151:2 (W), 1.1 PS-FRA-01uMN61:12 (W), 0.0 PSygldLON2sh67:2 (W)\r\nage: 374397\r\nx-px: ht PSygldLON2sh67none\r\nx-ws-request-id: 692057f7_PSygldLON2sh67_52025-29217\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119152,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"dd3f2661676f6682f1540931e5527dcd","sha1":"1910263524e2745c1a1efcc2568be5a6b1dfa844","sha256":"dbf137cfde6ff5c8a86d08cf1a08a916419d788ca24ada9a3f73f7290655983e","sha512":"30bbfd2100dd507927cb9303e9d620027ae6075d4a4ec8e93a6a54e9b1ef31c405d7d92d8ba1a931c042f0bd2948a8dca5c27b4a3d62b5cff325f0d9ae5050aa","ssdeep":"3072:3FT9sD3nPzYQeu7N3bB3LfED2GouWc/dNehYXanWDvp:t9ebLeuLcW8dNwkp","tlshash":"b5c313533b82f4211555f086692ae4e0b4ae81039dd7f8fcf78761e68ba52d14893f37","first_seen":"2024-12-30T04:38:35.424563Z","last_seen":"2025-12-29T03:27:19.878642Z","times_seen":6932,"resource_available":false,"data":null}},"time_used":1576,"timings":{"blocked":-1,"dns":3,"connect":20,"send":0,"wait":24,"receive":38,"ssl":1490},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20251120/Y6AP2no8/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 12:24:41 GMT","end":"Thu, 12 Feb 2026 13:23:25 GMT"},"fingerprint":{"sha1":"5B:BB:AE:DD:E6:FC:52:AA:4B:4B:08:22:8C:6A:23:29:62:A0:F2:AC","sha256":"9F:BD:DA:CD:05:A4:E9:EA:25:05:88:FD:B5:97:F5:EE:83:AD:81:0E:17:F5:82:6B:A4:63:C5:75:97:EE:7A:04"}}},"request":{"raw":"GET /20251120/Y6AP2no8/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:50 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 55561\r\nserver: cloudflare\r\nlast-modified: Wed, 19 Nov 2025 18:35:31 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691e0df3-d909\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 17\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yLlKwzCWFb%2Blm87dauYSD0%2Fa9LRdlkliyAyYPrMjDMVGzoGjeNLQ6LTmLMLdFR0v0bylWwr9WELACsoaQOKnxdR%2FEg4D1vf3UEeRMWiBkocfNQ%3D%3D\"}]}\r\ncf-ray: 9a201d61cada76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55561,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 850x478, components 3","md5":"08a0d6d7d68db997c4d0b8aefefef252","sha1":"5826dc95ee40993d73dd23e42d14a77f779ce2f3","sha256":"757a3abe10dfc8d24f9ace41af221ec7387eced6c0f3d82053e9bbe43c3c7307","sha512":"b280e468a48af4dc5025c8e52c0690cf6f982803071d79296927726dca4ce0973a7e584a2b861c8159c0a09811003c752fe22bf0eceee2c3c719845957984156","ssdeep":"768:LNWwKEJ0J3Lzo4CFUVu/3ztfhgN1sEBI8NpB2UraZlVERqPQwGN+NyD9nKCkeCVq:5WOS3Lz/CMu/3ppICJ2YxPRGNBGBq","tlshash":"7743f1a0d367906143da533471c540e90afbd7f9a616abe88a625f1be943c7cce1c287","first_seen":"2025-11-21T01:03:41.204019Z","last_seen":"2025-11-21T12:16:20.789794Z","times_seen":6,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:52.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 44406\r\ndate: Sat, 08 Nov 2025 08:42:46 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: a3b55ca117625913666853618e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache2.l2de3[0,0,200-0,H], ens-cache11.l2de3[1,0], ens-cache9.se2[0,0,200-0,H], ens-cache7.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 1135986\r\nali-swift-global-savetime: 1762591366\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 08 Nov 2025 09:25:38 GMT\r\nx-swift-cachetime: 31533428\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273520712338e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":44406,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"7fe888844a25455b732401ff74cfd8ab","sha1":"8d19e04de42c10ba020a85c53ce0a89e68228df8","sha256":"f85ce364be6d1d2dd090b2fc02ab3e6dc3013b61a85576e4c0eb4ad8fa408e31","sha512":"a046e5c42fbd73895fe7f7add8d2511b9f5aa297d99ec108c8f47cd4546a16af813bfc54314c865b4c13a74c7be17429c341d1ecc327ee344074221732ba2d2e","ssdeep":"768:/6Qbzz7QUHPIskU5/Eg59QCK5Py43ZKFbVeI0D0gwKjewJ+Tsxfz0JWOyndv7mzv:ykQnskU9lXFK5P3ZKFbV10YRKjdfzOgW","tlshash":"3813013d7682d0410e2e367675f0c638fb9ad9dac96d34dbba795528644403c7c0939b","first_seen":"2025-11-09T02:30:37.980535Z","last_seen":"2026-04-05T07:51:05.443327Z","times_seen":7901,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.20images32.com:6699/images/960x120.gif","fqdn":"images.20images32.com","domain":"20images32.com","tld":"com"},"ip":{"addr":"108.186.124.93","port":6699,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.20images32.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 05:38:04 GMT","end":"Sat, 03 Jan 2026 05:38:03 GMT"},"fingerprint":{"sha1":"A6:DF:20:15:C6:DC:EC:F5:08:F3:B0:3C:36:57:BC:E2:28:CD:BC:70","sha256":"9E:6D:75:FF:39:3E:55:6A:6B:05:05:36:68:94:8F:D6:08:70:7B:51:E8:2F:CB:94:E5:D8:49:A6:EB:3B:83:2A"}}},"request":{"raw":"GET /images/960x120.gif HTTP/1.1\r\nHost: images.20images32.com:6699\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/gif\r\ncontent-length: 512095\r\nlast-modified: Tue, 08 Jul 2025 08:10:41 GMT\r\netag: \"686cd281-7d05f\"\r\nexpires: Sun, 21 Dec 2025 08:21:39 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":512095,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"468c2fc9db52e86befd7ba1e4ac569f7","sha1":"80027990f3e4b068c398f043a29fdf558c6a1d2f","sha256":"7dbafa97a626c5f036f46b4273d15f2b9b28c28b19c6d829139f5d67df25230d","sha512":"9bede77dd7e101a1d9e8ac93c2a807f3708abc3918e3e3889f51ddd29571b598166df66804fa0d52de76f69a89ff54055be949362a1569da545ef19dc3d997cd","ssdeep":"12288:Z82M4CK89DayL0wrLxDYuI4DZbHaSsVTHQRaTp:ZrM4CPNa1g4SIHQEp","tlshash":"b8b42327c13bd80e99f6c36d289356c0e8a8787e359dd8d56cc8543d43ad2a383fb949","first_seen":"2025-07-14T08:10:17.542859Z","last_seen":"2026-04-04T12:41:56.473124Z","times_seen":3775,"resource_available":false,"data":null}},"time_used":2575,"timings":{"blocked":137,"dns":6,"connect":171,"send":0,"wait":159,"receive":756,"ssl":1323},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.imgdd.cc/item/691eb51fc828c4c6def9b926.gif","fqdn":"pic.imgdd.cc","domain":"imgdd.cc","tld":"cc"},"ip":{"addr":"162.159.38.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pic.imgdd.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 09 Nov 2025 07:15:46 GMT","end":"Sat, 07 Feb 2026 08:15:38 GMT"},"fingerprint":{"sha1":"66:C3:3E:44:EB:9E:4F:1E:FB:0B:C1:E1:0E:88:20:1C:7C:65:FC:1C","sha256":"11:74:CA:2D:40:F1:3F:D8:B1:3F:0D:54:72:70:6C:8B:D2:68:02:DC:1B:B7:74:DA:01:75:D2:C0:29:4E:18:45"}}},"request":{"raw":"GET /item/691eb51fc828c4c6def9b926.gif HTTP/1.1\r\nHost: pic.imgdd.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: image/gif\r\ncontent-length: 56167\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncf-bgj: imgq:100,h2pri\r\naccept-ranges: bytes\r\ncf-polished: origSize=57594\r\nlast-modified: Thu, 20 Nov 2025 06:28:47 GMT\r\ncf-cache-status: HIT\r\nage: 106782\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nZduhhzwoWkVt9PjtKgy5Nyn%2Fj6ej3xbZjpmlsKyXB7wqZ48o4rRnkWMdxuIzsuogW6Ploo8jU7Owm8fGsrOgCmTnyBdeYn9pw%3D%3D\"}]}\r\ncf-ray: 9a201d5fbf4aabd4-CPH\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56167,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"6bfc5b42adf415b36f52556abbd7f0b1","sha1":"aa1b07c32dc3d9e4d36f770ab8ddf2b46802c2ea","sha256":"49345c550b0db1903d12d8f04eb47982e6f167d8a3477faed86905a3471d7fd4","sha512":"4ad901ca29618da8c582d628a84f39d534a989a2eb2045200071f8be4c764b7130ea6cb035f19750ed9bc264dee70c5b5ce91469bd39163d9e66f544e2cbc39e","ssdeep":"1536:dqp7QTthFme9OQUw5ze2081NEa4y0oiiKj5:M9QTJmgOHGz9z1Nluxb","tlshash":"1443012ca0f83ed9cdc45631e5636f46b4eb4d9229d0ab31d981acb1072d11f6af948a","first_seen":"2025-08-01T17:20:36.506734Z","last_seen":"2025-12-19T01:13:27.587792Z","times_seen":2366,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":1,"connect":27,"send":0,"wait":35,"receive":3,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/ky61-960x120.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /ky61-960x120.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: NgxFence\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44406,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":3411,"timings":{"blocked":1768,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":1377},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20251119/KEOAtcML/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20251119/KEOAtcML/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 392083\r\nlast-modified: Thu, 20 Nov 2025 02:12:21 GMT\r\netag: \"691e7905-5fb93\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":392083,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3416x1920, components 3","md5":"eed2db0178b52ec2c4887bdeb017c742","sha1":"76ff4a3a3e799706938a73f84c4c47ca9252090a","sha256":"aff61d8d4d28d47c857ef13b4071629d1e67729c385636b37eb354f826bd44a7","sha512":"ad0e88483e22020b252de25260003968857b9ccb1d582e1fe62d5db0a7776d7fe9946d47834c744bd0509bd008ede652ce1439291cc5ac2ce4792050f09b7199","ssdeep":"6144:6Zv20PS5cwIldiBJTMsV4cFoOPK3qA6Z+g0ZkUieFTQoOY1HNhkPIQaRBocT:/0KewVYZcdK3qAsi4exQo31tKAQa4cT","tlshash":"5a8423e3abac87b5ead62372d4633a0554074bba07d256538b1f0461d83afd7788f842","first_seen":"2025-11-21T00:37:15.437436Z","last_seen":"2025-12-04T07:26:55.998896Z","times_seen":25,"resource_available":false,"data":null}},"time_used":2343,"timings":{"blocked":366,"dns":8,"connect":144,"send":0,"wait":352,"receive":188,"ssl":1282},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/ZFU/voo4SX9y/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 12:24:41 GMT","end":"Thu, 12 Feb 2026 13:23:25 GMT"},"fingerprint":{"sha1":"5B:BB:AE:DD:E6:FC:52:AA:4B:4B:08:22:8C:6A:23:29:62:A0:F2:AC","sha256":"9F:BD:DA:CD:05:A4:E9:EA:25:05:88:FD:B5:97:F5:EE:83:AD:81:0E:17:F5:82:6B:A4:63:C5:75:97:EE:7A:04"}}},"request":{"raw":"GET /ZFU/voo4SX9y/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:50 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 169878\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 20:20:56 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691b83a8-29796\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 17\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLc%2FppI5dRjwPX3f7v%2B8A9Uu9F8kwN6GpPO3qIjNTpuQwJVIphl1JYhfL1%2B5%2BUV5OlNs5n%2FHI9YU%2FU%2BmgAVIcWbnybcQDriZZDN6Jqv4YA%2FwGQ%3D%3D\"}]}\r\ncf-ray: 9a201d621bff76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":169878,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x538, components 