www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
200 OK 785 B URL User Request GET HTTP/1.1 www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
IP
ASN #132839 POWER LINE DATACENTER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash dbd69e3556666115e8247fd4778a4b05
5c38728eb9c43f377a481a3da8303c9a577fd428
fb268f8ae23446391c669771e0159233f0bb5180fc6696bc1977236fd905f1e3
GET /sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error= HTTP/1.1
Host: www.invitroideas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 19:37:01 GMT
Content-Length: 785
Content-Type: text/html
Server: nginx
www.invitroideas.com/common.js
200 OK 2.7 kB URL GET HTTP/1.1 www.invitroideas.com/common.js
IP
ASN #132839 POWER LINE DATACENTER
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
File type HTML document, ASCII text, with very long lines (523), with CRLF line terminators
Hash b8c05d5345b5e249031b396e1f19834a
9458a180247ff6fd050103d8b8d8b573c27b1671
58fb39b31dd129d20dc6ce8a050d0921169ecb7673ccfdff4f097159f15f4289
GET /common.js HTTP/1.1
Host: www.invitroideas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 19:37:01 GMT
Content-Length: 2724
Content-Type: application/x-javascript
Server: nginx
www.invitroideas.com/tj.js
200 OK 520 B URL GET HTTP/1.1 www.invitroideas.com/tj.js
IP
ASN #132839 POWER LINE DATACENTER
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
File type ASCII text, with CRLF line terminators
Hash faacaac6cbfd8405bf4a48d8e865e0be
d9c2c83178ad1d37c78d8c97d2a4b96c5a115463
01284e301318ac889ec533d662b96a9ef5dbc6e3c5ccfbd584f82b91030b159a
GET /tj.js HTTP/1.1
Host: www.invitroideas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 19:37:01 GMT
Content-Length: 520
Content-Type: application/x-javascript
Server: nginx
www.invitroideas.com/favicon.ico
200 OK 785 B URL GET HTTP/1.1 www.invitroideas.com/favicon.ico
IP
ASN #132839 POWER LINE DATACENTER
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash dbd69e3556666115e8247fd4778a4b05
5c38728eb9c43f377a481a3da8303c9a577fd428
fb268f8ae23446391c669771e0159233f0bb5180fc6696bc1977236fd905f1e3
GET /favicon.ico HTTP/1.1
Host: www.invitroideas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 19:37:02 GMT
Content-Length: 785
Content-Type: text/html
Server: nginx
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 01 Nov 2023 19:37:30 GMT
Etag: "4078521116"
Expires: Thu, 31 Oct 2024 19:37:30 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=484D86030A97575278266DCE460D26A4:FG=1; max-age=31536000; expires=Thu, 31-Oct-24 19:37:30 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 01 Nov 2023 19:37:30 GMT
Etag: "4078521116"
Expires: Thu, 31 Oct 2024 19:37:30 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=A0A488484F80C4BE094035153F4BE068:FG=1; max-age=31536000; expires=Thu, 31-Oct-24 19:37:30 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.js?de31635d20c7392abf8fe362bd7bce21
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?de31635d20c7392abf8fe362bd7bce21
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (615)
Hash 8006023fe72017f323b77a6776dee99e
4b24e6bdee949228a6a3a198e7cd85f560b97634
e0951daed52a0ac036262a993090321a36b682194fc9b4406246a131f537350e
GET /hm.js?de31635d20c7392abf8fe362bd7bce21 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Wed, 01 Nov 2023 19:37:30 GMT
Etag: 14966c17984727c8ef678e085ef02912
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4404B58D6B3CF35B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
element.window-locationprotocol.top/template/m1938pc/images/1.gif
200 OK 254 B URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/images/1.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: image/gif
content-length: 254
last-modified: Thu, 10 Aug 2023 11:58:21 GMT
etag: "64d4d0dd-fe"
expires: Fri, 01 Dec 2023 19:37:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?85d16f6ae233c1243b732e5de7819d37
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?85d16f6ae233c1243b732e5de7819d37
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (615)
Hash 1795077d3e51ee155fb29b9e5244a079
6452e3505a5ece6cc38b75131114ce5570a7acb3
2a3dd0d10977d2b0107527c06b6ec08ac2b755806a41fdcddcf939ac3f00248d
GET /hm.js?85d16f6ae233c1243b732e5de7819d37 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Wed, 01 Nov 2023 19:37:31 GMT
Etag: f8bcbf67db6d84457b3dd619e005869c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=29B3F671FC17B4A7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=618477441&si=de31635d20c7392abf8fe362bd7bce21&v=1.3.0&lv=1&sn=3647&r=0&ww=1280&u=http%3A%2F%2Fwww.invitroideas.com%2Fsb%2FZS%2F809e53a0481c09f791d3965296f0d69d%2Ftzqdipyrp9v2kcdkz5nppd6x.php%3F04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68%26AP___%3D%26error%3D&tt=%E5%AE%81%E5%A4%8F%E6%8E%92%E5%8E%A9%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=618477441&si=de31635d20c7392abf8fe362bd7bce21&v=1.3.0&lv=1&sn=3647&r=0&ww=1280&u=http%3A%2F%2Fwww.invitroideas.com%2Fsb%2FZS%2F809e53a0481c09f791d3965296f0d69d%2Ftzqdipyrp9v2kcdkz5nppd6x.php%3F04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68%26AP___%3D%26error%3D&tt=%E5%AE%81%E5%A4%8F%E6%8E%92%E5%8E%A9%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=618477441&si=de31635d20c7392abf8fe362bd7bce21&v=1.3.0&lv=1&sn=3647&r=0&ww=1280&u=http%3A%2F%2Fwww.invitroideas.com%2Fsb%2FZS%2F809e53a0481c09f791d3965296f0d69d%2Ftzqdipyrp9v2kcdkz5nppd6x.php%3F04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68%26AP___%3D%26error%3D&tt=%E5%AE%81%E5%A4%8F%E6%8E%92%E5%8E%A9%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 01 Nov 2023 19:37:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BE1A477B85E82857; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
element.window-locationprotocol.top/template/m1938pc/ads/bctp.js
200 OK 2.1 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/bctp.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash c0ef2b1e94cc2affd31897179e9aea58
c4dd950a409b731b8151340d73bafa9c6b22a80e
0677f0d491f030d2dbab6415899ae723f3f4edfb33e486399e97f34b14dfa324
GET /template/m1938pc/ads/bctp.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 11:35:26 GMT
vary: Accept-Encoding
etag: W/"653cf1fe-8d6"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error= HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 01 Nov 2023 19:37:32 GMT
element.window-locationprotocol.top/template/m1938pc/ads/qq3.js
200 OK 121 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/qq3.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 121 kB (120757 bytes)
Hash 166b17c2a4beaf042532f8e67c7cefb0
1bb68be9472a8e8944180cf77501e728ddc82822
5b97fe13de83626539902d23b0d633ea3c4fdca9a54300c9df978f8910526a56
GET /template/m1938pc/ads/qq3.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Thu, 26 Oct 2023 06:33:48 GMT
vary: Accept-Encoding
etag: W/"653a084c-1348"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/images/c4.gif
200 OK 167 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/images/c4.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 167 kB (166846 bytes)
Hash 58604eacad44a18128696f2c02dea1b4
fc36a0c5e55ec1048b893db15df991986bf6a275
ee8c7326169da2070605255f2b5ceb1b88657d74d1103f00ed9fbc72cae21119
GET /template/m1938pc/images/c4.gif HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/gif
content-length: 166846
last-modified: Thu, 10 Aug 2023 12:24:04 GMT
etag: "64d4d6e4-28bbe"
expires: Fri, 01 Dec 2023 19:37:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/css/zui.css
200 OK 31 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/css/zui.css
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash d610076161b78f798baaa6666e08c21e
24837b7d1e2ae958f526fbd43de7e942b4dc69f6
e9f643cf85c5f52e24c1c639da1fd7702228b545cf155d3079fafb05162c6d3d
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: text/css
last-modified: Sat, 16 Sep 2023 13:41:03 GMT
vary: Accept-Encoding
etag: W/"6505b06f-1bf31"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=287259505&si=85d16f6ae233c1243b732e5de7819d37&v=1.3.0&lv=1&sn=3648&r=0&ww=1280&u=http%3A%2F%2Fwww.invitroideas.com%2Fsb%2FZS%2F809e53a0481c09f791d3965296f0d69d%2Ftzqdipyrp9v2kcdkz5nppd6x.php%3F04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68%26AP___%3D%26error%3D&tt=%E5%AE%81%E5%A4%8F%E6%8E%92%E5%8E%A9%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=287259505&si=85d16f6ae233c1243b732e5de7819d37&v=1.3.0&lv=1&sn=3648&r=0&ww=1280&u=http%3A%2F%2Fwww.invitroideas.com%2Fsb%2FZS%2F809e53a0481c09f791d3965296f0d69d%2Ftzqdipyrp9v2kcdkz5nppd6x.php%3F04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68%26AP___%3D%26error%3D&tt=%E5%AE%81%E5%A4%8F%E6%8E%92%E5%8E%A9%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=287259505&si=85d16f6ae233c1243b732e5de7819d37&v=1.3.0&lv=1&sn=3648&r=0&ww=1280&u=http%3A%2F%2Fwww.invitroideas.com%2Fsb%2FZS%2F809e53a0481c09f791d3965296f0d69d%2Ftzqdipyrp9v2kcdkz5nppd6x.php%3F04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68%26AP___%3D%26error%3D&tt=%E5%AE%81%E5%A4%8F%E6%8E%92%E5%8E%A9%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 01 Nov 2023 19:37:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=70BC0BE009246B2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.trust-provider.cn/
599 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 0e3e5c385795afb5d95ea9aef6def598
c11c4e92919a48c2a6b2072787908d4772973fbb
c2c70ad2abfb12fdc3e565c49cfc1b0db13adc5741a04d8ecd044154da0d214f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:32 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: MISS
CF-RAY: 81ef9e1549be7cf2-LAX
ETag: "c11c4e92919a48c2a6b2072787908d4772973fbb"
Expires: Tue, 07 Nov 2023 22:41:14 GMT
Last-Modified: Tue, 31 Oct 2023 22:41:15 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb2
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PSsxtyyd2os43:13 (Cdn Cache Server V2.0), 1.1 PS-PEK-01ylP25:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fc_PS-PEK-01GFt24_1086-44029
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 16988674526464f9671c7ea08f8c8f04f53bc067df
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=5, edge;dur=0
img.hgimg01.com/upload/vod/20231101-1/3b4d9dd5ed35097074946332544abfef.jpg
200 OK 86 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/3b4d9dd5ed35097074946332544abfef.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash d133b1c825ef2afe347ef0aea90cce92
321ed43d96cf67e69a13c4fc6c10c97fbc186609
56b91103b6e00aff553ae56cdb0d2d386a720bcd7fe07f28593dc9b3bedba1ea
GET /upload/vod/20231101-1/3b4d9dd5ed35097074946332544abfef.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 86070