3","md5":"fdb4900efb797b479fd33a9d706b0ee8","sha1":"a0ec35e7557308eeed2e971a59149d69aea79bb6","sha256":"b4084a145ed4535f0ea3ca056e303325232f10ab6bf619b1772fe19ef32f8c85","sha512":"7444332478033fe9ce199c6d89629db75bdc9f11b4ad56438117636c95904a1ea093b9f56cd1b59e6f7fc0695390a7acc26264e1e273b63f41907f8c1143a232","ssdeep":"3072:/W4YpKM9gpbfG/f2BZfIovMW1fEuM1KSq+7vXQMvuBbWRDFx+Gttdcf:DyKM9gkXgfdt1fEuM1LpXlEqRD0f","tlshash":"12f313a32706ced9fe9a91bc657d8a72d71583671188440f86bc814f3ad38e6e1db343","first_seen":"2025-11-21T12:16:07.278434Z","last_seen":"2025-11-21T12:16:20.793111Z","times_seen":2,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":5,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/media.css","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/css/media.css HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 22 Nov 2022 11:05:12 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 21 Nov 2025 16:58:41 GMT\r\ncache-control: max-age=43200\r\nage: 26228\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y2Sr8XlFyUurDSIhIjpHUi4p1g60J9%2FqVq6ErAPLS7KOakznxy4qw8yQy8Cie7fWb6PTlTtr%2F1RHuD5qYDkIgIrLLSGdQRk9Mv1LX3CJKA%3D%3D\"}]}\r\netag: W/\"637cace8-27e1\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d5ecadf0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10209,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (321), with CRLF line terminators","md5":"d2e2a4f12021d4f9dfc23efd0a17705b","sha1":"f66429074406ff9def5858792f6b1251f1ef907e","sha256":"97c4bb35fa71f18f55a6f2692d027d38a467341ab020d9e00f563255e0be9a0d","sha512":"50776521a1a9eca20aa44d26c6971bf748cbc0e33d0a79866c8c61da44dcdfaf26593017f217b927a699988dfb3ce53125395c0dceee5f0e308f3dd57ae11732","ssdeep":"96:Oa/FsTPvo9LE/qvDKZUATVR309QFeMUxjy7mSpdkpk2xPF92B96XjMBJpLNPhLu3:OcZvDKr0FxjyjdkbazLhhx/GNVjtfx","tlshash":"a4229d225210564ce32b5393aef54a7b3e2f8122eb4352e9ed933a23c29755701f1ad2","first_seen":"2025-11-21T06:26:11.278831Z","last_seen":"2026-03-16T07:13:28.389696Z","times_seen":41,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yj99.img4939463946.com:5658/8888/mt/mt120.gif","fqdn":"yj99.img4939463946.com","domain":"img4939463946.com","tld":"com"},"ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yj99.img4939463946.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 14:45:48 GMT","end":"Wed, 18 Feb 2026 14:45:47 GMT"},"fingerprint":{"sha1":"99:F7:53:46:F9:FD:FF:ED:98:92:40:E4:35:3D:84:00:BD:BE:B3:62","sha256":"0A:92:0A:71:FF:AD:94:9C:3A:7F:58:A2:7C:34:73:56:49:20:9D:5E:6A:75:86:DB:50:A9:92:C7:1A:DF:52:FA"}}},"request":{"raw":"GET /8888/mt/mt120.gif HTTP/1.1\r\nHost: yj99.img4939463946.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/gif\r\ncontent-length: 643569\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Wed, 22 May 2024 10:32:09 GMT\r\netag: \"664dc9a9-9d1f1\"\r\nexpires: Mon, 15 Dec 2025 13:36:55 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":643569,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"f5919b3ac13cce9d56f7966003e826d8","sha1":"75c040dace5ddc741ddcbda8e0bc74fcbff417bc","sha256":"739605b51e61972ae4e03385a848c5cc0561d639eadb33e424567f7f3b9d8f88","sha512":"5864eaf234c1b5816f6faeb6ef6f499154110340a9c412a742b35f4304a7cdba4cb88efbe61887c10593e96737a895d6cd466cd8fe990edce43338535123cd17","ssdeep":"12288:E2PPPsqKfJQrQrQrQFUpPnn9uVK49uVK49uVK49uVKZRV7YC:E2PPPJQc9KK49KK49KK49KKZX7H","tlshash":"c2d41338875b6ab15d82fe6c4ce1a0d980f951df53b74669e7c09c30936a31fb382b64","first_seen":"2024-10-04T10:32:36.972611Z","last_seen":"2026-04-05T07:51:05.42721Z","times_seen":8032,"resource_available":false,"data":null}},"time_used":3622,"timings":{"blocked":118,"dns":8,"connect":291,"send":0,"wait":280,"receive":1515,"ssl":1406},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/bootstrap.css","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/css/bootstrap.css HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 08:23:37 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 21 Nov 2025 16:58:41 GMT\r\ncache-control: max-age=43200\r\nage: 26228\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ngA0PhVDLdgzTK93qjj5decEUnPkffNPM9qugi4B%2B51Gs1zfhzN0TNovCNFFaxwMZhrq9doO056P7kDwc5G1YfNVxJrYESQum%2FWUlskXYQ%3D%3D\"}]}\r\netag: W/\"630f1a89-23077\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d5ecad50daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143479,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (540), with CRLF line terminators","md5":"d6febcd70162c8efa5c8baec23b368ea","sha1":"c71fb5f80ef7bdad286d0695a33f7ad9688d2e06","sha256":"669ef192418984adaf0153dcfc38e20bc9099b0ba5b37afcd46b6598a6264410","sha512":"93c13703f4aa87cffd60fc5fbf37a6a7de94919bb0beb4916844cb8a00292317d3041b42fc7e9e1b5a7fe60aa950b1ec8a6043cab36f99183a12c027ca1a675a","ssdeep":"768:u7zAzpAKHbOJa/vHpDNeQogoUiquiTRNTrU44eMIMvTn58BOiHc/i7kmBMR7w6Dg:uHAlAKBaAv6DqcUgPZzWHXe5m","tlshash":"6ee386ece70021807332cb74b793cd52bf5961e2ca074a76fbd1656ca34a9485632edb","first_seen":"2025-11-21T04:59:19.445279Z","last_seen":"2026-03-16T07:13:28.409932Z","times_seen":40,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xm99.img4758972832.com:5658/8888/xm/5088/120.gif","fqdn":"xm99.img4758972832.com","domain":"img4758972832.com","tld":"com"},"ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xm99.img4758972832.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 14:45:29 GMT","end":"Wed, 18 Feb 2026 14:45:28 GMT"},"fingerprint":{"sha1":"53:F7:5C:08:DC:83:DC:DC:4C:01:F8:84:3E:9C:29:A6:F1:7D:0F:AF","sha256":"A9:46:EB:6B:EF:07:D6:CC:C8:AF:C2:DC:B2:63:EF:F4:92:8B:99:DE:D1:51:26:4D:19:C8:F9:37:9D:EC:79:9C"}}},"request":{"raw":"GET /8888/xm/5088/120.gif HTTP/1.1\r\nHost: xm99.img4758972832.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/gif\r\ncontent-length: 443228\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 16 Sep 2024 13:02:03 GMT\r\netag: \"66e82c4b-6c35c\"\r\nexpires: Sat, 20 Dec 2025 06:21:03 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":443228,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"6dfeb48901b7cd79256ac55ca0e057ad","sha1":"7f5be548b85f2c58a5a75f89831a60372e1fd49e","sha256":"077c10e1c5dda6d69f6cdb1cd61bd9b88d46ab20a09a0d1cd575348b422a80f6","sha512":"eb336246e254747a2ba6cc9ce2a793aa4919f2dce04f7327f82f33fbf1b7177a0a828bb4fdb687af252189476332345f9ca15e7a1163b0c572194b8b27464c45","ssdeep":"12288:bITYwMITYwMITwzFWFbSimWFbSimWFFL851b251b251b251ba:sYwTYwTakQcQc/87272727a","tlshash":"bb9412d3e4ea2823c6a62244ca9df7d57f411156653ea3d79b6b3f100e52d22e0ced09","first_seen":"2025-11-21T00:36:15.409425Z","last_seen":"2026-04-05T07:51:05.422403Z","times_seen":8029,"resource_available":false,"data":null}},"time_used":3472,"timings":{"blocked":-1,"dns":8,"connect":292,"send":0,"wait":293,"receive":1437,"ssl":1437},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20251117/c7OCNH0V/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20251117/c7OCNH0V/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85358\r\nlast-modified: Tue, 18 Nov 2025 04:06:50 GMT\r\netag: \"691bf0da-14d6e\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85358,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 702x362, components 3","md5":"1dcbe1df8461eb54117319af48c640f4","sha1":"999e9e19e3f6682b72a35bd0257907431c1f9ea0","sha256":"9dda3c02224a1c4288b0e1eb61d6099c7ee3f06c3ca7371e378ac8d78683c303","sha512":"6444ae5acab191f0f86d5efecd799f7786e66e64a32a435413c6fa1eb55b336b5ab0b0f880530eeaace98595b1d884f725bb2463a28bf333b9b90b3aa5e2aa3b","ssdeep":"1536:2PHjL2U2v2CFiJ+RQdiBQtBNEYyRsycqsEg5x7KI3foXX5p/7UPcOHzBitlkZtbH:CKU2ef+RU3ETsyCx7Kuf6X5J7UPlTylc","tlshash":"c18302773778da81d1416cb25af32b30f48af4ca4e56949a17c8fa181d9f3b2dc39960","first_seen":"2025-11-18T08:01:30.870062Z","last_seen":"2025-11-21T12:16:20.797507Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2153,"timings":{"blocked":387,"dns":4,"connect":146,"send":0,"wait":270,"receive":17,"ssl":1322},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/000/flink/analytics.php","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:51.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"POST /000/flink/analytics.php HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 9\r\nOrigin: https://hpxjxc.xsn5.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nage: 0\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMs f ])\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gdGIo8s8%2FkyQlVILr0QcqBQ0Nj%2FZf79g2y6pwVVHWhVqeOeJ6EeB2zU4HPLnPmKNujdiqcACTIxbycwHV7xwxmfubULI4ZeShN0pudqXKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9a201d699adb0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/4183327079/O1CN01ln3oR222AEqzshHWU_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i1/4183327079/O1CN01ln3oR222AEqzshHWU_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 299379\r\ndate: Fri, 14 Nov 2025 07:01:34 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: a3b5fe9717631036937892118e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache8.l2de3[0,0,200-0,H], ens-cache8.l2de3[0,0], ens-cache2.se2[0,0,200-0,H], ens-cache7.se2[10,0]\r\naccess-control-allow-origin: *\r\nage: 623655\r\nali-swift-global-savetime: 1763103694\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 14 Nov 2025 08:58:04 GMT\r\nx-swift-cachetime: 31529010\r\nvary: Accept\r\ns-rt: 10\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496718020e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":299379,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"54542288aac257ac1b54cc8b0898be4f","sha1":"cd2fb2928257b6248a0e9594ac6d641a0a7aa87a","sha256":"fd63cced0b26eae23e42ac01c17ae4759378feb09a362cf4509d66af16eea083","sha512":"ac9f433eaf62830d6d90737e0a1c6d8ddabbd3bed067a01ffc82151cd0967718c9909f127841d6a7dc211eb3b2530d478a525c3b01892527460e6c11a6d9f014","ssdeep":"6144:chvrNv4wBFDMlONRXWKD8id3uM6JDtvnNf2PVis5Wx8:cVrNv4OFwlMGq80uMQD2PMF8","tlshash":"ea54238e6a0fee306db3ec052609262a9e57fdd0b0a1e7eb89805c3b3237b114578755","first_seen":"2025-11-14T12:28:04.170382Z","last_seen":"2025-11-28T04:36:41.671631Z","times_seen":1713,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20251117/xGRMuISc/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 12:24:41 GMT","end":"Thu, 12 Feb 2026 13:23:25 GMT"},"fingerprint":{"sha1":"5B:BB:AE:DD:E6:FC:52:AA:4B:4B:08:22:8C:6A:23:29:62:A0:F2:AC","sha256":"9F:BD:DA:CD:05:A4:E9:EA:25:05:88:FD:B5:97:F5:EE:83:AD:81:0E:17:F5:82:6B:A4:63:C5:75:97:EE:7A:04"}}},"request":{"raw":"GET /20251117/xGRMuISc/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:50 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 30225\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 04:20:32 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691aa290-7611\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 17\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fuhWmdNF22UXpDLAWkMCTY9Ckaym%2B1Uf8BoPAtzVTWpk8xCAhri0m3gLLmKSAs%2FnC0r9oNdm1%2B5sjOJ%2FqqtAoM9MeADR3VdBiUw3jSlDHk3Z2Q%3D%3D\"}]}\r\ncf-ray: 9a201d61cad276ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30225,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x373, components 3","md5":"712668efd87d70efa8cc50adc114f93f","sha1":"eb33b94fd860f38e61764537f88d747fec0bab9e","sha256":"a2d7a49078febfac93c0386870daf2015ffd3fa8275c1eb7199bdcc76c691f0d","sha512":"bf772e7075b2628d652143b7b5efa2f8ba91d75670b4c5417a946f7ad36547b08be8ad556f27b4a162d65b9ab9816ce055879dd5f8d1d7ad667117cec0959fad","ssdeep":"768:d6mOh+E4eSLgSSe40/RQdbYEkqPc/e9ISoKtDfBAlYr1syp2ILDjnZk:dH++DEFe4kRQ5YEkqP76KnAqruyT3Zk","tlshash":"53d2e08956c427719f0fe2fc10a279c54e1a05727cef9633b6a55edaaf42db918810c3","first_seen":"2025-11-21T12:16:07.315857Z","last_seen":"2026-03-16T10:26:20.033344Z","times_seen":6,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":187,"dns":6,"connect":2,"send":0,"wait":30,"receive":5,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntp.com/upload/vod/20250709-1/bf0613dfc61d23bce11317a459e0a8f9.jpg","fqdn":"www.jkuntp.com","domain":"jkuntp.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntp.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 16 Mar 2025 16:00:52 GMT","end":"Wed, 15 Apr 2026 16:00:51 GMT"},"fingerprint":{"sha1":"13:82:6E:FD:22:A6:75:AF:0E:AE:85:B2:6A:97:BC:28:30:41:41:12","sha256":"50:62:73:3B:FC:2E:0C:CA:14:8B:44:E2:B4:B5:5B:20:6C:AA:A6:E4:97:C1:05:C1:6A:A6:C0:5E:92:40:4F:5A"}}},"request":{"raw":"GET /upload/vod/20250709-1/bf0613dfc61d23bce11317a459e0a8f9.jpg HTTP/1.1\r\nHost: www.jkuntp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 21 Nov 2025 12:15:51 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 71077\r\nConnection: keep-alive\r\nLast-Modified: Wed, 09 Jul 2025 04:03:45 GMT\r\nVary: Accept-Encoding\r\nETag: \"686dea21-115a5\"\r\nExpires: Sat, 06 Dec 2025 04:17:45 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71077,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"2c5a543866e44d2e76e32e41f139942e","sha1":"e1def7bcfbe2c05bd417162c8682fde66fec7443","sha256":"3d8cee333fca85296d722f71df3517f766e2b02664f36546c76fac32a85b327a","sha512":"105ac6e147212be1781154835f79e14a8f97b6640009468d33fb5d441037b1db99e3edcfe57970861ecad7107725d2800426d2c7c76035de1a3f40c804a00def","ssdeep":"1536:5Vfml2CD7hnVwdAWqDHdolySZmwAEmlhnoLi2OZBUy8R4A+mS3:TMp7hnVBLD9ekEmjCi2OZ7O4AA","tlshash":"8163127accb0a847748132fbaa08c9bd4506ca0bcc9465c1d2d87a81ff462f75677b74","first_seen":"2025-11-21T12:16:07.329046Z","last_seen":"2025-11-21T12:16:20.800704Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2150,"timings":{"blocked":221,"dns":6,"connect":146,"send":0,"wait":197,"receive":281,"ssl":1291},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xing.sex8sex833.com/20251031/2Tc2nutj/1.jpg","fqdn":"xing.sex8sex833.com","domain":"sex8sex833.com","tld":"com"},"ip":{"addr":"216.180.228.114","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xing.sex8sex833.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 26 Sep 2025 13:37:39 GMT","end":"Sat, 26 Sep 2026 13:37:38 GMT"},"fingerprint":{"sha1":"28:B4:22:5C:4D:3B:2D:75:D1:AA:11:BA:8B:68:D2:F4:0C:24:56:3C","sha256":"6F:10:DA:E6:82:FD:27:6D:3B:9D:3C:45:0E:7C:3D:E5:97:73:D9:BB:0B:4F:75:19:4F:20:88:F9:00:89:42:D6"}}},"request":{"raw":"GET /20251031/2Tc2nutj/1.jpg HTTP/1.1\r\nHost: xing.sex8sex833.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: X-Requested-With\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\nContent-Disposition: attachment; filename=\"1.jpg\"\r\nContent-Length: 7714\r\nContent-Type: application/octet-stream\r\nDate: Tue, 18 Nov 2025 02:45:10 GMT\r\nEtag: \"69048324-1e22\"\r\nLast-Modified: Tue, 18 Nov 2025 09:38:12 GMT\r\nServer: nginx\r\nX-Cache: HIT, policy, disk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7714,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: \"Lavc61.3.100\", baseline, precision 8, 320x240, components 3","md5":"e5493fa51f0a1d8bd1ef05a1e30292b6","sha1":"398f7e1f1a86a65192c7ddcd34c691586c252946","sha256":"7915dc532c176db0f952dd17beef12a187fd476be2f4fda9eb5455942ead63e0","sha512":"6962a8672667ca66464dfdf0beb4cad28bd9f2a6396ed54bbd219016c74d4c6471079a05d9806a210ce241297ef84fa7e11e893274f2d96995971256ff3c0c8b","ssdeep":"192:on2UTQ/9SbYXxA9l0Yco8GgDFxWrOu4SX9XES:on2UTISwxo6DFAeStUS","tlshash":"edf19ea6e61ac52efc88563b564e871c0b94262f7b71c9db8a4134142dec1027e4b35f","first_seen":"2025-11-21T12:16:07.264803Z","last_seen":"2025-11-21T12:16:20.801439Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2148,"timings":{"blocked":527,"dns":5,"connect":163,"send":0,"wait":162,"receive":12,"ssl":1273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/favicon.ico","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:53.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:53 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Fri, 25 Nov 2022 03:52:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 16\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cHs f ])\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q%2BGq9OGeRYC2HzHvyAM7izDMbmROjljqx%2FczJjQIK3qJtdGp34Zw6EQT7sNM1KTdptbzG2G0iH1Sq0sY8EhTzfsPiaeZO800mJCK%2BP66rQ%3D%3D\"}]}\r\netag: W/\"63803c1a-25be\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d77fafc0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"d7f3030d81f8f17d7d7da8f73ff598ed","sha1":"8cffbd68238341c159015eede963433620575a8f","sha256":"78174ccf501459366659f4f0ea2f165ff7b4c396bd8b66f052863c0cf7c81831","sha512":"8757888035e6c1f7b37d75d4467b1b663b3e962532a72c9da8760c45967577830a268014b6d125d68491d538edb34ef4c31fbdfe4331e1ee52df4e151792b53c","ssdeep":"192:RJ8q/FG6OktJdesZfMFODxrOtd99t3R6A2J:JkscOVOdp3sA2J","tlshash":"ab12e7592b21d0fcd0042678cce2d69c63c68fbc21e0c20b7887be27397279b2c12689","first_seen":"2025-09-30T03:11:03.525231Z","last_seen":"2026-03-26T02:47:58.367453Z","times_seen":42,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jkunnzyx.com/20251119/UzYifQ53/1.jpg","fqdn":"jkunnzyx.com","domain":"jkunnzyx.com","tld":"com"},"ip":{"addr":"23.226.76.18","port":443,"asn":53755,"as":"IOFLOOD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkunnzyx.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 21 Apr 2025 22:32:53 GMT","end":"Thu, 21 May 2026 22:32:52 GMT"},"fingerprint":{"sha1":"5C:AB:E5:A8:E4:AE:C3:22:F4:0A:A8:5E:67:A2:82:7C:2F:E9:FF:15","sha256":"F0:E6:94:84:C1:8B:61:08:C8:8B:73:5D:FC:4C:45:F6:D0:B9:83:3B:D9:48:CA:24:D1:E5:E2:E6:94:A4:A5:2C"}}},"request":{"raw":"GET /20251119/UzYifQ53/1.jpg HTTP/1.1\r\nHost: jkunnzyx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 62252\r\nlast-modified: Thu, 20 Nov 2025 02:40:18 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691e7f92-f32c\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62252,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x450, components 3","md5":"63890b939218551fc92992311b22a18d","sha1":"10fd00fcbb07e6f0c9c71a3be0e60ef96ceb5601","sha256":"c1dbd38c560047b039a33fee07ca5edba8173131080b909a501b9be794390bd6","sha512":"e964caa17507a935db205f0da02fb6c71f1b66d0c65849f9226a6e0a1c7858f2806dbe5ec7085996fac78877689e665e94db87f2634e2fd138aac5a3bcf0c4f8","ssdeep":"1536:BWevynj1CdARZkxVnnFLFll3wWOxo49jDtjJL:8zj1SA8VFLFgW67JL","tlshash":"f053016e921774738f3be220bf7be79bb34d4439d771394c350d988a629ac846d620e4","first_seen":"2025-11-21T00:49:05.953512Z","last_seen":"2025-11-21T12:16:20.803302Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2418,"timings":{"blocked":373,"dns":1,"connect":146,"send":0,"wait":192,"receive":136,"ssl":1568},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:52.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 221348\r\ndate: Thu, 13 Nov 2025 10:05:50 GMT\r\nlast-modified: Thu, 13 Nov 2025 09:36:51 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.107\r\ntraceid: a3b5f39617630283506058409e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de3[0,0,200-0,H], ens-cache15.l2de3[1,0], ens-cache20.se2[0,0,200-0,H], ens-cache7.se2[3,0]\r\naccess-control-allow-origin: *\r\nage: 699002\r\nali-swift-global-savetime: 1763028350\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 13 Nov 2025 18:03:30 GMT\r\nx-swift-cachetime: 31507340\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273521012370e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":221348,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"91a4c6f090426e12424905e992711b10","sha1":"a2cb6864351065d53d1c4c502877adfd11103e4a","sha256":"88584290d770ecec2239e81884a8bf52306a473d03aafbdb9a359555e3b9c439","sha512":"ce208676f2178d6a9c8498f495422167058647fabfe812391f392ada0df7088434bd33a8a718c4d24a53c7b9c77af94d83faf3815f6364c76d203f97fe9cdb36","ssdeep":"6144:k/sj3j3iWwPIu/wQFxkt8gRZI1ZpLugfoi:k/sjz3iVIgwUgRS7VffX","tlshash":"6124137ee1c01f226e0522e9a7b8bf1b05b55487ed84a47729bdf9d6c7482b3e7601c0","first_seen":"2025-10-14T12:40:30.101425Z","last_seen":"2026-04-05T07:51:05.384424Z","times_seen":8650,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/2217565595682/O1CN01M5XnJo1rqPXpRWCDQ_!!2217565595682.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:52.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i4/2217565595682/O1CN01M5XnJo1rqPXpRWCDQ_!!2217565595682.