last-modified: Wed, 01 Nov 2023 08:22:45 GMT
etag: "65420ad5-15036"
expires: Fri, 01 Dec 2023 08:22:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/7ce725f1e0305245abb9cda3c9b87032.jpg
200 OK 36 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/7ce725f1e0305245abb9cda3c9b87032.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 3ee9855a35c432a4dba8d016cfbf45de
133b0dcb8f68dec4651ce2c4d950be17f99a70a2
8046c9c48113e7e20c8a32c3b39aed847ce1af3968ae6469bee6c5175d988b6f
GET /upload/vod/20231031-1/7ce725f1e0305245abb9cda3c9b87032.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 35496
last-modified: Tue, 31 Oct 2023 05:33:13 GMT
etag: "65409199-8aa8"
expires: Thu, 30 Nov 2023 05:33:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/73cddd1e7516435bdbbf07ba76c21a6f.jpg
200 OK 64 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/73cddd1e7516435bdbbf07ba76c21a6f.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash f773635a503557e23f8b79c8b8239974
97c3b7c5c0029410296a4845a0de1d5ad05a4091
59d44ef129f4440e823a68fedf1ef8df86a12ae712f70b6d6dfaf6c0f4d9d432
GET /upload/vod/20231031-1/73cddd1e7516435bdbbf07ba76c21a6f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 63804
last-modified: Tue, 31 Oct 2023 05:33:13 GMT
etag: "65409199-f93c"
expires: Thu, 30 Nov 2023 05:33:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/df635c4e92c0c29c5f9de73ece74db5d.jpg
200 OK 62 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/df635c4e92c0c29c5f9de73ece74db5d.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash ef856efe3b04426352e6c31a9fca2f25
d9ab494f935df0444cdcaadfda030056764e4b9a
188fbacd65bc157e610ca6336c82cb727bef2de297093565159cf3b4b2278b06
GET /upload/vod/20231031-1/df635c4e92c0c29c5f9de73ece74db5d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 62240
last-modified: Tue, 31 Oct 2023 05:33:11 GMT
etag: "65409197-f320"
expires: Thu, 30 Nov 2023 05:33:26 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/5ccb916c873eac9f015143bc1c1553b3.jpg
200 OK 53 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/5ccb916c873eac9f015143bc1c1553b3.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 340a3d74987aaae0ebddc3e4754fe035
40047f0c16aaea5ddb25c6bb8e6c9aec650d69f5
ea52e522d9d40c3b88780f68001d4ccf26cbbe7d02dfbac21c3c7a071f56a400
GET /upload/vod/20231101-1/5ccb916c873eac9f015143bc1c1553b3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 53189
last-modified: Wed, 01 Nov 2023 08:23:06 GMT
etag: "65420aea-cfc5"
expires: Fri, 01 Dec 2023 08:23:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/ac891f983c9996baccf624181a80ca3a.jpg
200 OK 54 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/ac891f983c9996baccf624181a80ca3a.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash aee42168192a325db33f0e63204f1122
2e7b90f5f68d8b543524c1f12974af5c4ee6c389
ce053b405755270e12d294896a93cf432295f92e02cc4b2dacef57bf910e5c64
GET /upload/vod/20231026-1/ac891f983c9996baccf624181a80ca3a.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 54297
last-modified: Thu, 26 Oct 2023 05:50:19 GMT
etag: "6539fe1b-d419"
expires: Sat, 25 Nov 2023 05:53:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/f1fb190f522845f1097b241059278585.jpg
200 OK 48 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/f1fb190f522845f1097b241059278585.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash af0bae1bc18912a89d7f5564d868424c
e32573c9f9de106041ac1e29343535d06f6230fe
75ccd52e469110a04be3ae03130de2ab66fced8316206186effb0630d94939b5
GET /upload/vod/20231026-1/f1fb190f522845f1097b241059278585.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 48063
last-modified: Thu, 26 Oct 2023 05:50:18 GMT
etag: "6539fe1a-bbbf"
expires: Sat, 25 Nov 2023 05:53:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/2171a3819be393cd3d88a140aa54747d.jpg
200 OK 63 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/2171a3819be393cd3d88a140aa54747d.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 27e709bdb2ac1879bfa3a2151a2cf50e
aaf72ac6b3eb8854312ff8cba041dae9102e7600
bca01ffc99634e590ee2b0b3e7b2cf59c824802bf5a03ae1d402894b05bb7dd6
GET /upload/vod/20231026-1/2171a3819be393cd3d88a140aa54747d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 62985
last-modified: Thu, 26 Oct 2023 05:50:17 GMT
etag: "6539fe19-f609"
expires: Sat, 25 Nov 2023 05:53:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/b8f2ea717e363ccdc85a399e150d62b1.jpg
200 OK 46 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/b8f2ea717e363ccdc85a399e150d62b1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 8a4b7b6db640997b9bb6ab95a0ec8878
5c5bd1869ac2377c10a6143939fa134c2c264070
1dc1386656d26b15a8247288465485e61528b9b8e806b9ba980ec0a614ae3bc1
GET /upload/vod/20231026-1/b8f2ea717e363ccdc85a399e150d62b1.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 45765
last-modified: Thu, 26 Oct 2023 05:50:16 GMT
etag: "6539fe18-b2c5"
expires: Sat, 25 Nov 2023 05:53:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231025-1/82cc45aaed053d4fa2a29e10800f020e.jpg
200 OK 55 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231025-1/82cc45aaed053d4fa2a29e10800f020e.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 52c661a143fb1d8a9982071a5cf64ed1
77c844413d357db6f75d18e8b98f22b9d16653ec
07498e7ac2fe6f408c77847f59533a0e29bd8d65a00467e545448ad6647cad57
GET /upload/vod/20231025-1/82cc45aaed053d4fa2a29e10800f020e.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 54956
last-modified: Wed, 25 Oct 2023 12:42:32 GMT
etag: "65390d38-d6ac"
expires: Fri, 24 Nov 2023 12:42:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231025-1/54ff84ddb0c04c8244426b460b51fb69.jpg
200 OK 64 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231025-1/54ff84ddb0c04c8244426b460b51fb69.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash a22873ccfa047ffed391f4306223a78b
86af4a0b218266deb891bc22b759a30ca8948b10
9c4b9bb86eaa8d09fc5f8c70c6f1c9cdd4aff6860ca0144263525492a541a1ec
GET /upload/vod/20231025-1/54ff84ddb0c04c8244426b460b51fb69.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 63633
last-modified: Wed, 25 Oct 2023 12:42:32 GMT
etag: "65390d38-f891"
expires: Fri, 24 Nov 2023 12:42:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231025-1/9bd2a7281d5c6df2b57aaf8eb8e2d7d7.jpg
200 OK 62 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231025-1/9bd2a7281d5c6df2b57aaf8eb8e2d7d7.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 1e81b7365bd73eb9f3ae288bbb7ea8ef
cfa43d92bdf263a02111dc6cb8456de382a2490d
c2e5274e82236888b8edd01bd8d3391b38dfacc80915cffd3c40109016d32a2e
GET /upload/vod/20231025-1/9bd2a7281d5c6df2b57aaf8eb8e2d7d7.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 61653
last-modified: Wed, 25 Oct 2023 12:42:30 GMT
etag: "65390d36-f0d5"
expires: Fri, 24 Nov 2023 12:42:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231025-1/173cced6877a4e38de561b0ee3a29312.jpg
200 OK 55 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231025-1/173cced6877a4e38de561b0ee3a29312.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 422a10c797813697d6684faeed713184
ff7fb23bae375b8a76fe5b6cd2ac2890830c2cc3
3523a52bcbb34bb9223127b42745e22e485b789ee1b51413754ac17bfb9b37c2
GET /upload/vod/20231025-1/173cced6877a4e38de561b0ee3a29312.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 54782
last-modified: Wed, 25 Oct 2023 12:42:31 GMT
etag: "65390d37-d5fe"
expires: Fri, 24 Nov 2023 12:45:49 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/54e38dd12614068b0308ca64a89beb77.jpg
200 OK 48 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/54e38dd12614068b0308ca64a89beb77.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 36cb2d4d3a4d7ad29fd86f0ae6717a30
8bbf86212c52212d5c93e62d1a09b04e8d6bbf53
536cf165835823a36687db03e037b3008c12414464a26e9203bb0f8c6dca7bae
GET /upload/vod/20231031-1/54e38dd12614068b0308ca64a89beb77.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 47591
last-modified: Tue, 31 Oct 2023 05:33:21 GMT
etag: "654091a1-b9e7"
expires: Thu, 30 Nov 2023 05:34:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/2c67363853a9fbc39fb1ee66503d6625.jpg
200 OK 57 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/2c67363853a9fbc39fb1ee66503d6625.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash b58ffd066e2b4fe013b07a88b70b6060
c1c0b6ba6acafab0ae7af3f88da02afe93f38316
176c9664e223d59a2896bc1d9473f66590d009e1daedbaaba2a4ce7a9503d3ec
GET /upload/vod/20231031-1/2c67363853a9fbc39fb1ee66503d6625.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 57186
last-modified: Tue, 31 Oct 2023 05:33:22 GMT
etag: "654091a2-df62"
expires: Thu, 30 Nov 2023 05:33:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/402d3b9ad99f454dc0d0cf792fb40a7b.jpg
200 OK 41 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/402d3b9ad99f454dc0d0cf792fb40a7b.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash e6e82a1fb5f0339234715dbc72c8941b
953a3a7f4e794c4e2a7606ef3dd85876dbd67f83
0d418806e13cb299ab3eeeff47f2e967f299dd514ae46a2eb9af717e4cac4bed
GET /upload/vod/20231031-1/402d3b9ad99f454dc0d0cf792fb40a7b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 41282
last-modified: Tue, 31 Oct 2023 05:33:24 GMT
etag: "654091a4-a142"
expires: Thu, 30 Nov 2023 05:33:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/2f4ddaf98d6b78adfe63aacdce6cc53f.jpg
200 OK 9.8 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/2f4ddaf98d6b78adfe63aacdce6cc53f.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 29029x-26674, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 78dc7c9d1d6a6446004fbef1664f1b4f
483b596d8f5523bf9234ead46c47df3004db0d46
3c03cb171fb1b2cc2270c78ec1c447de9f05c1372fc10ba55f63e5098b2e6925
GET /upload/vod/20231101-1/2f4ddaf98d6b78adfe63aacdce6cc53f.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 9830
last-modified: Wed, 01 Nov 2023 14:09:18 GMT
etag: "65425c0e-2666"
expires: Fri, 01 Dec 2023 14:09:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/cbb9f3f295aaadfdd5f7f86f8b09b1c2.jpg
200 OK 46 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/cbb9f3f295aaadfdd5f7f86f8b09b1c2.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash a69a27b700e06bd048a2cec6af0d1dc5
2c51123ea01f3348936bf0fa4ca6b6f57869c50e
c849c93230dc37132d4750cdc99eecbf6f44dc7477f92377382300cdf1c7268c
GET /upload/vod/20231101-1/cbb9f3f295aaadfdd5f7f86f8b09b1c2.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 45580
last-modified: Wed, 01 Nov 2023 08:22:48 GMT
etag: "65420ad8-b20c"
expires: Fri, 01 Dec 2023 08:22:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/d66fdb257e88569a0cf195a570439038.jpg