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 211598\r\ndate: Thu, 23 Oct 2025 13:58:52 GMT\r\nlast-modified: Thu, 23 Oct 2025 12:33:03 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.076\r\ntraceid: a3b5009e17612279321822593e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache6.l2de3[0,0,200-0,H], ens-cache4.l2de3[1,0], ens-cache11.se2[0,0,200-0,H], ens-cache7.se2[3,0]\r\naccess-control-allow-origin: *\r\nage: 2499420\r\nali-swift-global-savetime: 1761227932\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 24 Oct 2025 03:39:58 GMT\r\nx-swift-cachetime: 31486734\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273521042373e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":211598,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"d9ad53b880beb6642f9a1681c5f4a84b","sha1":"a29d5b84391dad5d4674263e924ddc4e0172c6cc","sha256":"d3a46fecfb85c8cc35901926152dae3383bfc3d161a609042eebf904d5b55210","sha512":"2e4bbf233f22aaa56cabb18c3c4fd8fc4719ea22f1e3e8dcd90a8f4de41849958af67fa4f12460a979724ebf85a928c20475714ab9bb31c6054c48979e37ab26","ssdeep":"6144:qYHasOuCI67Pg1HoHUbiIlEfYhoI7Ejf9rDrB8aQTP6:qYHcNTrgI2iIlQY/7sFrDuhP6","tlshash":"4b242303f66e0fe7c1129cb422777b67ea18b520d26874f6b10ec88f9a129740e3756d","first_seen":"2025-10-24T07:54:14.376213Z","last_seen":"2026-01-04T20:02:00.073762Z","times_seen":2625,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20251120/j3NyhVNm/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 12:24:41 GMT","end":"Thu, 12 Feb 2026 13:23:25 GMT"},"fingerprint":{"sha1":"5B:BB:AE:DD:E6:FC:52:AA:4B:4B:08:22:8C:6A:23:29:62:A0:F2:AC","sha256":"9F:BD:DA:CD:05:A4:E9:EA:25:05:88:FD:B5:97:F5:EE:83:AD:81:0E:17:F5:82:6B:A4:63:C5:75:97:EE:7A:04"}}},"request":{"raw":"GET /20251120/j3NyhVNm/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:50 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 162705\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 11:57:15 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691f021b-27b91\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 17\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g9yTk6MCZEr5mcvqz53TY6%2Bp3KxgH6tG7RW2HHdUQY8VATvTvH9zQDoQ9zkJIkofOz%2FkwpOe74yfJGZfd2PwKxXYsOb45L9AWZ8LuAzffIAjSA%3D%3D\"}]}\r\ncf-ray: 9a201d61cadc76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":162705,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x537, components 3","md5":"2b2681ee7ee0f5a0d01ba461da49ab8a","sha1":"d7311d9ea2e789fd90aac9ba746d86ba66dc5a6a","sha256":"48986421d3a925094e246e9f85856d574c479e6b3f043e4f9d57af4398aeeece","sha512":"185a73796e2d693da7471709a503c40231b857d45bb28a1f4c6227e3edca85bdffe5f8c429021342e275853b3a31dd37483eea2d482c54d95357d4677487df7b","ssdeep":"3072:ZDVzk/Nj6BoZy01jfnHTON0jIAn4+hu0vups+ri8a1KXmJveR/4FyRw:ZDVSyc7Hyaj/4+hT7++SNXw","tlshash":"48f3233368b661e1d026ff7cc8ff3925f2e97161e444a3d12d0fd798a2929d3941a874","first_seen":"2025-07-23T06:28:19.700694Z","last_seen":"2025-11-21T12:16:20.805089Z","times_seen":4,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":28,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jkunnzyx.com/20251119/c8iOwNRu/1.jpg","fqdn":"jkunnzyx.com","domain":"jkunnzyx.com","tld":"com"},"ip":{"addr":"23.226.76.18","port":443,"asn":53755,"as":"IOFLOOD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkunnzyx.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Mon, 21 Apr 2025 22:32:53 GMT","end":"Thu, 21 May 2026 22:32:52 GMT"},"fingerprint":{"sha1":"5C:AB:E5:A8:E4:AE:C3:22:F4:0A:A8:5E:67:A2:82:7C:2F:E9:FF:15","sha256":"F0:E6:94:84:C1:8B:61:08:C8:8B:73:5D:FC:4C:45:F6:D0:B9:83:3B:D9:48:CA:24:D1:E5:E2:E6:94:A4:A5:2C"}}},"request":{"raw":"GET /20251119/c8iOwNRu/1.jpg HTTP/1.1\r\nHost: jkunnzyx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 52481\r\nlast-modified: Thu, 20 Nov 2025 01:41:36 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"691e71d0-cd01\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52481,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=美图秀秀], baseline, precision 8, 600x337, components 3","md5":"b6443ab04df3d192390d62d656a08fae","sha1":"27c6a3c156e9915b070eb77cb7d04b4f8b3c209a","sha256":"144d50b2930c00de559cc7f616a7daa68b98915a5aead5cdc5b1290f6f715ca9","sha512":"a9150c7ffaf3fed0e10a75077afb0b49253261fd92a96e0b0a3fb641faa98c289e0fc0bd3277d60aa19c32277b1451231b3bf73a01919e020431360559b4b890","ssdeep":"768:N2pAXvFxTqWP1a0povjneUvGL5liXXyCrytOq405NdsZA6MuKuxKf97caIPdYzGn:NhbL1jp4KSmUXVrvnRMJXW+zMynNMB","tlshash":"a533f1ecddf7359a4aaa773302b970b5ace3ef80f4a044de16b086bd596c8b51015b34","first_seen":"2025-11-21T02:12:28.583648Z","last_seen":"2025-11-21T12:16:20.805714Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2529,"timings":{"blocked":380,"dns":1,"connect":146,"send":0,"wait":357,"receive":75,"ssl":1558},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/yinhe/960-120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.64","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:53.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /yinhe/960-120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 215880\r\ndate: Thu, 20 Nov 2025 03:38:31 GMT\r\nlast-modified: Sun, 30 Mar 2025 12:21:24 GMT\r\netag: \"c2e3bac355c689e234388104488b22e2\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 bb7e95405d9101d4320e2582fcead450.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: luEIkzo9n7v0vXEH8jClDllZzRc63EeRNybiC0ynjkUMny1SRt1R7g==\r\nage: 117443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":215880,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"c2e3bac355c689e234388104488b22e2","sha1":"fcf87563ac96adb085897c5e4b9ba62681e5139e","sha256":"3e2c70fe6b947f60c3dd5752c94d502a3443c28f781738d2e308567ad5cd90cf","sha512":"239bc5d1df9c1aa3cb7cb72bc2c5451dbaa7dc8255bc9cc348dbe22ab5752e37a11047d421769e0228f8a645981a246d0b5af00792de9dce6a6b1f8f504cd044","ssdeep":"3072:Y8szBTXPqZiXzUBgLKsbV9UnxQCBL/YYYDSMdIok1RLp8veNVhRZ2:3OBLfzUHoexXL/YDSCIfXL/hRZ2","tlshash":"ed2422faf626c923c47eabc16370eda256f7c78471e2100657c17f5ada603a0cb9851d","first_seen":"2025-04-02T02:40:05.475958Z","last_seen":"2026-03-15T13:02:26.875639Z","times_seen":10144,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":62,"dns":115,"connect":1,"send":0,"wait":36,"receive":11,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/4183327079/O1CN01JERdYR22AEqzSygtG_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i3/4183327079/O1CN01JERdYR22AEqzSygtG_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 223299\r\ndate: Fri, 14 Nov 2025 11:23:32 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b55c9817631194125176776e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache6.l2de3[0,0,200-0,H], ens-cache14.l2de3[1,0], ens-cache3.se2[0,0,200-0,H], ens-cache7.se2[4,0]\r\naccess-control-allow-origin: *\r\nage: 607937\r\nali-swift-global-savetime: 1763119412\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 14 Nov 2025 11:27:46 GMT\r\nx-swift-cachetime: 31535746\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496678014e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":223299,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"bb6a5a5a6e6c4866635a7cb394b7ea9e","sha1":"0b63b5c71c593c1cd4764511e523b98bbbe22ce4","sha256":"f2a81ec9b07b46440e1b3d69e03183c69992194f2c5707f8dfc758c4ffdc4049","sha512":"5700b817723849e5b2c01cf01efa45495bdb6e44862228f3fbc5b8da449ca1b46a12c388791a620e66ee9326be438071b7ad9a5e0d27805d6c1d09c5d74a33b0","ssdeep":"6144:gBohwwsK9g27Dqs0QAVFc9DXubiVAVjpl+1s9EL7vkJ5x:gBons127DqNQSpkAVjplqs9A4x","tlshash":"072422fe79478cc2c43d859a6c177510ee9ca09e933d2e15647f5d8dfba8070069b1e2","first_seen":"2025-11-14T23:01:47.000835Z","last_seen":"2025-12-13T15:02:12.119283Z","times_seen":651,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":3,"connect":8,"send":0,"wait":18,"receive":25,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img2.gayzyimage.com/image/uploads/ad24d9f59dd8709348086cff9a906960.jpg","fqdn":"img2.gayzyimage.com","domain":"gayzyimage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.794Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /image/uploads/ad24d9f59dd8709348086cff9a906960.jpg HTTP/1.1\r\nHost: img2.gayzyimage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":218,"dns":3,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"img2.gayzyimage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20251118/hYiP1pkE/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20251118/hYiP1pkE/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38329\r\nlast-modified: Wed, 19 Nov 2025 03:46:25 GMT\r\netag: \"691d3d91-95b9\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38329,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3","md5":"6f8412162370a223bbd20362eb1d18db","sha1":"e9ceba19c27d2c1fb3fdd2796a703c215d666a39","sha256":"0f76ce3a513080a53379633bbb4701d2cbb8885c8b17d00b8447bf868a1e663f","sha512":"7288f059d567039920c59e748daaf67e65e626877bd5a04d929148e94ebca02bbdcebd8aca3855250885662ccac501c84954573bb580b93de4724e8f5e0df0e8","ssdeep":"768:zlRJ213TyWC9v9iKAFc15FtRN3va5RQRVAFZfXCei4Z+9CCa3t:zlRODyW6ASPjva5cQfZ+cB9","tlshash":"2303f2cb0395737d6c6ce9bb9f754975d97739a32f9f412a08880a1ad9b0b38de80740","first_seen":"2025-11-19T10:10:05.667622Z","last_seen":"2025-11-29T14:49:26.555332Z","times_seen":29,"resource_available":false,"data":null}},"time_used":2372,"timings":{"blocked":427,"dns":0,"connect":147,"send":0,"wait":445,"receive":5,"ssl":1345},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.siwazywimg2.com:5278/cvjpg/LeVsOj5d.jpg","fqdn":"img.siwazywimg2.com","domain":"siwazywimg2.com","tld":"com"},"ip":{"addr":"64.112.77.33","port":5278,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.siwazywimg2.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 28 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:A9:3F:94:31:F3:73:69:CD:F0:CF:FE:0C:EE:1E:91:A9:F9:33:1C","sha256":"99:08:8C:D6:D7:81:C5:3F:E5:99:17:DC:F4:D2:49:09:29:61:FB:ED:41:CC:47:20:6A:76:AB:9B:17:5A:14:E5"}}},"request":{"raw":"GET /cvjpg/LeVsOj5d.jpg HTTP/1.1\r\nHost: img.siwazywimg2.com:5278\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29874\r\nlast-modified: Mon, 03 Nov 2025 10:30:11 GMT\r\netag: \"69088433-74b2\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29874,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 800x449, components 3","md5":"6ff600068d51b8b3a60f1f14c7216a6e","sha1":"38a1aabd40789d26c4148a7d92aed9fa67f14bf5","sha256":"d0cd68aa5671885bcf3e97521621f40e83f26e73b4b728a881b93f8eaddad7b4","sha512":"9cfc4e5fe6765504e1723c1a948288a38565a67bf51f439cfc221182e83bc9f1dfa85de3fd17c0066b0d5b9e3924eadc7a164ef2058b1880789ecc8b94d6f408","ssdeep":"384:FRZOofUA5THS+ydvbYKhHbVhS/HwSoznMK5ivpRrMiaAs7iZLNwdgJTOkyUWX:FKMVxS+svbfZhIqnMF/rMwsW5H9gX","tlshash":"6fd2d0276c5986d125618b94f91f0e9ec7043f0c7ad05aeb1d72471bae24fb81cad8bc","first_seen":"2025-11-21T12:16:07.246309Z","last_seen":"2025-11-25T03:01:37.918913Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2328,"timings":{"blocked":473,"dns":3,"connect":144,"send":0,"wait":149,"receive":146,"ssl":1412},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"971tu.oss-cn-hongkong.aliyuncs.com/971-960x120.gif","fqdn":"971tu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.159","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /971-960x120.gif HTTP/1.1\r\nHost: 971tu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 21 Nov 2025 12:15:52 GMT\r\nContent-Type: image/gif\r\nContent-Length: 139367\r\nConnection: keep-alive\r\nx-oss-request-id: 692057F834318D31307FE71F\r\nAccept-Ranges: bytes\r\nETag: \"ACA283A2131B92F3A27CE31BCB88941B\"\r\nLast-Modified: Thu, 17 Jul 2025 15:10:10 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11750155769829521060\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: rKKDohMbkvOifOMby4iUGw==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":139367,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"aca283a2131b92f3a27ce31bcb88941b","sha1":"78eded072ddcc287d5581d80a94fc3c6691e7dac","sha256":"98eda39a11374ae1df0b528ca55f2c6158a1f2ba070ad6f767489f238e5017bd","sha512":"74d8ccc71e8f699740cc64b9286ce7ad5b32883567dce57d9854323ed8a82260a78683f04f0611927a7dcb596a5107b35d5418064de2bd7be17e3f62c3812b41","ssdeep":"3072:LT2iZUacUsl07RMcF0Kvej6KJM8CFY6Z3TmHmv9UCVinaNu2k:Pyacb07RMcFreDMb7jvGzQu3","tlshash":"b2d312bb0804dc51579c90f8925b33086d12aa54dde4833bebe0e8971dbde6bed416d3","first_seen":"2025-07-06T05:57:12.345232Z","last_seen":"2026-01-04T07:59:32.759801Z","times_seen":6712,"resource_available":false,"data":null}},"time_used":3861,"timings":{"blocked":92,"dns":17,"connect":303,"send":0,"wait":1121,"receive":599,"ssl":1720},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/img/sou.png","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:51.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/img/sou.png HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/main.css\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 1167\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 08:23:37 GMT\r\nvary: Accept-Encoding\r\netag: \"630f1a89-48f\"\r\nexpires: Sun, 21 Dec 2025 04:58:43 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 18\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cHs f ])\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i8gtHSbybvp2rRNIpabaB7x3TiQZzQi3Vdf1knWpF1ajsGfQc%2FfjxYqGohosRDbpJlokJnDHsDsMOfjn9%2BwayqKG2rBIoNCIl8CtAVmYwQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a201d699ad40daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1167,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"090307537fc60b1bba31ac25c4344faa","sha1":"af7cab97f375cf566ea1f05048abf3a30dbac6eb","sha256":"429d61dc8c75db0b113ade5fff2822a0d2409c324d15b1fe0cdda3462347cca1","sha512":"cd3947bf17edd438a1d9e322069227cc4f5d1670a9e48ee72317aff188f0f10d5c99b48661adc11430d23cb597abb37ef7c06a0933fa594f93bcb119bcb12a25","ssdeep":"","tlshash":"ea21339cf9202c11e6ddd4a128f7a52a8e234480d7e0f779f48bc453ed701b244ae9cb","first_seen":"2025-11-21T04:59:19.460595Z","last_seen":"2026-03-16T07:13:28.439234Z","times_seen":44,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mbh99.img3229438778.com:5658/8888/mbh/960x120.gif","fqdn":"mbh99.img3229438778.com","domain":"img3229438778.com","tld":"com"},"ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mbh99.img3229438778.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 14:45:21 GMT","end":"Wed, 18 Feb 2026 14:45:20 GMT"},"fingerprint":{"sha1":"B8:61:35:EE:95:16:34:0A:5B:E7:31:96:15:6C:69:BA:17:04:00:1E","sha256":"8B:54:0D:81:05:7F:81:C2:B5:96:B9:2A:43:2E:03:59:8D:4A:59:CB:E0:A5:5D:54:B4:74:34:79:92:F5:13:DE"}}},"request":{"raw":"GET /8888/mbh/960x120.gif HTTP/1.1\r\nHost: mbh99.img3229438778.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/gif\r\ncontent-length: 542368\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Wed, 24 Sep 2025 10:28:19 GMT\r\netag: \"68d3c7c3-846a0\"\r\nexpires: Sat, 20 Dec 2025 05:01:35 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":542368,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d0fc82d973069b7b5f9c0ab3dcd13c35","sha1":"fa69be7d7e699672b0061bb276e530fd0f1b6350","sha256":"a3a7a046fb38216581b510b7c206ae17a58d3c3898cf5f23225b882fe7a4e3fd","sha512":"bc595ab0211bd975625bd9ba12eb6c670853d68c2cf3d3e7176415f039000b826127d904dce42c85998b4646d1dde6f4e340c8c011a39fbba257a3d9eaf56d9e","ssdeep":"12288:fDCtAoA5ASA5ASA5AOjb7W49/XmZl8fz3JsUBWWqPMDoz7cz7cz7P:rZ5Y5Y5hj19/XfL3/UWqPMDcQQP","tlshash":"dcb4224efa7e4e8cc724612d8545c8ba4d1f39ae48db5135b24d3e7b4e2032ee5adc48","first_seen":"2025-09-28T08:43:05.887245Z","last_seen":"2026-01-30T11:25:38.248843Z","times_seen":7304,"resource_available":false,"data":null}},"time_used":5226,"timings":{"blocked":1644,"dns":1,"connect":293,"send":0,"wait":291,"receive":1539,"ssl":1455},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20251116/ZMe8it5W/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20251116/ZMe8it5W/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81734\r\nlast-modified: Mon, 17 Nov 2025 02:49:27 GMT\r\netag: \"691a8d37-13f46\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81734,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 1440x810, components 3","md5":"496544365ee783974eaab5fb3fe2bab5","sha1":"6318c60fcabe50c71dcee90877e25338705387f4","sha256":"9caeb69162000de375f05784e21d819d83f17ebe295182526d702e57feb63c0a","sha512":"d8c8045251cdfefffae0bfc418c8bb4a30283609df4cd13c0360b684cc29ffeb057053b97cb7d3259fc1bad01341a6631062772b331b54eb1536ae95634c70da","ssdeep":"1536:QrxVJ1PJrfGuccyLDv/2q6/yfOdGN/5cX1DkEstGR2jJ2faJT1XvRvMEDG3BCktu:EXvhrfGzTv/UtktEstLjJ1JT1XvRv5DT","tlshash":"5283120b02283097091547eabf178ea17551967937f1b9937a37ae320fe073e3dab944","first_seen":"2025-11-17T06:18:55.612823Z","last_seen":"2025-11-29T14:49:26.515939Z","times_seen":32,"resource_available":false,"data":null}},"time_used":1848,"timings":{"blocked":1186,"dns":0,"connect":0,"send":0,"wait":589,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/69xpj/960-120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.64","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:53.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /69xpj/960-120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 364723\r\ndate: Thu, 20 Nov 2025 03:38:31 GMT\r\nlast-modified: Mon, 11 Aug 2025 06:13:46 GMT\r\netag: \"97edfef2f9cbb079cb44e7c078a5ba71\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 bb7e95405d9101d4320e2582fcead450.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: bOOqXyt76Bu3kf_v7dBhZIa9UwFCLQtG0zc40DrFY2mjVmt87QHY0A==\r\nage: 117443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":364723,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"97edfef2f9cbb079cb44e7c078a5ba71","sha1":"cc91e3d33ba957ed48913cb9ab0700b652c81bc1","sha256":"6126934721ed828a76cafce464782ae5d484fbeb494a7fa203d3afb2a7631954","sha512":"4120a9b744ce71fddda1eb3ca67eb96734e1bee187c46a92911c44af851433536a5b957cd264acddb2b89f06b1d258095419aaed36dbf3aa00f2f39805b2ab89","ssdeep":"6144:WpiLVvoP+p3oAM5KDW8jsl7s2v2k8VbyGoYBiYWysFZwdYXd1rqWPu5pN:WpixvoP+BpBWdlsKL8VbjsYWyrWGvN","tlshash":"a974235e0883d20294827f9f25ce77e4e23410f9589b9d7af499b141af22f6e15d0e2b","first_seen":"2025-08-19T04:17:05.908558Z","last_seen":"2025-12-10T14:10:20.93279Z","times_seen":2131,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":96,"dns":123,"connect":13,"send":0,"wait":23,"receive":18,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"la.lashayu.com/upload/vod/20251119-1/324e15d639ee888563739ef349741cee.jpg","fqdn":"la.lashayu.com","domain":"lashayu.com","tld":"com"},"ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"la.lashayu.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 15:36:41 GMT","end":"Tue, 17 Feb 2026 15:36:40 GMT"},"fingerprint":{"sha1":"AE:62:BF:0E:B2:DA:42:99:A5:3F:2B:E7:DD:87:62:C6:6B:2D:A6:F9","sha256":"D2:CB:CD:0A:34:F5:9F:7B:45:7B:2E:01:12:3A:F1:06:7B:FD:F4:77:42:7A:75:9C:48:C3:2D:88:5C:21:54:54"}}},"request":{"raw":"GET /upload/vod/20251119-1/324e15d639ee888563739ef349741cee.jpg HTTP/1.1\r\nHost: la.lashayu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-credentials: : true\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\ncontent-type: image/jpeg\r\ndate: Fri, 21 Nov 2025 04:04:20 GMT\r\netag: \"691db22c-1a4f7\"\r\nexpires: Sun, 21 Dec 2025 04:04:20 GMT\r\nlast-modified: Fri, 21 Nov 2025 04:04:21 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 107767\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107767,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"0b19239360d5a43a346721984ccec662","sha1":"4e4a0229a00e427ae0f28166b725c80c182321da","sha256":"6e39bb35f5fd35cb55dad2810e0cce70af1f08235c67af3384261d243930e541","sha512":"313de0db1154a93ce3eda23e06a0ab380d1133aec0aff788aa4caae789454e7e95815633c958a8055d5f18b1c07c48553fca30920334131234cdfc548acaa079","ssdeep":"3072:oiyZF/J8Mc93s6T7Fyhf3LpbUcQk3vdW0Q5BZ+xEhV:noF/J8McC6T7FilUcQgrQ5z+gV","tlshash":"05b312bea5c4a36240614572456e7ee3168c5ffc9dc08a181513efb9e9f28dce80d86c","first_seen":"2025-10-17T13:32:24.703628Z","last_seen":"2025-11-21T12:16:20.819569Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1672,"timings":{"blocked":403,"dns":0,"connect":19,"send":0,"wait":25,"receive":54,"ssl":1167},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/388-960x60.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /388-960x60.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: NgxFence\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i4/2217565595682/O1CN01M5XnJo1rqPXpRWCDQ_!!2217565595682.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":211598,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":2124,"timings":{"blocked":121,"dns":2,"connect":303,"send":0,"wait":266,"receive":0,"ssl":1428},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/4183327079/O1CN01epa96r22AEqgHlVn4_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i2/4183327079/O1CN01epa96r22AEqgHlVn4_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 323562\r\ndate: Sat, 25 Oct 2025 08:29:19 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.004\r\ntraceid: a3b5f3a917613809589937179e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache22.l2de3[0,0,200-0,H], ens-cache5.l2de3[1,0], ens-cache20.se2[0,0,200-0,H], ens-cache7.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 2346390\r\nali-swift-global-savetime: 1761380959\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 31 Oct 2025 16:48:43 GMT\r\nx-swift-cachetime: 30987636\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496698015e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":323562,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"9eda8c2cc4d8f82d49ba972a6079acd7","sha1":"36a723c18e29836ba9ac62c88f2616c493e97d59","sha256":"48643328eeb9fa12901048986618531978028c06f867d9521f7b64e7eb6e83f7","sha512":"10fac3f5a4c7fe2509b5f3413092367d37394fbd7dad4aec9b5840893d9f33a47e32849b8eaeec6c7e95aa7730c44ec674f984082ec002d3eb2aef7db0b8a968","ssdeep":"6144:BkLJwpWeseTvdIDskjUVhSh1UHH+V0U1wSMPVMgWOwSMPVgLyeJdYbe3wGukJdYa:BkFwpW5er6DskIvShyHHCnqSBXSkgYKr","tlshash":"f26423773f561c413159e8c240afa1981ad9ac2afdc6c03695f4f10ba714bc9827ef8e","first_seen":"2025-11-02T15:41:03.499211Z","last_seen":"2025-12-07T12:42:38.496575Z","times_seen":1770,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/bt960120a.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /bt960120a.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":292628,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":2236,"timings":{"blocked":72,"dns":11,"connect":306,"send":0,"wait":414,"receive":0,"ssl":1426},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/4183327079/O1CN01uuZxFK22AEqfvbK0j_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i3/4183327079/O1CN01uuZxFK22AEqfvbK0j_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 269025\r\ndate: Sat, 25 Oct 2025 08:29:19 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.008\r\ntraceid: a3b5f3a917613809589937176e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache2.l2de3[0,0,200-0,H], ens-cache9.l2de3[1,0], ens-cache5.se2[0,0,200-0,H], ens-cache7.