200 OK 51 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/d66fdb257e88569a0cf195a570439038.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash a60f90ff135b7fbc3c14696dfabc05b5
36cb7e4f47edb9c54e2e1de5897714d8877ed039
9c4803bc69c52c0d646d04c6c1e6445dc9c32301066523d68fcffb0825f73df3
GET /upload/vod/20231026-1/d66fdb257e88569a0cf195a570439038.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 51407
last-modified: Thu, 26 Oct 2023 05:50:09 GMT
etag: "6539fe11-c8cf"
expires: Sat, 25 Nov 2023 05:53:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/d2b83668c7b2e55a80b73eaa7ea4d89b.jpg
200 OK 54 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/d2b83668c7b2e55a80b73eaa7ea4d89b.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash baf111984c574c81beaba141a749e43e
137e8cb4a51d15594d6a2d07b4efed200bed1937
8edb7367e0c5233bf6f568de6192a4094e0997f4e696f3d1f5077acb0c754399
GET /upload/vod/20231026-1/d2b83668c7b2e55a80b73eaa7ea4d89b.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 53862
last-modified: Thu, 26 Oct 2023 05:50:09 GMT
etag: "6539fe11-d266"
expires: Sat, 25 Nov 2023 05:53:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/286e7a665d072aaf6c4a95da6dcb7f52.jpg
200 OK 57 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/286e7a665d072aaf6c4a95da6dcb7f52.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash e3f3b6d784a32e60b687f2c5dc47221d
d6d7f25be99ac5a5ca6460423e4bc6841dbe4f53
384ca981b7605b90d3521b5885de26617d22753522e72702fac653f33b6335f0
GET /upload/vod/20231026-1/286e7a665d072aaf6c4a95da6dcb7f52.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 57329
last-modified: Thu, 26 Oct 2023 05:50:11 GMT
etag: "6539fe13-dff1"
expires: Sat, 25 Nov 2023 05:52:18 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/99b0e20fedf236774f64635ba3634161.jpg
200 OK 103 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/99b0e20fedf236774f64635ba3634161.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Size 103 kB (103116 bytes)
Hash b0dce5fb882adc35813ffaaae0cb9da1
04954f01d5ca47174edca76ed7111ac51ad42a42
1a12b6f1e1194da8988b03d8a158087f2601ff602bf0ab774b1a14a9a95e0f66
GET /upload/vod/20231101-1/99b0e20fedf236774f64635ba3634161.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 103116
last-modified: Wed, 01 Nov 2023 08:22:39 GMT
etag: "65420acf-192cc"
expires: Fri, 01 Dec 2023 08:22:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/74bb2ea266576ef228bc76376ad51184.jpg
200 OK 79 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/74bb2ea266576ef228bc76376ad51184.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash a9a79c774ba824130d2d07a9aee8f3d4
09d713a03516d7090be2e0ff59922f152f0a7b49
b4c6472ffcc615c304cee81473c36e5d107b5f868322cc05cea3df388db7cc17
GET /upload/vod/20231101-1/74bb2ea266576ef228bc76376ad51184.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 79064
last-modified: Wed, 01 Nov 2023 08:23:06 GMT
etag: "65420aea-134d8"
expires: Fri, 01 Dec 2023 08:23:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/cbc15df475a800cf0caa5c1bafd9cf14.jpg
200 OK 70 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/cbc15df475a800cf0caa5c1bafd9cf14.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash b1a64cff651ec2cfe53e35b776ee5ff7
8967d06117c4e935fc988524ac44aace3bdd3961
d246a3330bef4c75a49a3a3ec17cc5558003704840338303f0f2bc689971d61a
GET /upload/vod/20231101-1/cbc15df475a800cf0caa5c1bafd9cf14.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 70233
last-modified: Wed, 01 Nov 2023 08:23:05 GMT
etag: "65420ae9-11259"
expires: Fri, 01 Dec 2023 08:27:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/3b182e06f6b7acd90216181c9fb5801c.jpg
200 OK 74 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/3b182e06f6b7acd90216181c9fb5801c.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 537135a9fcd75c47e82b889331475cc9
aab8a2f1334b54c6aa5032418139c2ed6da797de
e2ea53ec5194ed79f59188d7aa4b2c97cfe51ae588ecfa1896ace7a09c4e7d90
GET /upload/vod/20231101-1/3b182e06f6b7acd90216181c9fb5801c.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 73768
last-modified: Wed, 01 Nov 2023 08:23:04 GMT
etag: "65420ae8-12028"
expires: Fri, 01 Dec 2023 08:23:21 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/a3905827750e10ae77cc9e2687dce2c6.jpg
200 OK 75 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/a3905827750e10ae77cc9e2687dce2c6.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 236008bb2a88b960ee8c56cbdfc47038
09736d32375038fa89742f6bcfec24424825fb65
fee85d2127e460cc9b7915de15a4436ac9def337a66ef777df773c8733d2eed9
GET /upload/vod/20231026-1/a3905827750e10ae77cc9e2687dce2c6.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 75127
last-modified: Thu, 26 Oct 2023 05:50:17 GMT
etag: "6539fe19-12577"
expires: Sat, 25 Nov 2023 05:53:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/11e2b8e43526257563519172f76f0a01.jpg
200 OK 70 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/11e2b8e43526257563519172f76f0a01.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 8c15876063eee376cf22c5b1bfe833f6
476a686dbe02dbe059f56cb1759ff7170578ee41
fa01ec01d86f4aae8a1a69d8f5e696936bf36d2c9c48198daebbb2f55249e070
GET /upload/vod/20231031-1/11e2b8e43526257563519172f76f0a01.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 70397
last-modified: Tue, 31 Oct 2023 05:33:19 GMT
etag: "6540919f-112fd"
expires: Thu, 30 Nov 2023 05:34:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/e4893c62bbd229edc15a217828353cf2.jpg
200 OK 83 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/e4893c62bbd229edc15a217828353cf2.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 26466b55914779e7eab42f9d8078294d
fec657ecaf9743c0531db88733e7b5ea23362149
bb6c4eb67c96d81e446700e29460d62101712a545d55e0464a4cc1070f0eba84
GET /upload/vod/20231031-1/e4893c62bbd229edc15a217828353cf2.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 83234
last-modified: Tue, 31 Oct 2023 05:33:25 GMT
etag: "654091a5-14522"
expires: Thu, 30 Nov 2023 05:33:40 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/8a338168032e304451b28fe6213bde09.jpg
200 OK 81 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/8a338168032e304451b28fe6213bde09.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 70a1051418c93fecaecf69acce1f3f53
64d682441d3b312e9c50f20ae9731a6afc0bc8b1
48d87cd683d06aff03e6b9d2d0a37f029cf8a644a1f9aa862243974fdf98e782
GET /upload/vod/20231031-1/8a338168032e304451b28fe6213bde09.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 81008
last-modified: Tue, 31 Oct 2023 05:33:23 GMT
etag: "654091a3-13c70"
expires: Thu, 30 Nov 2023 05:33:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231026-1/b20f49ed8c2bdb79edd3348976772435.jpg
200 OK 69 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/b20f49ed8c2bdb79edd3348976772435.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 5f3db2ac407a178c229e91baf503315b
81c0158554cf000d0f0634f12d09176683fd5742
2278db9bbe49fe4eacc68225e93694be134a11794fec4998ab474163a65c6b76
GET /upload/vod/20231026-1/b20f49ed8c2bdb79edd3348976772435.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 69101
last-modified: Thu, 26 Oct 2023 05:50:08 GMT
etag: "6539fe10-10ded"
expires: Sat, 25 Nov 2023 05:53:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/304585c53a73ca1203acff835b5c1dab.jpg
200 OK 665 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/304585c53a73ca1203acff835b5c1dab.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 665 kB (664886 bytes)
Hash 103d87dab268af535a09ba543822ca90
826e8741e84d69e02c4a4745082b2f617d8acdfb
00568fffc3153db2f79c5b7caf607ee35ee58401d5af22edb0792c7ff6c425be
GET /upload/vod/20231101-1/304585c53a73ca1203acff835b5c1dab.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 664886
last-modified: Wed, 01 Nov 2023 08:22:43 GMT
etag: "65420ad3-a2536"
expires: Fri, 01 Dec 2023 08:22:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?dde120a2eeaa96485a3b065371fc24b4
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?dde120a2eeaa96485a3b065371fc24b4
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (615)
Hash fe359e2b6fd993d99f1eae74e8c788a8
10b714fd1884dcbe3613ad13551c4f552be7af6e
b058a4c39f7e8e788381695fd1132734e5948cf12a8269ef404bfa4a6223a45a
GET /hm.js?dde120a2eeaa96485a3b065371fc24b4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Wed, 01 Nov 2023 19:37:32 GMT
Etag: 8ca9799774470eb68d1922504c4b3cbc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CA99451C1F053951; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.hgimg01.com/upload/vod/20231026-1/b3141c3e248290c33aa76a3efc16bea3.jpg
200 OK 78 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231026-1/b3141c3e248290c33aa76a3efc16bea3.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash f08d3f5bb635e8c1ae9262168965b4e8
1ccddce5551406f64ce335e0bf013908b83440fa
806455da3064c91f076f446e33d18cd68d9280f88145d859fab4440eab808474
GET /upload/vod/20231026-1/b3141c3e248290c33aa76a3efc16bea3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 77680
last-modified: Thu, 26 Oct 2023 05:50:10 GMT
etag: "6539fe12-12f70"
expires: Sat, 25 Nov 2023 05:53:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/css/ate.css
200 OK 6.6 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/css/ate.css
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 4f10d5ee4980adbbc5bf65c6c0159d15
55db617813f9a51f12f3f00784044df5389c189e
def3c525ce418909dfc6963f68ccd89abe85d8e44c1bc431b7c37b0270c2aa9d
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: text/css
last-modified: Wed, 10 Aug 2022 07:27:10 GMT
vary: Accept-Encoding
etag: W/"62f35dce-126e5"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
599 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 0e3e5c385795afb5d95ea9aef6def598
c11c4e92919a48c2a6b2072787908d4772973fbb
c2c70ad2abfb12fdc3e565c49cfc1b0db13adc5741a04d8ecd044154da0d214f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:32 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: MISS
CF-RAY: 81ef9e1549be7cf2-LAX
ETag: "c11c4e92919a48c2a6b2072787908d4772973fbb"
Expires: Tue, 07 Nov 2023 22:41:14 GMT
Last-Modified: Tue, 31 Oct 2023 22:41:15 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb2
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PSsxtyyd2os43:13 (Cdn Cache Server V2.0), 1.1 12124589:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fc_12124589_703-35456
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1698867452ea89245398ba7708d013b940f65d4083
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=4, edge;dur=0
element.window-locationprotocol.top/
200 OK 632 kB URL GET HTTP/2 element.window-locationprotocol.top/
IP