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 2346390\r\nali-swift-global-savetime: 1761380959\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 25 Oct 2025 08:40:15 GMT\r\nx-swift-cachetime: 31535344\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496848028e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":269025,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"66eb74ab6e92f27e6f0dd5d7bec4e258","sha1":"7c4f26d4f33e4cedd9c93df3f0720be86faddd54","sha256":"9959503ddadcbb6ad2028f5627cfa33dfcd4be07b96c6861d56665569adbeb0d","sha512":"56a5d6a6d90068fb4a998221ac3c0164ec5ec9acb7df3ae11e0be6c14ad7637021eecd4890125287994fe0938fde5928b87ae5c3747b9b58eacefaa7851141e0","ssdeep":"6144:ltaHDEWdgoKoH5o6+6WG3vo1Oy7XtIRedU1KWqrz:l2DEWdiep+5GIOy76Udzrz","tlshash":"d24423371ea51b40c016bd5a994baee338e8264ddaec23769ec643eb701545cd1eafc0","first_seen":"2025-11-02T15:41:03.454096Z","last_seen":"2025-12-07T12:42:38.460088Z","times_seen":2163,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/main.css","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/css/main.css HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 22 Nov 2022 11:04:57 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 21 Nov 2025 16:58:41 GMT\r\ncache-control: max-age=43200\r\nage: 26228\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W0LDGpFGaPEyw1Skdk6HGnlTrixfOGOadys6NaYnOlAdAg%2F5gVHlRmWSVCLE6NCJvsO6X7zTS2Awyr1xWk3%2BPSOguVL6qhLBK3dXRrycGQ%3D%3D\"}]}\r\netag: W/\"637cacd9-6f7e\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d5ecad90daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28542,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"9825a68a7838ebc4f85d38e27d9e2ded","sha1":"45c0860deb74d4106858d2b26878d33d43bc68e1","sha256":"28648dbd13577eb70a2fc1074a11363715900c9df5a764dbaeab88713c36084c","sha512":"0b3638f74839bb407c5262199eecc8ed29ebe29870ce0e09bd2118188ef4a47354100c4d9d36077f95ff845e927decae7899866c2b6a2be30916ba5262d43b48","ssdeep":"384:nEKQtE5EF8hge8io11ALOP9S/2g/x08GHKhkelYxR5MIxrfFBqsFzVBZ462ENWR+:nEKQu53o468oKbIjCqgRrC","tlshash":"8dd27631a6191148b13f92a6bda3978a7b2f8017e30303fcfdea3661d65e46b05727c5","first_seen":"2025-11-21T04:59:19.496132Z","last_seen":"2026-03-16T07:13:28.410734Z","times_seen":40,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xing.sex8sex833.com/20251031/LyL1dJGl/1.jpg","fqdn":"xing.sex8sex833.com","domain":"sex8sex833.com","tld":"com"},"ip":{"addr":"216.180.228.114","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xing.sex8sex833.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 26 Sep 2025 13:37:39 GMT","end":"Sat, 26 Sep 2026 13:37:38 GMT"},"fingerprint":{"sha1":"28:B4:22:5C:4D:3B:2D:75:D1:AA:11:BA:8B:68:D2:F4:0C:24:56:3C","sha256":"6F:10:DA:E6:82:FD:27:6D:3B:9D:3C:45:0E:7C:3D:E5:97:73:D9:BB:0B:4F:75:19:4F:20:88:F9:00:89:42:D6"}}},"request":{"raw":"GET /20251031/LyL1dJGl/1.jpg HTTP/1.1\r\nHost: xing.sex8sex833.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: X-Requested-With\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\nContent-Disposition: attachment; filename=\"1.jpg\"\r\nContent-Length: 8945\r\nContent-Type: application/octet-stream\r\nDate: Tue, 18 Nov 2025 02:26:49 GMT\r\nEtag: \"690483c9-22f1\"\r\nLast-Modified: Tue, 18 Nov 2025 09:38:11 GMT\r\nServer: nginx\r\nX-Cache: HIT, policy, disk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8945,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: \"Lavc61.3.100\", baseline, precision 8, 320x240, components 3","md5":"4b120458e30b00b73dc40d7eacd5db92","sha1":"3b490e4018894349a66ad53cce6c9abded4c7c50","sha256":"a52e38c47650941f082841884c40f080b5a4ebc328ed0cfe69743d51f339b3f5","sha512":"f4861fb378f8327745f6505dc7a23fbee4aad0488e291f05aeaf1db11d51c15a221f8a73b39e366194b6dd1756aefc37b0900028530ef324299ceb4381cfdd69","ssdeep":"192:+QAPIdfjw3kYmV2Z7NRPtkpjRvv1m3N0+QSB1BZRWgs0:+vBkYmV2Z7NRlkjvvWZDs0","tlshash":"9502af838309380bd9ad54e0478e3cdccf07392f8aa53662eec65f271a9d583021bc67","first_seen":"2025-11-21T12:16:07.317753Z","last_seen":"2025-11-21T12:16:20.823268Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2166,"timings":{"blocked":535,"dns":2,"connect":165,"send":0,"wait":164,"receive":16,"ssl":1275},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/4183327079/O1CN01JYHw3522AEr1R2oo0_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i1/4183327079/O1CN01JYHw3522AEr1R2oo0_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 303855\r\ndate: Sat, 15 Nov 2025 15:14:17 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: a3b55c9e17632196571846124e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache21.l2de3[0,0,200-0,H], ens-cache3.l2de3[1,0], ens-cache17.se2[0,0,200-0,H], ens-cache7.se2[3,0]\r\naccess-control-allow-origin: *\r\nage: 507692\r\nali-swift-global-savetime: 1763219657\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 15 Nov 2025 15:18:55 GMT\r\nx-swift-cachetime: 31535722\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496718019e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":303855,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"8340c74d774ceaeb931fca684cf79735","sha1":"07fbea477d17d6f8c513f12b27cab35c341e7ad7","sha256":"6ccc8df26bed442af9a2210a52b998bb83d49ee7f64dd53662be13ef7686cba3","sha512":"0875701504a8524189d167f0f30487a23c9cde556c82a730422dd47bbee7af587db220876370c19ffb555968519d24056571fe2acda5829f08e51bd388e25ae9","ssdeep":"6144:KZsrqVBjX8RFunu01ZbxUrMMaKzV9Ctk4xTre2zqeo10RkQJr0XJ:KZsrUBDnNNxBMDzWm4xO0qYRkQt4J","tlshash":"0f54234d3babb253932c9306783406eb75093eb54915d5b04ede6a8cf02789f3a98077","first_seen":"2025-11-15T13:02:04.082563Z","last_seen":"2026-02-28T02:39:37.436858Z","times_seen":621,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/4183327079/O1CN01MaOqYl22AEqNqITBG_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i3/4183327079/O1CN01MaOqYl22AEqNqITBG_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 438073\r\ndate: Tue, 07 Oct 2025 11:41:55 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 2ff6029b17598373149433448e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache8.l2de3[0,0,200-0,H], ens-cache12.l2de3[2,0], ens-cache17.se2[0,0,200-0,H], ens-cache7.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 3890034\r\nali-swift-global-savetime: 1759837315\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 31 Oct 2025 16:25:55 GMT\r\nx-swift-cachetime: 29445360\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496858030e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":438073,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"dfa2817f7c20f5a7a417689f6cb87ec8","sha1":"b1c623bbdab4168f1b26cde2b6ac55f03aac5de5","sha256":"0af8fce6222c2595e74cf6072665f1c2f794638d71eb34cd4aaf31a474049b5b","sha512":"3eeece4b93b93ab5d11e62275cc761aea7a362029e93c116180708ed359eb8047a963e569c64f577a2035bbcc53d466ad99cea47e3581fb420574e9ad6b1b9ad","ssdeep":"12288:VC2eSUWqb5pAu+OWYmuSjaYfQ7Ttont6/LRCvCxCj:E23UWqbvDXmY7Ttot6DR1y","tlshash":"509423c7c8fa156117b306d06924781c6a9739c29da89ff14b5aa93c3c13dffbba2054","first_seen":"2025-10-07T02:58:24.043557Z","last_seen":"2026-01-14T02:55:27.750389Z","times_seen":6015,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":2,"connect":21,"send":0,"wait":102,"receive":17,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pg99.img5504422276.com:5658/8888/pg507/pg120.gif","fqdn":"pg99.img5504422276.com","domain":"img5504422276.com","tld":"com"},"ip":{"addr":"156.231.116.59","port":5658,"asn":984,"as":"OWS","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pg99.img5504422276.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 14:45:31 GMT","end":"Wed, 18 Feb 2026 14:45:30 GMT"},"fingerprint":{"sha1":"9C:D6:F6:81:DE:8B:6C:CA:AA:AE:CE:56:5E:89:FE:21:71:68:3B:8C","sha256":"0D:A3:E8:48:07:97:6A:24:5B:DB:5C:FE:F7:C3:02:AE:AF:C6:44:D8:01:48:3B:17:1A:10:9F:4D:DB:EA:6E:9F"}}},"request":{"raw":"GET /8888/pg507/pg120.gif HTTP/1.1\r\nHost: pg99.img5504422276.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/gif\r\ncontent-length: 732135\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 05 May 2025 10:11:05 GMT\r\netag: \"68188eb9-b2be7\"\r\nexpires: Sat, 20 Dec 2025 06:21:03 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":732135,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d812f0151d7042065067e76fe039facc","sha1":"a48f9c692fa3916903db45819d4050f52d747a33","sha256":"849c1d8c67e9a3151b4a14d3b70e23e4abc3649dcac2e397587afedc70dcf25e","sha512":"a082dff74f4a12e121b6f185ba58d228399af7fa6f50df9d8a891c42d01724d7381842985926980c2e35d1f4b352ff7b425000682f6bdbb0038153d9893ff43f","ssdeep":"12288:RzuTwzuTwzuTwzuTFs9yJuVwrVwrVwrVwrV5eGrQSoSoSoSKDu4OVDu4OVDu4OVQ:RuTeuTeuTeuTFw1WrWrWrWrjeGkSoSoV","tlshash":"43f42339d14794a6938b0a7b9f1411a46305de26a7f220398327f987bc46793ffdb80d","first_seen":"2025-11-21T00:36:15.392801Z","last_seen":"2026-04-05T07:51:05.41243Z","times_seen":7878,"resource_available":false,"data":null}},"time_used":5396,"timings":{"blocked":1650,"dns":2,"connect":295,"send":0,"wait":295,"receive":1695,"ssl":1454},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/img/dhbg.png","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:51.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/img/dhbg.png HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/main.css\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 11319\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 08:23:37 GMT\r\nvary: Accept-Encoding\r\netag: \"630f1a89-2c37\"\r\nexpires: Sun, 21 Dec 2025 04:58:43 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 26227\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UcLBozckAfA%2BSGuLwuSVYl5hWN6F1U1bTIiTxKj4EB%2FKygGttD0LxtJAjfXPJtxFVDuf04E%2FTexaUXopCgotkvw35keQopy78IBkiwlbPA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a201d699ad80daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11319,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 984 x 48, 8-bit/color RGB, non-interlaced","md5":"b09d015eec4067d32e4fc0318ad97de6","sha1":"73b65b492d963126b6cefb73f2c1d45ec670cfde","sha256":"bc6ddacd9dec05d123cedcd8c6da6bea3568e6658e6caff219780bfb8f5a0048","sha512":"507b21f5b9b258f19f62f1dc2a6881bdad054075c8820a5faedde49630194399191f9db734af5be93f3116fbe1baca6fdc5fe4a3d7041c28ee336f2676257de6","ssdeep":"192:N0iX6bfyZZoKjP0wbzs+XMBMt5s7GOxTDr19jZLl5hDgUn+zT/TtFS:N0XfyZfjP0wbzbX+Qy7Ndr1/LRDv+P/m","tlshash":"cf32c087e5a1110312d84a03383591b58c1765c6e8d5ea2adc6fce4b3faf0f645f61db","first_seen":"2025-11-21T04:59:19.502645Z","last_seen":"2026-03-16T07:13:28.394481Z","times_seen":44,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.bttimg.com/upload/vod/202309/100818.jpg","fqdn":"img.bttimg.com","domain":"bttimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.807Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /upload/vod/202309/100818.jpg HTTP/1.1\r\nHost: img.bttimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":1516,"timings":{"blocked":293,"dns":3,"connect":24,"send":0,"wait":0,"receive":0,"ssl":1196},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/2217565595682/O1CN01pNjVLu1rqPXl6xLNC_!!2217565595682.