Requested by http://www.invitroideas.com/sb/ZS/809e53a0481c09f791d3965296f0d69d/tzqdipyrp9v2kcdkz5nppd6x.php?04DFHG157058667964b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae6864b38ce2babf4ed4f6f5cb84e320ae68&AP___=&error=
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 632 kB (632214 bytes)
Hash 23d7998959804bfdebbdc0345597f549
8b370e3ab9b2a4e6f8a78492a2f94509796324ae
50c43f2e6aa8827950d7d04d1947d62fecf43c375a69cda21403496902224730
GET / HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.invitroideas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/892e8e8879529d54e651872883a07103.jpg
200 OK 576 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/892e8e8879529d54e651872883a07103.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 576 kB (576244 bytes)
Hash aec6f2cc82d7f1ab18f6bad34ed500d2
6f649fabe1d1179f14f1a302786bfd44e70d3266
d454d6fe72822cfb9a350821b2498cd8672da73cf861ebff502e9b84632727ae
GET /upload/vod/20231101-1/892e8e8879529d54e651872883a07103.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 576244
last-modified: Wed, 01 Nov 2023 08:22:45 GMT
etag: "65420ad5-8caf4"
expires: Fri, 01 Dec 2023 08:22:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/0a34732b5bd7c5fdc890575c6e18ec7d.jpg
200 OK 760 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/0a34732b5bd7c5fdc890575c6e18ec7d.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 760 kB (760108 bytes)
Hash 730c5b6240789183321135966a49324b
fd185465d882deb07a5010022d26544b5072cb41
1f49dcc8a975ad3f47ddd55e6b886c0ecc1df49064604c5a3a7027d0f0ec5774
GET /upload/vod/20231101-1/0a34732b5bd7c5fdc890575c6e18ec7d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 760108
last-modified: Wed, 01 Nov 2023 08:22:47 GMT
etag: "65420ad7-b992c"
expires: Fri, 01 Dec 2023 08:22:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/e34d5c2d07b61196850629f02482a5a9.jpg
200 OK 219 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/e34d5c2d07b61196850629f02482a5a9.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 856x480, components 3\012- data
Size 219 kB (219418 bytes)
Hash ce16bbe2c7d7cad14715d04bbf1a4218
1d93bc5852b55fe6e7c81a7dc13caab90c0f1d62
4ec83131f6a2d371ef952c3619d097d13260169db50ead2f53646af7a246d858
GET /upload/vod/20231031-1/e34d5c2d07b61196850629f02482a5a9.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 219418
last-modified: Tue, 31 Oct 2023 05:33:22 GMT
etag: "654091a2-3591a"
expires: Thu, 30 Nov 2023 05:34:07 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/f7dbae08de7ef48223efabe6f4597b16.jpg
200 OK 700 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/f7dbae08de7ef48223efabe6f4597b16.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 700 kB (699637 bytes)
Hash 354214e0a7b1f2d18155dcec119a958f
8d896c93d3278c9f6c8eddb4bae866ee02ec1034
589644bcedb8cce4e7dd9f915805704a12abc3002c836a28ecbdb0db499815e7
GET /upload/vod/20231031-1/f7dbae08de7ef48223efabe6f4597b16.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 699637
last-modified: Tue, 31 Oct 2023 05:33:16 GMT
etag: "6540919c-aacf5"
expires: Thu, 30 Nov 2023 05:33:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231031-1/2f6da6ddf266d6737c9a64c45931c242.jpg
200 OK 733 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231031-1/2f6da6ddf266d6737c9a64c45931c242.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 733 kB (732565 bytes)
Hash bf976db4dad6dedcbeb0429ebcd64aa4
53841959c477f3b79f64176589e2a8c73a7b4bdc
87cbba3173b881a3984dbea915572400a85c44703e5adfa554575b71fc213f2a
GET /upload/vod/20231031-1/2f6da6ddf266d6737c9a64c45931c242.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 732565
last-modified: Tue, 31 Oct 2023 05:33:15 GMT
etag: "6540919b-b2d95"
expires: Thu, 30 Nov 2023 05:33:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
600 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 718650e19d4cfd490aed0da3533bf272
8e163686ffac9b2e12ef35dafbfa2269a6299019
9dfb38b210755131fcd1027db00f4d3c28830f96174fbf50cf7d7a6693630815
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:32 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: EXPIRED
CF-RAY: 81f58c8a2b409e6b-SJC
ETag: "8e163686ffac9b2e12ef35dafbfa2269a6299019"
Expires: Wed, 08 Nov 2023 16:31:04 GMT
Last-Modified: Wed, 01 Nov 2023 16:31:05 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb3
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PSjsczsx2jd70:11 (Cdn Cache Server V2.0), 1.1 PS-PEK-01GFt24:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fc_PS-PEK-01ylP25_40081-8105
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 169886745295002e56d6a4a034c89c6f7a7b62d792
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=7, edge;dur=0
img.hgimg01.com/upload/vod/20231101-1/285a323e7d6207a391561f5f7a99bf30.jpg
200 OK 696 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/285a323e7d6207a391561f5f7a99bf30.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 696 kB (695655 bytes)
Hash 8cba277f8a27ed822f334fff3e7d6925
ac6505c84d88b06819e28025b8c40ba0aae46bf5
b40e71113ffd7c9a58846d42d0344c13b68a600251683af2553e2dc6088f54a9
GET /upload/vod/20231101-1/285a323e7d6207a391561f5f7a99bf30.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 695655
last-modified: Wed, 01 Nov 2023 08:22:49 GMT
etag: "65420ad9-a9d67"
expires: Fri, 01 Dec 2023 08:22:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/ads/qq2.js
200 OK 2.7 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/qq2.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash b0b85447fb7759523f7f31ebc2dd0ab3
a58b32d14f372854d853ad39b5d39bf293067971
cf518eab884e6c1134f2a5adf4762f9259269021ff4a8efa4b1874b09c47c24e
GET /template/m1938pc/ads/qq2.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 11:38:21 GMT
vary: Accept-Encoding
etag: W/"653cf2ad-26af"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
player.hgm3u9.com/20230910/s5pTQBhn/1.jpg
200 OK 140 kB URL GET HTTP/2 player.hgm3u9.com/20230910/s5pTQBhn/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1188x668, components 3\012- data
Size 140 kB (140427 bytes)
Hash e0cf60ecb57171ed81a471ae04e02d0a
48773a2e7e0c8c796d518336f08bdf3c323e4075
7497b68854644c7d34f02d6ebe4232ef0c7900bbc686ed851dec1c18d7228050
GET /20230910/s5pTQBhn/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 140427
last-modified: Mon, 11 Sep 2023 02:01:34 GMT
etag: "64fe74fe-2248b"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
599 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 0e3e5c385795afb5d95ea9aef6def598
c11c4e92919a48c2a6b2072787908d4772973fbb
c2c70ad2abfb12fdc3e565c49cfc1b0db13adc5741a04d8ecd044154da0d214f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:33 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: MISS
CF-RAY: 81ef9e1549be7cf2-LAX
ETag: "c11c4e92919a48c2a6b2072787908d4772973fbb"
Expires: Tue, 07 Nov 2023 22:41:14 GMT
Last-Modified: Tue, 31 Oct 2023 22:41:15 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb2
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PSsxtyyd2os43:13 (Cdn Cache Server V2.0), 1.1 12124589:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fd_12A146831_8444-12476
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 169886745387e4992f3e4c4788d75e43444f511d9f
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=4, edge;dur=0
player.hgm3u9.com/20230919/1ytxnMZP/1.jpg
200 OK 49 kB URL GET HTTP/2 player.hgm3u9.com/20230919/1ytxnMZP/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 524a45994fbeb4532558238953a8b2d4
49c600685bdc8792df13871ce91c7b8a3db943c7
ff044a3dc5b807f7867941d045409e97c346f01a916ec22414d3427e08d71aeb
GET /20230919/1ytxnMZP/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 48903
last-modified: Wed, 20 Sep 2023 02:59:55 GMT
etag: "650a602b-bf07"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230910/IPI5oQDo/1.jpg
200 OK 46 kB URL GET HTTP/2 player.hgm3u9.com/20230910/IPI5oQDo/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 949x507, components 3\012- data
Hash a1604f0a7a9a8668cf18d562308d963f
f79f7cba621c00011e30ad262bfd4a728e5f286a
3d6feb7e80bd98853e93df55a3d5de83837871707616c49e4d05d75584c5657c
GET /20230910/IPI5oQDo/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 46518
last-modified: Mon, 11 Sep 2023 02:01:20 GMT
etag: "64fe74f0-b5b6"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230921/nxpPQSJ9/1.jpg
200 OK 77 kB URL GET HTTP/2 player.hgm3u9.com/20230921/nxpPQSJ9/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 850x478, components 3\012- data
Hash 24223878f541bda3762ff7bc8928d256
84cd5e16cbaa3b2c326d2ad8b5cd3f1a1c41d018
f51587f7971cbf99f529bdc61061d8981848bc47cfd9281700ae0ba7db84c6aa
GET /20230921/nxpPQSJ9/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 77348
last-modified: Fri, 22 Sep 2023 04:50:42 GMT
etag: "650d1d22-12e24"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231022/PxiIQhw5/1.jpg
200 OK 49 kB URL GET HTTP/2 player.hgm3u9.com/20231022/PxiIQhw5/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash c4d489378475a52f3c1783936f7c1059
b349cb14fbea0a9594db3d2989fdb01ba19deee3
26409f6e4b9e934325f1e049e8f46a04184f7f86c186a93d529be5f0d8466e26
GET /20231022/PxiIQhw5/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 49141
last-modified: Sun, 22 Oct 2023 18:42:47 GMT
etag: "65356d27-bff5"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231022/MYNVPwsw/1.jpg
200 OK 49 kB URL GET HTTP/2 player.hgm3u9.com/20231022/MYNVPwsw/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 3fba7da570321a3015fcdd0f7f58ecea
50cca099145ca003df6976582e4e5824edd8a683
231246fec5809a1273c03dc2bd8725ab2985a3a000b04e8646ec8b091510b007
GET /20231022/MYNVPwsw/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 49387
last-modified: Sun, 22 Oct 2023 18:37:17 GMT
etag: "65356bdd-c0eb"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231022/u4uNSCbE/1.jpg
200 OK 47 kB URL GET HTTP/2 player.hgm3u9.com/20231022/u4uNSCbE/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 459cc99937887f835a249d963b6cfa73
f4c2c4f9c98ebd0fedf871bf6491d45005888929
3064933247a1944657e2600b086c2e170ba2682722cfd264e6facee7c4a2360d
GET /20231022/u4uNSCbE/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 47425
last-modified: Sun, 22 Oct 2023 18:49:59 GMT
etag: "65356ed7-b941"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231023/IKUR38iG/1.jpg
200 OK 36 kB URL GET HTTP/2 player.hgm3u9.com/20231023/IKUR38iG/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash ee5c00b2aea40460b3edbbea5c724b48
f3a4bd5d2351ae912d45900965e42c02a8817b39
5359560d0c4ea1f3b9193ade6bd5791c768a62892daaa93a86a66af9658096e4
GET /20231023/IKUR38iG/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 36324
last-modified: Tue, 24 Oct 2023 04:02:00 GMT
etag: "653741b8-8de4"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230924/nnucpoMT/1.jpg
200 OK 48 kB URL GET HTTP/2 player.hgm3u9.com/20230924/nnucpoMT/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 676e7ea94d0f312831f194c6ff6409a5
9b7aec9cc535354df8fcec66001fe5ee88a2656f
764e169712fdab7027d79fd7f705eb373a4737b635b5a62417c4fde6d3a4fa38
GET /20230924/nnucpoMT/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 47895
last-modified: Sun, 24 Sep 2023 16:04:48 GMT
etag: "65105e20-bb17"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230910/ekSqhau1/1.jpg
200 OK 111 kB URL GET HTTP/2 player.hgm3u9.com/20230910/ekSqhau1/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Size 111 kB (110729 bytes)
Hash 55419210c0da6ca32fb492b20ff3fe46
2d610e272d86205c403575f5974e74c18a00fb56
7a35867fc83b6d82dacb38ad0eb5af9b75fdd93deaffb9b46f506544c49cfd94
GET /20230910/ekSqhau1/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 110729
last-modified: Mon, 11 Sep 2023 02:01:27 GMT
etag: "64fe74f7-1b089"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230921/xslVPKhe/1.jpg
200 OK 125 kB URL GET HTTP/2 player.hgm3u9.com/20230921/xslVPKhe/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type PNG image data, 640 x 360, 8-bit colormap, non-interlaced\012- data
Size 125 kB (124923 bytes)
Hash b7e8110cb30108fb9debb4b8baafaf0c
b6ff7908434e84b226f020a4af18fee8aa600c8b
9a0a52136c4813560abb48f2cfe20c9db902381eca68e594a36f5d88a2aa93e7
GET /20230921/xslVPKhe/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 124923
last-modified: Fri, 22 Sep 2023 04:50:08 GMT
etag: "650d1d00-1e7fb"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231022/UrG3A1rP/1.jpg
200 OK 67 kB URL GET HTTP/2 player.hgm3u9.com/20231022/UrG3A1rP/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash cfa68c8be781dca8819e24808f022477
542664cdd64848f8c080b8afe27992b38f1aeae0
6f997e705f407b17577f0b26596330f8b886396bbd732da30c1af79e854487d5
GET /20231022/UrG3A1rP/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 67082
last-modified: Sun, 22 Oct 2023 18:53:25 GMT
etag: "65356fa5-1060a"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231022/QoXx4KKp/1.jpg
200 OK 71 kB URL GET HTTP/2 player.hgm3u9.com/20231022/QoXx4KKp/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash cfe170262da6328bef3866b883c818b1
f5e67f032307d66b61797675178d83df9d9309d9
f0163f37c0dc41ee24ac76fba992f6930d1625dbd116bd4931efa27f7e8b9d4b
GET /20231022/QoXx4KKp/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 71244
last-modified: Sun, 22 Oct 2023 18:38:02 GMT
etag: "65356c0a-1164c"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231023/7z2Wl7gU/1.jpg
200 OK 66 kB URL GET HTTP/2 player.hgm3u9.com/20231023/7z2Wl7gU/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 54d8c57c14b7ea88088019b3bc2a928a
242618045d35c0d23b2a74e94fc39e4ad76cfd74
c57261a3fa9fab228e692abe4fa679d07f845e241ca52b184f7ffbe7f05c803f
GET /20231023/7z2Wl7gU/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 65835
last-modified: Tue, 24 Oct 2023 04:21:02 GMT
etag: "6537462e-1012b"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20231002/ijXDGzd2/1.jpg
200 OK 143 kB URL GET HTTP/2 player.hgm3u9.com/20231002/ijXDGzd2/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1280x718, components 3\012- data
Size 143 kB (143419 bytes)
Hash f3fafdaed3c85dd33e24be09df1ac852
be1d34bb1e0e73c0791229dd162d77b420097ad1
ef8f0e37ca9ef3ce24fdde801c2fdd2d9277d42a24409db3e2775c48ca08382c
GET /20231002/ijXDGzd2/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 143419
last-modified: Mon, 02 Oct 2023 18:38:50 GMT
etag: "651b0e3a-2303b"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230910/SoR9PukY/1.jpg
200 OK 762 kB URL GET HTTP/2 player.hgm3u9.com/20230910/SoR9PukY/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Size 762 kB (761868 bytes)
Hash 1162a012ff26a242f3effd9075c69cc5
a4b5d9e8d2a79d78adb5e66126878d81eb37ef57
b0935b962e7ab805dfa08395d5b27b48a2b02ff4da2f81fbca39735d18313eaa
GET /20230910/SoR9PukY/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 761868
last-modified: Mon, 11 Sep 2023 02:04:40 GMT
etag: "64fe75b8-ba00c"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230827/ZoqKySg0/1.jpg
200 OK 455 kB URL GET HTTP/2 player.hgm3u9.com/20230827/ZoqKySg0/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 455 kB (454566 bytes)
Hash a86f5c10b2fd5ac162cb57bf2c628d4f
b88f97a002bcf59273d960417cfabaf49882a643
b888bfca9adbcc15d296044b17a7b470b32cad323fe8df46cf241763ba225cc4
GET /20230827/ZoqKySg0/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 454566
last-modified: Sun, 27 Aug 2023 17:23:33 GMT
etag: "64eb8695-6efa6"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230910/7yur5NuO/1.jpg
200 OK 265 kB URL GET HTTP/2 player.hgm3u9.com/20230910/7yur5NuO/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 1280x720, components 3\012- data
Size 265 kB (264753 bytes)
Hash 0050c2806793c2e0a2d4af6ec63742f8
89c9026cd55d687e6ba2dda2e3708c689fca7523
d2f10d2564757be726a3ae603a8577f27516e3a5637ea8fd38f33440665d1e65
GET /20230910/7yur5NuO/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 264753
last-modified: Mon, 11 Sep 2023 02:04:36 GMT
etag: "64fe75b4-40a31"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1250716656&si=dde120a2eeaa96485a3b065371fc24b4&su=http%3A%2F%2Fwww.invitroideas.com%2F&v=1.3.0&lv=1&sn=3649&r=0&ww=1280&u=https%3A%2F%2Felement.window-locationprotocol.top%2F&tt=%E6%92%B8%E5%95%8A%E6%92%B8-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86
200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1250716656&si=dde120a2eeaa96485a3b065371fc24b4&su=http%3A%2F%2Fwww.invitroideas.com%2F&v=1.3.0&lv=1&sn=3649&r=0&ww=1280&u=https%3A%2F%2Felement.window-locationprotocol.top%2F&tt=%E6%92%B8%E5%95%8A%E6%92%B8-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1250716656&si=dde120a2eeaa96485a3b065371fc24b4&su=http%3A%2F%2Fwww.invitroideas.com%2F&v=1.3.0&lv=1&sn=3649&r=0&ww=1280&u=https%3A%2F%2Felement.window-locationprotocol.top%2F&tt=%E6%92%B8%E5%95%8A%E6%92%B8-%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 01 Nov 2023 19:37:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6F1787D9E8376038; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.trust-provider.cn/
600 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 718650e19d4cfd490aed0da3533bf272
8e163686ffac9b2e12ef35dafbfa2269a6299019
9dfb38b210755131fcd1027db00f4d3c28830f96174fbf50cf7d7a6693630815
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:33 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: EXPIRED
CF-RAY: 81f58c8a2b409e6b-SJC
ETag: "8e163686ffac9b2e12ef35dafbfa2269a6299019"
Expires: Wed, 08 Nov 2023 16:31:04 GMT
Last-Modified: Wed, 01 Nov 2023 16:31:05 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb3
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PSjsczsx2jd70:11 (Cdn Cache Server V2.0), 1.1 12A146831:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fd_12124589_514-33566
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1698867453b2f8ca8116fbed7f6568396d3f5d3759
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=4, edge;dur=0
element.window-locationprotocol.top/template/m1938pc/ads/qq1.js
200 OK 1.4 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/qq1.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash d1c0ca758de5c9cf50feccb3c672d38c
ee766fe17671daf4e1f5237c12ec64e6944f7865
84058ddae9258a1eaf7e7ac689e98382e9c6f3d861c9812f0f975f6fffa90b73
GET /template/m1938pc/ads/qq1.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 04:02:34 GMT
vary: Accept-Encoding
etag: W/"653c87da-af0"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
player.hgm3u9.com/20230924/WT0bQZkl/1.jpg
200 OK 77 kB URL GET HTTP/2 player.hgm3u9.com/20230924/WT0bQZkl/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 955x535, components 3\012- data
Hash 98ad5e0bd54734d30c59c9fe126c9c47
dc1c56a6c5e51d19bfc786efbbb773d49da788ed
34fd8d34a498c9a4ab39cf6faad7210ae0e0cbcf2cb32721843af3933ff03614
GET /20230924/WT0bQZkl/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 77436
last-modified: Sun, 24 Sep 2023 16:06:31 GMT
etag: "65105e87-12e7c"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.hgm3u9.com/20230924/xXtUGHS9/1.jpg
200 OK 77 kB URL GET HTTP/2 player.hgm3u9.com/20230924/xXtUGHS9/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 956x535, components 3\012- data
Hash be8cef88dd6787d3a3b67f20a3802de6
dc0ed4c63ab151915c334e9d9d364343a83c757f
fb006284630222225a065c73eb9a77e5b181e2f6ab7ef3d43be54e027b5a0478
GET /20230924/xXtUGHS9/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 77175
last-modified: Sun, 24 Sep 2023 16:05:28 GMT
etag: "65105e48-12d77"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/ads/tb.js
200 OK 1.2 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/tb.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 5aa5ad0846edd78e3b35b88f018f0cca
e5b177518eccf95f8a64056c7d24dfaf99a0df5f
791bd3694b41a90b90ffbd9e245b9abae60da6a0298afbdaff89bf77867cbde5
GET /template/m1938pc/ads/tb.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 11:41:20 GMT
vary: Accept-Encoding
etag: W/"653cf360-9ae"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
player.hgm3u9.com/20230924/5EPvgFL3/1.jpg
200 OK 47 kB URL GET HTTP/2 player.hgm3u9.com/20230924/5EPvgFL3/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.hgm3u9.com
Fingerprint16:BF:43:DA:A0:ED:BD:E0:66:A2:90:EE:F3:7E:87:BF:CF:8B:20:21
ValidityMon, 29 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash f71f6a3f6974fbc790f36f6830dd536d
2fa5560976fcd5506a4ce7ec23a8e2bf4ea357c8
32395c57423287b2587e428fdc51fc4b05d6004498346595f39990597b9f8220
GET /20230924/5EPvgFL3/1.jpg HTTP/1.1
Host: player.hgm3u9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 47421
last-modified: Sun, 24 Sep 2023 16:05:37 GMT
etag: "65105e51-b93d"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
599 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 3982fa373db13d63fc5c89f9858936e7
2a987b3906b774152b71ae0205739b89c92acddd
8b6393f8a2c0847e214fccc8fba5267182cc48841ce90d769e87e6cb112b1aa5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:33 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: EXPIRED
CF-RAY: 81f18527be0c6804-SJC
ETag: "2a987b3906b774152b71ae0205739b89c92acddd"
Expires: Wed, 08 Nov 2023 04:37:04 GMT
Last-Modified: Wed, 01 Nov 2023 04:37:05 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb5
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PS-CZX-01YIQ141:11 (Cdn Cache Server V2.0), 1.1 12A146831:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fd_12A146831_8444-12483