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i2/2217565595682/O1CN01pNjVLu1rqPXl6xLNC_!!2217565595682.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 497567\r\ndate: Mon, 20 Oct 2025 12:49:55 GMT\r\nlast-modified: Sat, 18 Oct 2025 08:41:33 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.072\r\ntraceid: 4f85b0a017609645950236107e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache10.l2de3[0,0,200-0,H], ens-cache3.l2de3[3,0], ens-cache7.se2[0,0,200-0,H], ens-cache7.se2[3,0]\r\naccess-control-allow-origin: *\r\nage: 2762754\r\nali-swift-global-savetime: 1760964595\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 21 Oct 2025 14:00:24 GMT\r\nx-swift-cachetime: 31445371\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9b17637273496828026e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":497567,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"5063a7ea4e82cdc8310cfc594dae2711","sha1":"ff30cdaa6026ddfa21e1e6fd0be957a382943cb4","sha256":"5ee35a4683b003114ce0f954d72e0c49f1d0f5f9896427cce367a527a89b9e41","sha512":"75856629ad49e5a29a6085d3077e321d4673e8985a99f64fc264da895be204080081dde0eab81f75910bf23edd8d9239ea9590140bd2b57ba9d33d042c66eb71","ssdeep":"12288:zcmfoSNZJQx8sm514ZuOCDBN1hSoN3XqFUV5tLo7LhmzyZi/4Fhex:7fhzLL4Z4ph/N3XqetL6mci/4Q","tlshash":"deb423f102618c295e6adccb84ae0f5a38713b4f941c96bfde1cfe60241f54f856ac99","first_seen":"2024-06-08T10:06:18Z","last_seen":"2026-03-09T02:58:34.431709Z","times_seen":2445,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":4,"connect":0,"send":0,"wait":85,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.155251105.top/20251118/Lkaz5unX/1.jpg","fqdn":"v.155251105.top","domain":"155251105.top","tld":"top"},"ip":{"addr":"172.66.155.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"v.155251105.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 06 Nov 2025 06:26:38 GMT","end":"Wed, 04 Feb 2026 07:26:36 GMT"},"fingerprint":{"sha1":"41:62:FB:14:4C:4F:A2:66:B7:5F:CD:BC:48:4E:23:A0:40:5A:8D:FF","sha256":"D3:95:2B:4F:35:56:4C:41:D7:B3:B3:65:C3:03:9E:EC:83:CC:8A:F7:F6:20:6A:2C:A6:D6:8A:2E:3A:1A:27:48"}}},"request":{"raw":"GET /20251118/Lkaz5unX/1.jpg HTTP/1.1\r\nHost: v.155251105.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\netag: \"691dc0b3-7\"\r\nexpires: Fri, 19 Dec 2025 20:34:17 GMT\r\nlast-modified: Wed, 19 Nov 2025 20:39:25 GMT\r\nserver: cloudflare\r\nx-cache: HIT, policy, disk\r\nage: 65496\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9a201d6adf6e4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":1605,"timings":{"blocked":460,"dns":1,"connect":1,"send":0,"wait":13,"receive":0,"ssl":1128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"v.155251105.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/static/js/jquery.js","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/static/js/jquery.js HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Aug 2016 14:39:10 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 21 Nov 2025 16:58:41 GMT\r\ncache-control: max-age=43200\r\nage: 17\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cHs f ])\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FrYGp%2B5hPskYL2XRBXk83Wqnz0RkjdPDaYwyzW9161vJoSQ7djjrFnxoY5OkUZTQHFSiw0xUZJGmpzs02aAo2%2FKvYzP5z2hEjC0akOxJ9A%3D%3D\"}]}\r\netag: W/\"57a3538e-169d5\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d5efb370daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-05T08:45:06.752766Z","times_seen":60692,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thjpg10.top/upload/vod/20251116-1/3228de5cd9fd039ca256be52e58001f9.png","fqdn":"thjpg10.top","domain":"thjpg10.top","tld":"top"},"ip":{"addr":"204.188.235.18","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:50.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thjpg10.top","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Thu, 23 Oct 2025 00:00:00 GMT","end":"Sun, 22 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A1:DD:6F:C8:CB:E5:E4:9A:08:29:AE:9D:02:A4:3A:C4:A4:54:50:DF","sha256":"2A:56:36:CC:F2:D8:91:6F:CC:98:1D:43:D0:BC:EC:7E:0D:B7:58:7B:CD:1F:F6:45:BE:B6:F1:44:38:00:C7:47"}}},"request":{"raw":"GET /upload/vod/20251116-1/3228de5cd9fd039ca256be52e58001f9.png HTTP/1.1\r\nHost: thjpg10.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=2592000\r\nContent-Type: image/png\r\nDate: Sat, 15 Nov 2025 17:00:18 GMT\r\nEtag: W/\"6918b028-14838\"\r\nExpires: Mon, 15 Dec 2025 17:00:18 GMT\r\nLast-Modified: Sat, 15 Nov 2025 17:00:18 GMT\r\nServer: nginx\r\nVary: Accept-Encoding\r\nX-Cache: HIT, policy, disk\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84024,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3","md5":"654cacbe13c171ec19f1fd99dc7ed3eb","sha1":"21aacc86ea601c78d18d44aadae63e35e6eb5790","sha256":"474a8c4ecf8d4c45f736ae61594c7e6ad82a6bff7a21826d7aeb07882d06b8cf","sha512":"4df9a1bb8f4300992e6107d736eb56d2e098720ce845d773611da6acf71e88ba0825a5ee3c9aaac4fdb5888114edc052571dc9155eb52189c2d0b54d0772794f","ssdeep":"1536:bii5rXTyelixQNKvGptRh391iTWrDAFwI0yEv7+t/EoR5OkSyf5Ckpw+2Z+wfcsH:b95rjI4BhfSWrDe+G/PXdCg2Z++NloQ","tlshash":"8283121b70ce376071c876a9baf5ba84c60863f19c1180a7544c17aebc73dec23a7c29","first_seen":"2025-11-21T12:16:07.307165Z","last_seen":"2025-11-21T12:16:20.83115Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2273,"timings":{"blocked":475,"dns":1,"connect":114,"send":0,"wait":114,"receive":296,"ssl":1265},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"thjpg10.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/917/960x120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.64","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:53.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /917/960x120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 92163\r\ndate: Fri, 21 Nov 2025 08:33:34 GMT\r\nlast-modified: Fri, 03 Oct 2025 12:50:28 GMT\r\netag: \"37b1f3e69a2d4e550e1fe5a1951beba7\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 bb7e95405d9101d4320e2582fcead450.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: s_G2nZPCYW5Y8coL292O5UMThlB6nrFCPO1cmhMfZ5Ltmdvmcb7T8A==\r\nage: 13340\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":92163,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"37b1f3e69a2d4e550e1fe5a1951beba7","sha1":"2e0a674f56ff5c7884ec3eb7fa0ea67d9d9c4085","sha256":"bec02c8ef535792c69da00b5351103b2a0a03451ac79da928241eb50307fd362","sha512":"6238a4a218395a3841257f7f2de49ea5d85df947631534e6ba049922e1b0e6211b031a72255d9f1fd832ca492188ad292d1333bef1446dab9bc1d3cffd5ab3b0","ssdeep":"1536:Swv7rTVrSZ10U8ws5jHGZ7hhVnTlyI9ttLbTk2JQJLyVoo9QmgJ+w5eH1VM6era/:5RzUvcjm1DnVt1bY2eTtmVM18GfM","tlshash":"529312a2431cf985b552577798c434a30c654ca13ba787b2de2883e5b14b393877cbde","first_seen":"2025-10-26T10:02:49.711434Z","last_seen":"2026-01-23T12:41:44.570569Z","times_seen":4871,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":95,"dns":115,"connect":8,"send":0,"wait":14,"receive":9,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.what.qpon/2025/11/20251112-%E5%8A%A0%E6%8B%BF%E5%A4%A7PC28-3.gif","fqdn":"image.what.qpon","domain":"what.qpon","tld":"qpon"},"ip":{"addr":"172.67.222.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"what.qpon","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 05:28:38 GMT","end":"Fri, 13 Feb 2026 06:21:13 GMT"},"fingerprint":{"sha1":"86:6A:3B:91:4E:B6:B2:9A:A4:FC:59:C9:4E:A1:E0:28:6F:64:C3:79","sha256":"B1:6B:DF:7C:76:81:BB:4A:EA:33:2D:17:EE:30:EF:B0:3A:3F:7E:C6:91:ED:CA:CD:F2:2B:4D:A7:3C:02:37:C9"}}},"request":{"raw":"GET /2025/11/20251112-%E5%8A%A0%E6%8B%BF%E5%A4%A7PC28-3.gif HTTP/1.1\r\nHost: image.what.qpon\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1738835\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 03:41:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"691e8ddc-1a8853\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 4820\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HKgFNFIzbZB0RoT5PMkZSMtbm2Cz6ChTuW%2BBi7Kh7vf2KdKVkBBhB9pGT%2FSguSS4wODrGAmpRpHY91MCEPQqUGzqbqypHy5mnkzU%2FTw%3D\"}]}\r\ncf-ray: 9a201d60f86e56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1738835,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"1bc283cadd6781138b4981b1bca016ea","sha1":"e03e69c158f0a2dd659c7261a183f79cd3cd8223","sha256":"fb283621013fb9eb36b2e26636b30936908e9cc112c99b9f6055f02d9d54298d","sha512":"b317e5fc9059187adb50c77de6014ca3e71d2f622a3ce3152bb5ae48cb02ce65bd7e983015be848df860868f6dfaa0cb87a3eacacda688dbb69ccff3e374d44b","ssdeep":"24576:T5upXmPFTRwHyhQHDqnhu3Pg3kqSXp0lJkYO7cVaTNeiu9rU2EsItr:NuO8yYKk/EO7cuNKrU2fIh","tlshash":"8925336a50cb2a3f2675be1e25d93960ff43ad2b64c7cf7e93910a0b15e042fe0815d9","first_seen":"2025-11-17T09:17:24.908024Z","last_seen":"2025-11-23T03:14:13.701287Z","times_seen":379,"resource_available":false,"data":null}},"time_used":1473,"timings":{"blocked":94,"dns":17,"connect":11,"send":0,"wait":19,"receive":1283,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.askcdn1.com/20230913/9J1xavrN/1.jpg","fqdn":"img1.askcdn1.com","domain":"askcdn1.com","tld":"com"},"ip":{"addr":"64.112.76.23","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.askcdn1.