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 16988674532a3bfba45c2890326cb0b0677a96a498
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=4, edge;dur=0
element.window-locationprotocol.top/template/m1938pc/ads/qq1.js
200 OK 1.4 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/qq1.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash a3e129a49fdf09940f292aa65ea5efa9
8c337762b04a0f6f250b8368e1d5edd664a0122c
c108e200178626cff44ad5fcfd5a5cb5af26fed03c767ec53caa83be5aa759b6
GET /template/m1938pc/ads/qq1.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 04:02:34 GMT
vary: Accept-Encoding
etag: W/"653c87da-af0"
expires: Thu, 02 Nov 2023 07:37:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.91w8idnntcn5ecxce06t.com/image/s034.gif
200 OK 22 kB URL GET HTTP/2 img.91w8idnntcn5ecxce06t.com/image/s034.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subject91w8idnntcn5ecxce06t.com
Fingerprint99:AE:A4:CD:6A:79:3A:3A:23:FC:1E:78:55:AE:1D:42:FC:3C:7F:A3
ValidityThu, 05 Oct 2023 11:52:13 GMT - Wed, 03 Jan 2024 11:52:12 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash f1790d1b8d4b9c803d3d29909e586836
3d670fb320b88da970eef5bbb288b7abb4142bbf
222d83c90ddafda6b7bf77aaa8884195da62c806d2d09bf0b15794d03878ec62
GET /image/s034.gif HTTP/1.1
Host: img.91w8idnntcn5ecxce06t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/webp
content-length: 21664
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=87376
content-disposition: inline; filename="s034.webp"
vary: Accept
etag: "605c4898-15550"
expires: Thu, 23 Nov 2023 17:09:28 GMT
last-modified: Thu, 25 Mar 2021 08:23:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 574620
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grvTyjXZQf728LjvyhFlVFfSKYPn%2BKfqvsH9xgYpRf7C%2BR7G%2FYLKIZJWWvfIc%2FBXfNjMFZdSPy6z3yypoa8EFE6PdJGbHJ5a0dR%2BMFTfJDVA5scbp%2FncJhO3vCWnmplcxkGwLUl299i3dUOeGZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f697d2081db52d-OSL
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
599 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 3982fa373db13d63fc5c89f9858936e7
2a987b3906b774152b71ae0205739b89c92acddd
8b6393f8a2c0847e214fccc8fba5267182cc48841ce90d769e87e6cb112b1aa5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:33 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: EXPIRED
CF-RAY: 81f18527be0c6804-SJC
ETag: "2a987b3906b774152b71ae0205739b89c92acddd"
Expires: Wed, 08 Nov 2023 04:37:04 GMT
Last-Modified: Wed, 01 Nov 2023 04:37:05 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb5
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PS-CZX-01YIQ141:11 (Cdn Cache Server V2.0), 1.1 12A146831:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fd_12A146831_8299-11330
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1698867453bead749e724e64df9e49becc3398ec43
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=4, edge;dur=0
element.window-locationprotocol.top/template/m1938pc/ads/sp5.js
200 OK 1.2 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/sp5.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 33d30d1226afc4a1b83a56748e3f7a23
064f1ced189c1a57a6b66221e9c3f97ec79164b7
bb37a6ff26ec59a6e10b5377b4067a22c2c73dcb38f080c1b3962a2a61e84fb6
GET /template/m1938pc/ads/sp5.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 11:40:24 GMT
vary: Accept-Encoding
etag: W/"653cf328-6fb"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
gif.cdn-xxx.com/images/gif/11.gif
200 OK 160 kB URL GET HTTP/2 gif.cdn-xxx.com/images/gif/11.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-xxx.com
Fingerprint4C:46:BB:D2:BC:3E:C8:07:80:77:02:71:13:89:46:21:E2:AE:D8:EF
ValiditySun, 24 Sep 2023 11:20:12 GMT - Sat, 23 Dec 2023 11:20:11 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 160 kB (160272 bytes)
Hash b59bbf98cb08dc01c70eb2ccd6a98a06
b158e5684af17e6bcd8d5d777e44085897b4583a
3cab0a461132035095f5c2088f7fc7ea9e7c52aabb179c87843d019180fde1ce
GET /images/gif/11.gif HTTP/1.1
Host: gif.cdn-xxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/webp
content-length: 160272
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=342628
content-disposition: inline; filename="11.webp"
vary: Accept
etag: "63144a91-53a64"
expires: Thu, 23 Nov 2023 16:35:50 GMT
last-modified: Sun, 04 Sep 2022 06:49:53 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 490015
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzBxqq9ZM3CdHccwQoocqvKcOHl4po1uiLdgcTTLem9PDAA9ksMOaB3bffe7ffBLF4DVsUPCCzoMSR3OdXo2JPK9dOA5lYtuABqoavC%2B%2FeohTiPB96yrK%2FNhCfxjVj6OIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f697d22976b4f4-OSL
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
599 B IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash 3982fa373db13d63fc5c89f9858936e7
2a987b3906b774152b71ae0205739b89c92acddd
8b6393f8a2c0847e214fccc8fba5267182cc48841ce90d769e87e6cb112b1aa5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 01 Nov 2023 19:37:33 GMT
Accept-Ranges: bytes
Age: 1
CF-Cache-Status: EXPIRED
CF-RAY: 81f18527be0c6804-SJC
ETag: "2a987b3906b774152b71ae0205739b89c92acddd"
Expires: Wed, 08 Nov 2023 04:37:04 GMT
Last-Modified: Wed, 01 Nov 2023 04:37:05 GMT
WS-Cache-Status: 0
X-CCACDN-Proxy-ID: scdpinlb5
X-Frame-Options: SAMEORIGIN
X-Via: 1.1 PS-CZX-01YIQ141:11 (Cdn Cache Server V2.0), 1.1 12A146831:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6542a8fd_12124589_671-40398
via: n173-159-130.bdcdn-bjcm.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 169886745344ee93affe037ec4341f6fdc3914b12c
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=5, edge;dur=0
com0211.com/dds/1211-1.gif
200 OK 222 kB URL GET HTTP/2 com0211.com/dds/1211-1.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerCloudflare, Inc.
Subjectcom0211.com
Fingerprint07:E1:5B:83:BC:B9:6A:51:F6:40:D7:8E:0F:1B:2D:E7:1A:19:EF:AB
ValiditySat, 11 Feb 2023 00:00:00 GMT - Sat, 10 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 222 kB (222236 bytes)
Hash d57fda02bc3be86d7a0660b82dea9eac
77f16bb895e80cd62802338c47d011b84ada5383
58095c4b2a9e60b4f766c391f6fb451a2e6ab12fe8c36831952eccf497b2f904
GET /dds/1211-1.gif HTTP/1.1
Host: com0211.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 222236
last-modified: Sat, 10 Dec 2022 17:13:32 GMT
etag: "6394be3c-3641c"
cf-cache-status: HIT
age: 453745
expires: Thu, 02 Nov 2023 19:37:33 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-methods: *
server: cloudflare
cf-ray: 81f697d31fcc56ba-OSL
X-Firefox-Spdy: h2
i.postimg.cc/NfF3RMJY/dtt9.gif
200 OK 146 kB URL GET HTTP/2 i.postimg.cc/NfF3RMJY/dtt9.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 120 x 120\012- data
Size 146 kB (146367 bytes)
Hash e4d97a78838d27ce06d5fe96c9e7ccba
1e48610a777a364a402650a7bbd98aa610b707c1
3ea822f65da4304344b349819764a3afa4280c2710688474f990020ad8f0df7c
GET /NfF3RMJY/dtt9.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 146367
last-modified: Thu, 06 Jul 2023 11:38:36 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
s2.loli.net/2023/05/15/EN76vd4sTSZLIGn.jpg
200 OK 31 kB URL GET HTTP/2 s2.loli.net/2023/05/15/EN76vd4sTSZLIGn.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 377x377, components 3\012- data
Hash 4b474683f76136a226df7911f19802ea
5173f3413d8d12130698c28486bdc943a7aedce5
afe8b9102b16fca899fe379bd9e4801f0cfd37ff744a36b53b32e0694af679a1
GET /2023/05/15/EN76vd4sTSZLIGn.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 31359
last-modified: Mon, 15 May 2023 11:53:47 GMT
etag: "64621d4b-7a7f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4w%2BrZ6VYBxpDu69KwpAt3W%2FMlDNg6xGzBACnstfq2CR3ZXbGc1bwwoXGNy7e%2BSTZ8Ew%2B1b8FFnE8TPICe3bp6Ud81wrXMl6UhZE%2BiNyOd0ya%2FbxAPYENbT9V6F4F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f697d1f99256b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/fRZzGw2K/0103d120009h1026r1-BFC.gif
200 OK 873 kB URL GET HTTP/2 i.postimg.cc/fRZzGw2K/0103d120009h1026r1-BFC.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Size 873 kB (873044 bytes)
Hash 4afba97a5491e68fcca4cdee4b87d629
09e1dddabf60e12cbd368c2df9d6474f703d7a2f
23861d601f540f738c33eebd6821fef3a74e1f6d5540d939d8a07c08f40bcd19
GET /fRZzGw2K/0103d120009h1026r1-BFC.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 873044
last-modified: Sun, 18 Dec 2022 14:49:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1379a.xyz/images/64992b9ddde877a58644d712.gif
302 Found 0 B URL GET HTTP/2 img.1379a.xyz/images/64992b9ddde877a58644d712.gif
IP
ASN #4658 2012 Limited Netfront
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subject1379a.xyz
FingerprintDD:C4:C1:1E:F6:AC:98:D3:40:F4:E3:45:2E:4F:C0:6C:6A:D7:CA:D9
ValiditySat, 30 Sep 2023 04:02:04 GMT - Fri, 29 Dec 2023 04:02:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/64992b9ddde877a58644d712.gif HTTP/1.1
Host: img.1379a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://sns-avatar-qc.xhscdn.com/avatar/64992b9fcaf294a168afbc87.jpg
X-Firefox-Spdy: h2
maxun066.top/6b4bc2393b34f569886385798f04319d.gif
200 OK 68 kB URL GET HTTP/2 maxun066.top/6b4bc2393b34f569886385798f04319d.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectmaxun066.top
Fingerprint1F:EC:6F:56:B1:BC:96:6B:6B:20:D0:93:33:84:2B:97:D2:BE:A7:28
ValidityThu, 26 Oct 2023 10:44:06 GMT - Wed, 24 Jan 2024 10:44:05 GMT
File type GIF image data, version 89a, 300 x 200\012- data
Hash 8fe8a3221d6c69d2dfa96070eeaf7947
2e3d9f6307f2b435471ca22f3a2662a586a93b73
f2a244eb1748c34fb59c94b4576147ab29247b93edc1c77536c68aa4bbcdf368
GET /6b4bc2393b34f569886385798f04319d.gif HTTP/1.1
Host: maxun066.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 134128
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 81f642bc28904052-LHR
content-type: image/gif
date: Wed, 01 Nov 2023 18:39:28 GMT
etag: "1698864058"
expires: Thu, 30 Nov 2023 05:24:00 GMT
last-modified: Wed, 01 Nov 2023 18:40:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqoiRSfC1DEPZtlsqzBngxcJlbg%2BJLE4nJYP96ZJS9RBHxp2CZan4hPJ68Q%2BEM4sFddaz%2Fhq8i%2Bvw33NIuS8pZs%2B2UnKlG5fwnFqGRI2%2B99xe1z%2B4wNdCX3gPHl03ceXPUD7CszJQbCM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT, policy, memory
content-length: 67829
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/ads/dht.js
200 OK 335 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/dht.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 335 kB (335131 bytes)
Hash 4ea1d57930ae3f38830f5d26091e95f0
e1b5dec183457e0c90e99b09c3fff59b25e451b7
be3cfc34996467bc38d266abcc3628a60e12b9b414f881fe23120a410d7c7041
GET /template/m1938pc/ads/dht.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Tue, 29 Aug 2023 15:25:07 GMT
vary: Accept-Encoding
etag: W/"64ee0dd3-1478"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
player.huangguam3u.com/20231031/E8l9ECyN/1.jpg
200 OK 61 kB URL GET HTTP/2 player.huangguam3u.com/20231031/E8l9ECyN/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.huangguam3u.com
Fingerprint4E:9E:91:B1:2F:E3:32:4B:C4:7F:8F:93:91:63:CF:70:C4:69:B3:B9
ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 656c89a87fee410ad4e7bab501d0fe9f
05760a14abc5bdff5d81bbd412bdf78535a482e1
0f229285b6ce2998c298b408bd6a90bd454d0ace6067cce16234d0059cb236be
GET /20231031/E8l9ECyN/1.jpg HTTP/1.1
Host: player.huangguam3u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 60574
last-modified: Tue, 31 Oct 2023 15:16:00 GMT
etag: "65411a30-ec9e"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
maxun077.top/8640c212ed4b8873323ab3a1034d64f9.gif
200 OK 63 kB URL GET HTTP/2 maxun077.top/8640c212ed4b8873323ab3a1034d64f9.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectmaxun077.top
FingerprintDF:8C:6E:FB:DF:73:E9:9F:E7:92:8B:CA:58:EB:94:1F:D1:79:93:48
ValidityThu, 26 Oct 2023 23:12:49 GMT - Wed, 24 Jan 2024 23:12:48 GMT
File type GIF image data, version 89a, 300 x 200\012- data
Hash b3c727100a456f090af852169f9c8763
81594453df1ac6225edb342fc8d0ef4a73f48896
7597be2a4832946dbcd61c09bd5ce3f91e0b71dc1ddff4ff79685416d2fd7ee0
GET /8640c212ed4b8873323ab3a1034d64f9.gif HTTP/1.1
Host: maxun077.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 01 Nov 2023 19:36:57 GMT
etag: "1698867417"
expires: Fri, 01 Dec 2023 19:36:57 GMT
last-modified: Wed, 01 Nov 2023 19:36:57 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 62853
X-Firefox-Spdy: h2
player.huangguam3u.com/20231030/JSpTRofO/1.jpg
200 OK 46 kB URL GET HTTP/2 player.huangguam3u.com/20231030/JSpTRofO/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.huangguam3u.com
Fingerprint4E:9E:91:B1:2F:E3:32:4B:C4:7F:8F:93:91:63:CF:70:C4:69:B3:B9
ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 1ab729816e2d1243fc75792768230ee1
9bafee3bd6edd51caf648c672324941337e7e9a2
7fdb1e23ef756aa5163e49d7cba874e4aa3e06aea58eda55403a24afae68948c
GET /20231030/JSpTRofO/1.jpg HTTP/1.1
Host: player.huangguam3u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 45510
last-modified: Mon, 30 Oct 2023 07:11:59 GMT
etag: "653f573f-b1c6"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvhee.com/3cf28cb59c6feb71c314fe7883388bb3.gif
200 OK 342 kB URL GET HTTP/2 kvhee.com/3cf28cb59c6feb71c314fe7883388bb3.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectkvhee.com
Fingerprint66:CE:07:A6:A6:B7:E1:D7:4A:09:FC:10:87:F8:B7:D5:27:B6:37:11
ValidityFri, 27 Oct 2023 04:16:00 GMT - Thu, 25 Jan 2024 04:15:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 342 kB (341700 bytes)
Hash 7f9c515ed18840083ff572b048261226
265ef775fdc24fa4b8044f3cb8644a3c0fddc42e
e2c363ec1a589185c9f035bcdc9f2c492e1aebbca951bbaf96c68bc04873c101
GET /3cf28cb59c6feb71c314fe7883388bb3.gif HTTP/1.1
Host: kvhee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 01 Nov 2023 18:51:25 GMT
etag: "1698864771"
expires: Fri, 01 Dec 2023 18:51:25 GMT
last-modified: Wed, 01 Nov 2023 18:52:51 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 341700
X-Firefox-Spdy: h2
pic.sl.al/gdrive/pic/2023-07-19/64b7edd60aac7.gif
200 OK 51 kB URL GET HTTP/2 pic.sl.al/gdrive/pic/2023-07-19/64b7edd60aac7.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerCloudflare, Inc.
Subjectsl.al
Fingerprint2C:D9:EE:C2:D2:8E:D8:03:24:CE:BF:0E:12:BC:7B:A5:76:1B:0D:9A
ValidityWed, 01 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b9ac057cf3c1089b11fb32cff77f89a
97b81003272dc8ecc203566d89685a8fecb69351
eb83e95fad72892fe3ce5b77db0acfb229674d5b1ba9ca2839f308e58e821a7e
GET /gdrive/pic/2023-07-19/64b7edd60aac7.gif HTTP/1.1
Host: pic.sl.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:34 GMT
content-type: image/webp
content-length: 51424
cache-control: max-age=315619200
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=92494
content-disposition: inline; filename="64b7edd60aac7.webp"
vary: Accept
etag: "64b7edd6-1694e"
expires: Thu, 13 Oct 2033 16:06:23 GMT
last-modified: Wed, 19 Jul 2023 14:06:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1653135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GKXBEn%2FXN43zY63JtHDrLt9RN5ddv%2F18%2BAdNPjCx9dFgC6dDnyg9fVYMybNWcekssDtZssfz9XrypevI%2Bj7IAgkAOX2XzYIudFmvQ%2BFA3%2BBkYTDXl9tDD9J54o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 81f697d6b8d96521-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kvhee.com/2c71592f058fdb6f083225ea9c18627b.gif
200 OK 38 kB URL GET HTTP/2 kvhee.com/2c71592f058fdb6f083225ea9c18627b.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectkvhee.com
Fingerprint66:CE:07:A6:A6:B7:E1:D7:4A:09:FC:10:87:F8:B7:D5:27:B6:37:11
ValidityFri, 27 Oct 2023 04:16:00 GMT - Thu, 25 Jan 2024 04:15:59 GMT
File type GIF image data, version 89a, 360 x 200\012- data
Hash 0c118d974c3f9c8689b39f73ea9d72d4
53edc4eb16cb2a022ececc3945163d0692c2b36c
29f54763af40019c2819c552f53e45994d40a3822ccbc416a97cc5c73ab2f5e7
GET /2c71592f058fdb6f083225ea9c18627b.gif HTTP/1.1
Host: kvhee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 01 Nov 2023 19:21:09 GMT
etag: "1698866470"
expires: Fri, 01 Dec 2023 19:21:09 GMT
last-modified: Wed, 01 Nov 2023 19:21:10 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 38489
X-Firefox-Spdy: h2
img.aosikaimge.com/20230426/oyEtdZ5t/1.jpg
200 OK 57 kB URL GET HTTP/1.1 img.aosikaimge.com/20230426/oyEtdZ5t/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 9ae18226753988a8fe3baf9c73edc847
797964dc1f631a231b57474c6f4ad51188f1cf3e
cdbe5281a1c948a21fb04c0c4d8e798ef96c5adc189e4cbd0e8be2c230f90ea7
GET /20230426/oyEtdZ5t/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Nov 2023 19:37:34 GMT
Content-Type: image/jpeg
Content-Length: 56916
Connection: keep-alive
Last-Modified: Wed, 26 Apr 2023 12:47:24 GMT
ETag: "64491d5c-de54"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes
player.huangguam3u.com/20231031/5rZi1qLU/1.jpg
200 OK 65 kB URL GET HTTP/2 player.huangguam3u.com/20231031/5rZi1qLU/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.huangguam3u.com
Fingerprint4E:9E:91:B1:2F:E3:32:4B:C4:7F:8F:93:91:63:CF:70:C4:69:B3:B9
ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash 198034b4ed704fb1af15aed20b35c347
368f1e701da9af3e76e0c5c0c82ac1bc74fa5cd1
70f4ae36b1eccb55435dacb95fa5761e919822b2a1997f63b216262d31418a46
GET /20231031/5rZi1qLU/1.jpg HTTP/1.1
Host: player.huangguam3u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 65338
last-modified: Tue, 31 Oct 2023 15:05:19 GMT
etag: "654117af-ff3a"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.huangguam3u.com/20231030/luy0eiKz/1.jpg
200 OK 50 kB URL GET HTTP/2 player.huangguam3u.com/20231030/luy0eiKz/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.huangguam3u.com
Fingerprint4E:9E:91:B1:2F:E3:32:4B:C4:7F:8F:93:91:63:CF:70:C4:69:B3:B9
ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 2564aedd25136925b63e6cda4afc17b6
03c4dec0cf795b3db508e76f4430fd7ce4943242
397b9418b3c1e44ac2af8b76532508cc2ce771ad26226124d06ebccdb5c06adb
GET /20231030/luy0eiKz/1.jpg HTTP/1.1
Host: player.huangguam3u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/jpeg
content-length: 50015
last-modified: Mon, 30 Oct 2023 07:02:48 GMT
etag: "653f5518-c35f"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.huangguam3u.com/20231101/C37junld/1.jpg
200 OK 17 kB URL GET HTTP/2 player.huangguam3u.com/20231101/C37junld/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectplayer.huangguam3u.com
Fingerprint4E:9E:91:B1:2F:E3:32:4B:C4:7F:8F:93:91:63:CF:70:C4:69:B3:B9
ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e124472343568ab8a0848fd18dc741af
0bbd8b809150a3f24b17116068b2df1bd88b14bf
62f81ae7ea818979be867b0a8ecde0e951179ea9f5dfdca6affa7a364bf4d7f4
GET /20231101/C37junld/1.jpg HTTP/1.1
Host: player.huangguam3u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:34 GMT
content-type: image/jpeg
content-length: 16876
last-modified: Wed, 01 Nov 2023 10:41:50 GMT
etag: "65422b6e-41ec"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230426/1P0sgxfs/1.jpg
200 OK 66 kB URL GET HTTP/1.1 img.aosikaimge.com/20230426/1P0sgxfs/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash a508f8469211d44f48cfa2e8dbbb2172
c1e57ba5a5cb417038450c2065794f54f3765486
4a9b1d7071ffd49f3af54da24432dcee4ce523223e79efde6621b042c258e8b3
GET /20230426/1P0sgxfs/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Nov 2023 19:37:34 GMT
Content-Type: image/jpeg
Content-Length: 66502
Connection: keep-alive
Last-Modified: Wed, 26 Apr 2023 12:47:23 GMT
ETag: "64491d5b-103c6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes
img.aosikaimge.com/20230612/3hLhuzgu/1.jpg
200 OK 57 kB URL GET HTTP/1.1 img.aosikaimge.com/20230612/3hLhuzgu/1.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash b63a970818340f87ce0de410659a395c
3c368b020dd7bebee2c6270c2b3d143be5fc3dd9
3884c7af28e5991d73fcbc2f66dec862cdb811b0c9282152971ba756b253c2ed
GET /20230612/3hLhuzgu/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Nov 2023 19:37:34 GMT
Content-Type: image/jpeg
Content-Length: 57318
Connection: keep-alive
Last-Modified: Tue, 13 Jun 2023 03:31:36 GMT
ETag: "6487e318-dfe6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes
element.window-locationprotocol.top/template/m1938pc/ads/dh.js
200 OK 267 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/dh.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 267 kB (266550 bytes)
Hash 2dfeccab32b525a9d5b6e7ebba387355
cbddd5df07671b4a3ade2e54a9943a0cde8672d3
9d9df0997e7b66b806bad1baccf192c0c02133330f8dc8cb956c6ecc1f436701
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Mon, 30 Oct 2023 08:57:28 GMT
vary: Accept-Encoding
etag: W/"653f6ff8-1969"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
el.phncdn.com/gif/2451761.gif
200 OK 4.5 MB URL GET HTTP/2 el.phncdn.com/gif/2451761.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerDigiCert Inc
Subject*.phncdn.com
Fingerprint1E:A0:80:BD:CA:C6:3F:0D:B7:A2:B1:C1:87:75:5D:26:45:AE:02:FF
ValidityThu, 12 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 720 x 405\012- data
Size 4.5 MB (4485188 bytes)
Hash 01a80346908f2736ff7fbc164bc715eb
61df74acfc9f4ea8524a9e4c9ef7ef24b7e9cc17
94e7e0246b8a48d88e2d0f6f2b0257db0dbf9d8180e81786e550f49c0aa7b3e1
GET /gif/2451761.gif HTTP/1.1
Host: el.phncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 4485188
expires: Thu, 28 Dec 2023 21:16:02 GMT
cache-control: max-age=10247016
last-modified: Mon, 03 Apr 2023 22:31:00 GMT
x-pending-security: A valid hash was not supplied.