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 18 Sep 2025 12:46:31 GMT","end":"Fri, 18 Sep 2026 12:46:30 GMT"},"fingerprint":{"sha1":"BD:7D:6A:03:3D:C5:45:48:1B:AB:49:C2:FF:47:27:77:74:AC:E0:25","sha256":"96:26:5A:D7:99:B1:02:C9:F0:A6:C9:F2:59:E4:E4:93:D6:78:CE:B3:79:0D:E2:AD:37:3D:36:12:0A:56:04:55"}}},"request":{"raw":"GET /20230913/9J1xavrN/1.jpg HTTP/1.1\r\nHost: img1.askcdn1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 21 Nov 2025 12:15:51 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 10748\r\nConnection: keep-alive\r\nLast-Modified: Thu, 14 Sep 2023 07:27:43 GMT\r\nETag: \"6502b5ef-29fc\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10748,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 399x225, components 3","md5":"d144c2ebe7bc7dd67e2d6761e78d86b5","sha1":"36e75b5ce2f7d73d1257824c7ab2dd66a7997f67","sha256":"7bdaf734317bf9894370a3d201eadec937c6f7538b80868cb99dbf013f298c0c","sha512":"38993876585e8b2a192d90fa4c1a1d8aab8451b846fc77d0a878549b4906c643ac20cb306a9c251a7f13323a6b464b36b11b46fcbe35bf8331bbf065e893b6f2","ssdeep":"192:GQnSw9cyveMJijzD63HQMvL48uNU7E8X7RZYEl2pPKfDUMKRWx4FUGQBWx1Nn3ZY:GiSwXveMJuHWCUFXME5fuWKm","tlshash":"bd22bfdaa6860d60c337b1f94d147669638eae0bb989ff384d807e955c90cf871cd25c","first_seen":"2023-12-14T14:50:51Z","last_seen":"2026-02-01T09:25:35.353462Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2157,"timings":{"blocked":305,"dns":2,"connect":144,"send":0,"wait":167,"receive":0,"ssl":1539},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/yongli03/960x120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.64","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:53.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /yongli03/960x120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 702586\r\ndate: Thu, 20 Nov 2025 03:38:31 GMT\r\nlast-modified: Mon, 26 May 2025 09:07:35 GMT\r\netag: \"5a29c8c97486d7c2691ad4b33bbde8c6\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 bb7e95405d9101d4320e2582fcead450.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: nqseUj5-sOf2cjgOH0EBzyXi_fK-lWMPhblD1iNILfKrtBuwgYe3QQ==\r\nage: 117443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":702586,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"5a29c8c97486d7c2691ad4b33bbde8c6","sha1":"190f9b58794ae2142f6e25456b900c6d907a5f0e","sha256":"718f4bdfa0dd165935167e77d20954ffb23f4e5b9d216da512b0c644f22e5645","sha512":"89d722e9103b8fed010aecce1b477e34172b76d2ebdf807b49340a533335b286b32887c3fdea3cd252728900b8c4f522c669e49d152c82b647f5f1fae2d043e5","ssdeep":"12288:a+vIMM+zEuYZEuYZEuYZEuYZEuYBgZurgWurgWurgWurgWuR:VIMM+z6Z6Z6Z6Z6BgZugWugWugWugW2","tlshash":"41e4127c1f37a212ba8f15c434faeed860f4833456d0c7db2ba799a55d22cb1e045da2","first_seen":"2025-05-30T08:48:58.346726Z","last_seen":"2026-01-22T02:39:00.436754Z","times_seen":2894,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":118,"dns":125,"connect":16,"send":0,"wait":20,"receive":31,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/footer.css","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/css/footer.css HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 08:23:37 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 21 Nov 2025 16:58:41 GMT\r\ncache-control: max-age=43200\r\nage: 26228\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QzrJ0lURQ3fRd7TA3p%2Bd5sZvBzK8ej6z9%2Fo6MpVi9%2FChSIdrv6%2BqOxdNnH%2BMEKd6wjzBTWF7roa7jmoQf3KHg7b7CsInSfD6z40HioELyg%3D%3D\"}]}\r\netag: W/\"630f1a89-16d8\"\r\ncontent-encoding: br\r\ncf-ray: 9a201d5efb2f0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5848,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (543), with CRLF line terminators","md5":"c7c73be1108ed67d663e35a2eec75064","sha1":"422e65ccb93fc606d0e0d605a43645953089b261","sha256":"54840a47956eba3374107ab3039f5bb43dc0f09bd7a11abc51943a7192b8cdaa","sha512":"cdb9613ee748a55ddd24b2adc2e977dd20d7e67dad4bc0a98a6e98f78c9d9882c2986eb95af32e28bdf2f16f275761ec89a9d27d08251ceaef4e4dbc1f5d8445","ssdeep":"96:yyObFsuK91zdLosUvmn5xmnDbn91bN2yUJve5qp2KZ:qsFLPUIk4Xp2KZ","tlshash":"f4c131a7f6294029a027d759f063d5cf1d3a8a37d11acab37abc2f10f64b91b2560708","first_seen":"2025-11-21T04:59:19.504518Z","last_seen":"2026-03-16T07:13:28.41156Z","times_seen":45,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/846-960x60.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"47.242.20.187","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /846-960x60.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221348,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":2256,"timings":{"blocked":-1,"dns":3,"connect":268,"send":0,"wait":427,"receive":0,"ssl":1557},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20251119/TrUgWWG7/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20251119/TrUgWWG7/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46134\r\nlast-modified: Thu, 20 Nov 2025 02:11:47 GMT\r\netag: \"691e78e3-b436\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46134,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", progressive, precision 8, 718x404, components 3","md5":"c9c7c0045fd729b1ccb9ae9564c4af76","sha1":"6c812e4e92d7f446e30c46591505c35243a479bc","sha256":"7d9ad9a9f0844b60891f1e55b1149a77f7d96db18d709a24593321c39dc054a2","sha512":"3610f86ac05949e09cee75618174d4c624c3f9e031b3ae0a66b7a4c582ed7e3ea772114d64759dc9b55283a9606499d2e8f7b06d80a8fbcc06358c6668ef75f3","ssdeep":"768:tRz/4tY3yWYkH9kvo27sXApamjxR09x6W2KXry6enwL0OJE6JsqHcha61+H2hlHG:TzhCFu6qvmFR09x/jXr5LtJLJssAa6Dq","tlshash":"6723f2127926d314fb676137479d2916349a07cda72e5f0e16f314ea1d3caf2078a2ce","first_seen":"2025-11-21T00:49:05.912487Z","last_seen":"2025-12-04T07:26:56.060449Z","times_seen":26,"resource_available":false,"data":null}},"time_used":2136,"timings":{"blocked":355,"dns":4,"connect":144,"send":0,"wait":331,"receive":28,"ssl":1271},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuaskbgnekr.com/20251118/KNonT00N/1.jpg","fqdn":"tuaskbgnekr.com","domain":"tuaskbgnekr.com","tld":"com"},"ip":{"addr":"208.64.217.32","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:49.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bfaskbwerve.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Wed, 12 Mar 2025 23:24:33 GMT","end":"Sat, 11 Apr 2026 23:24:32 GMT"},"fingerprint":{"sha1":"17:BE:B5:B6:72:C2:AD:F5:0C:31:68:24:C8:2B:3D:2F:EB:BD:D8:B6","sha256":"6F:0D:C1:02:24:41:CF:D5:BA:7D:A5:37:F1:D3:5A:7C:E7:91:AA:D0:DC:58:29:DB:35:FE:0A:AA:41:37:FA:74"}}},"request":{"raw":"GET /20251118/KNonT00N/1.jpg HTTP/1.1\r\nHost: tuaskbgnekr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 107315\r\nlast-modified: Wed, 19 Nov 2025 03:45:44 GMT\r\netag: \"691d3d68-1a333\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107315,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 750x421, components 3","md5":"2494a6e883ded341ac9a712e10e26c38","sha1":"ad74c1557522fa158a3778dfb34fcf5638ec55a3","sha256":"23b1ce30ffd754b1d168d41756ecbe871d1d06373f453078b5426687af3c5465","sha512":"7df3617fee28907291cb0954c4b0ecb3eb48a24774e2bdf6f64293d3b10365221ebc0037a280307b77bfc61f5027665346159ec33530bdc2bcc5e159cb373c3f","ssdeep":"1536:U97WgvDSH3v5ATX7TLi1qpDFCtLxJcc72Qo4oCt8NLM8vkhjY4N5Zz:W7WHGX3LlpZQLxqZS8m8veNN5Zz","tlshash":"eea3124a9737f5fac11dc5338aa683c6ff3b56e5c81b1976a74c3262503624780e63e2","first_seen":"2025-11-19T10:10:05.577592Z","last_seen":"2026-02-01T09:33:16.833106Z","times_seen":45,"resource_available":false,"data":null}},"time_used":2366,"timings":{"blocked":392,"dns":0,"connect":145,"send":0,"wait":434,"receive":22,"ssl":1371},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/img/topline_02.png","fqdn":"hpxjxc.xsn5.fit","domain":"xsn5.fit","tld":"fit"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:51.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xsn5.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:43:39 GMT","end":"Thu, 05 Feb 2026 09:42:02 GMT"},"fingerprint":{"sha1":"5C:4A:1E:7C:5A:09:F2:78:9F:E7:7B:87:CD:43:73:2B:BD:CB:D9:54","sha256":"5A:A6:2D:8F:F7:17:CC:5F:36:39:AD:00:56:A4:79:60:CD:28:C8:E3:64:C8:8E:01:F5:60:A0:B0:0E:4E:EC:A3"}}},"request":{"raw":"GET /cn/home/web/template/076vip17_wtpl/img/topline_02.png HTTP/1.1\r\nHost: hpxjxc.xsn5.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/cn/home/web/template/076vip17_wtpl/css/main.css\r\nCookie: PHPSESSID=1acf5te8ffg4p9dgajesqa9vm3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 21 Nov 2025 12:15:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 1055\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 08:23:37 GMT\r\netag: \"630f1a89-41f\"\r\nexpires: Sun, 21 Dec 2025 04:58:43 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 26227\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSfW])\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q5VAW9B8BuIgvzBHUlos0gk1NnVm8vm%2FncMJ8NOGQ4ujn0re8ja1tz3RvGxarE0Gfv%2FGwd0b%2FsuZc0VbkDcchuANWxeJvSRo0ko%2FUy%2Btyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a201d699ad10daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1055,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5 x 48, 8-bit/color RGB, non-interlaced","md5":"5115a1291171e537566c902723635592","sha1":"e378e048bf8397dac4fde3b29b731f2ee5e876cb","sha256":"2736f8057845ea8cbd11f817a6688f1d2890611929d79b1555e3d3f6483e4ac5","sha512":"b2255b2c028cc09ae09222c9f02c58971ba6043ef87cb4870eccf377b84266571eeb11a804ab5b12b0de5eeb4cf63ee116cf722188a664bdb18b91075359ae46","ssdeep":"","tlshash":"1d11a54ef5103582d099db9238f7502b886788d2eae0f46af4cfcc131d300fa646a6c7","first_seen":"2025-11-21T04:59:19.490419Z","last_seen":"2026-03-16T07:13:28.424971Z","times_seen":44,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/jinsha/960x120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.64","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hpxjxc.xsn5.fit/s/%E5%B0%8F%E5%AD%A6%E7%94%9F.html","date":"2025-11-21T12:15:53.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /jinsha/960x120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hpxjxc.xsn5.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 634737\r\ndate: Thu, 20 Nov 2025 03:38:31 GMT\r\nlast-modified: Sat, 14 Jun 2025 04:26:14 GMT\r\netag: \"cbc565e650dc99f15151590dc8f46ee6\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 bb7e95405d9101d4320e2582fcead450.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: LJQFHO0jm75nnO90rAYc9EFYXry2iwEwJy7vAecBXz5ZNC0lDWn6ew==\r\nage: 117443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":634737,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"cbc565e650dc99f15151590dc8f46ee6","sha1":"1b3f0cae0aa8f540dd39961862f3c975a79c88b7","sha256":"9367e7aca75baf774c5e6bb9c08c890f9eef1c6dc9fddb8e202d8c7472dc92e1","sha512":"61c3c56d388762beb5cf8676b7a1782661e78452fe3a1316d3acb8a95b0992afd05a7207d7f745562e7e376aa906c201dd2ab82f5bc109a11d174dbb66be0037","ssdeep":"12288:yvCJqCNrEWTVkaMWsyp7nmfa+lUdQOSUJfHhxKplh/gn2:vJqCNrRvrsyUfDlOSQ/25i2","tlshash":"00d4230ccd0ecba8f6456de40b6637c69bbbf82c1821de605d758c3760d2da2a8395d7","first_seen":"2025-06-20T10:21:26.726853Z","last_seen":"2026-01-11T09:31:39.401773Z","times_seen":1483,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":54,"dns":113,"connect":1,"send":0,"wait":4,"receive":35,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}