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6297-2-3128538-h-0-0---;7271-155-48728----0-0-1
X-Firefox-Spdy: h2
555bb666cc.com/aa78b8d03a9642aea86b059567eac861.gif
200 OK 75 kB URL GET HTTP/1.1 555bb666cc.com/aa78b8d03a9642aea86b059567eac861.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subject222aa333bb.com
FingerprintCA:E6:7D:98:34:0F:43:C5:2B:4A:A5:73:03:7C:F6:8B:46:F8:20:C0
ValidityTue, 24 Oct 2023 14:41:12 GMT - Mon, 22 Jan 2024 14:41:11 GMT
File type GIF image data, version 89a, 320 x 185\012- data
Hash 1950b81cbab2892beaa2e7138232a769
a98bea1fb9a8ffcc75419de1ec060d38ab465b43
4608a2456ccab87d89e64801b2e5e9ba0b1df76459a115f243bb793a3df42d81
GET /aa78b8d03a9642aea86b059567eac861.gif HTTP/1.1
Host: 555bb666cc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 19:37:34 GMT
Content-Type: image/gif
Content-Length: 74803
Connection: keep-alive
Last-Modified: Wed, 25 Oct 2023 09:02:45 GMT
ETag: "6538d9b5-12433"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
s2.loli.net/2023/04/13/MzHTs1oPYOf2AW8.gif
200 OK 2.5 MB URL GET HTTP/2 s2.loli.net/2023/04/13/MzHTs1oPYOf2AW8.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 250 x 250\012- data
Size 2.5 MB (2547421 bytes)
Hash 3c5252329c9f16af1c3df0cf5d96d0dd
5a1f9764b60146737aba0e0b4bab138b1a526d94
62e676cc1f6011fc5279fed3f8620c30a3775277942100d8fe8b598c970fd120
GET /2023/04/13/MzHTs1oPYOf2AW8.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 2547421
last-modified: Thu, 13 Apr 2023 12:41:51 GMT
etag: "6437f88f-26dedd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbjOY7QbNroSODU08BuHRkRGaDryrIOdocGPI9KQwg5U1k64uDT6%2FN5Sb%2FZ0F4IiCRFgsEmvrnZ5BqxICPoNyfAlMB7xo2o93HIiKKFXY33NwqiVQvgsRXdOot40"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f697d219c456b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pic.baidutencent.com/images/35/sj200X200zz.gif
302 Found 0 B URL GET HTTP/2 pic.baidutencent.com/images/35/sj200X200zz.gif
IP
ASN #4658 2012 Limited Netfront
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectpic.baidutencent.com
FingerprintB1:BA:71:20:38:37:AB:77:28:9A:18:77:3C:FE:EF:A4:22:32:02:66
ValidityFri, 13 Oct 2023 00:00:00 GMT - Sat, 12 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/35/sj200X200zz.gif HTTP/1.1
Host: pic.baidutencent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://image.3001.net/images/20231005/1696486165_651e5315bc3458ef65268.gif
X-Firefox-Spdy: h2
files.230808.top/store/loveimgmoe/ed/46/6469d23f3389e89b4a1aed46.gif
200 OK 1.6 MB URL GET HTTP/2 files.230808.top/store/loveimgmoe/ed/46/6469d23f3389e89b4a1aed46.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGoogle Trust Services LLC
Subjectfiles.230808.top
Fingerprint40:63:ED:76:8D:B4:C8:FA:B8:8B:9C:00:C7:8B:2E:33:ED:18:D8:C4
ValidityThu, 14 Sep 2023 05:25:15 GMT - Wed, 13 Dec 2023 05:25:14 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Size 1.6 MB (1639812 bytes)
Hash 89f17a6c0e5ecfebd7d054e27f9829a9
f8b87ba147f755491aa9753f750867d8349ced11
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
GET /store/loveimgmoe/ed/46/6469d23f3389e89b4a1aed46.gif HTTP/1.1
Host: files.230808.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:34 GMT
content-type: image/gif
content-length: 1639812
vary: Origin, Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=432000
last-modified: Sun, 21 May 2023 08:18:32 GMT
cf-cache-status: HIT
age: 387198
accept-ranges: bytes
server: cloudflare
cf-ray: 81f697d78e2f5688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
facai.siwaapp.top/images/7.gif
200 OK 120 kB URL GET HTTP/2 facai.siwaapp.top/images/7.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectsiwaapp.com
FingerprintCB:D6:2B:9C:21:01:E9:A3:C2:0A:B6:90:CD:A3:71:59:AE:F8:7B:AF
ValidityThu, 19 Oct 2023 11:37:13 GMT - Wed, 17 Jan 2024 11:37:12 GMT
File type GIF image data, version 89a, 100 x 100\012- data
Size 120 kB (119536 bytes)
Hash 44c6b5b1161cda96d5ba70760e1a59a3
de1e59def3218de4db6724c36a1723c268f0323b
a25bc0e7e51f470b46957d390693e93212e5831521265b384a59648bd25c1f18
GET /images/7.gif HTTP/1.1
Host: facai.siwaapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:34 GMT
content-type: image/gif
content-length: 119536
last-modified: Sat, 30 Jul 2022 09:30:15 GMT
etag: "62e4fa27-1d2f0"
expires: Fri, 01 Dec 2023 19:37:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
element.window-locationprotocol.top/template/m1938pc/ads/sp.js
200 OK 252 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/sp.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 252 kB (252127 bytes)
Hash 83a0b17350e0d9699527564d1beac052
e6088e6e514e63169061268a8bbfc14ab0532dc3
d16b25d3e17c8813cd6fd1df8e6ac293dfd00464813865893b02aa7ac5c873e9
GET /template/m1938pc/ads/sp.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Tue, 26 Sep 2023 05:07:43 GMT
vary: Accept-Encoding
etag: W/"6512671f-6f5"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
yangyang3.oss-ap-southeast-1.aliyuncs.com/a960%C3%97120.gif
200 OK 581 kB URL GET HTTP/1.1 yangyang3.oss-ap-southeast-1.aliyuncs.com/a960%C3%97120.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGlobalSign nv-sa
Subject*.oss-ap-southeast-1.aliyuncs.com
FingerprintEB:9D:12:FC:B5:0B:5D:25:9C:F7:E0:22:CA:9D:5F:75:5E:91:2F:6C
ValidityFri, 07 Jul 2023 10:25:14 GMT - Sat, 02 Mar 2024 02:31:24 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 581 kB (581184 bytes)
Hash d3c18ae6e22dcf57ba3fdd17fac1266d
365dec4dfe230156abd42a32914ee55064c0be96
7deb17b4a5211c46cab3987300fefd37a97a473002718426942ce7fe7399c665
GET /a960%C3%97120.gif HTTP/1.1
Host: yangyang3.oss-ap-southeast-1.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 01 Nov 2023 19:37:34 GMT
Content-Type: image/gif
Content-Length: 581184
Connection: keep-alive
x-oss-request-id: 6542A8FE385D5B3833B2C2F6
Accept-Ranges: bytes
ETag: "D3C18AE6E22DCF57BA3FDD17FAC1266D"
Last-Modified: Wed, 21 Jun 2023 10:56:23 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17408034564057831286
x-oss-storage-class: Standard
x-oss-version-id: CAEQRRiBgICbrrL2xhgiIGYwNDA4ZTIyODYxNjQzZGI5ODYzOWFlNWFlODYxNDE5
x-oss-ec: 0048-00000113
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 08GK5uItz1e6P90X+sEmbQ==
x-oss-server-time: 2
ocsp.digicert.cn/
471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9823f7a518f7fe8988bbb3b21c8dafab
41c5036f10799142394a10e472de95c1b8d705d8
7c5d6e6b5b2d8430966a494451fdbd273a146be4caf3e1d481dfe15d72f6837b
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 01 Nov 2023 19:37:36 GMT
Ali-Swift-Global-Savetime: 1698867456
Via: cache3.l2de2[4,3,200-0,M], cache3.l2de2[5,0], cache7.nl2[12,12,200-0,M], cache7.nl2[13,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Nov 2023 19:37:36 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309b16988674560263057e
facai.siwaapp.top/images/22.gif
200 OK 1.6 MB URL GET HTTP/2 facai.siwaapp.top/images/22.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectsiwaapp.com
FingerprintCB:D6:2B:9C:21:01:E9:A3:C2:0A:B6:90:CD:A3:71:59:AE:F8:7B:AF
ValidityThu, 19 Oct 2023 11:37:13 GMT - Wed, 17 Jan 2024 11:37:12 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Size 1.6 MB (1639812 bytes)
Hash 89f17a6c0e5ecfebd7d054e27f9829a9
f8b87ba147f755491aa9753f750867d8349ced11
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
GET /images/22.gif HTTP/1.1
Host: facai.siwaapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:34 GMT
content-type: image/gif
content-length: 1639812
last-modified: Tue, 23 Aug 2022 03:49:28 GMT
etag: "63044e48-190584"
expires: Fri, 01 Dec 2023 19:37:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sns-avatar-qc.xhscdn.com/avatar/64992b9fcaf294a168afbc87.jpg
200 OK 55 kB URL GET HTTP/2 sns-avatar-qc.xhscdn.com/avatar/64992b9fcaf294a168afbc87.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerDigiCert Inc
Subject*.xhscdn.com
Fingerprint39:E3:92:ED:B7:F8:E1:6B:15:D0:6A:AF:13:06:81:50:E8:FD:9F:F1
ValidityMon, 29 May 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Hash c7e11f743807d0c71e843f72640732a4
a9215602e329df0c9de78c88017547a9aa569828
33c0fbdb7f4dcb39309f12c69eb95f312e16c4668a550203f3ec2b0ef32ef885
GET /avatar/64992b9fcaf294a168afbc87.jpg HTTP/1.1
Host: sns-avatar-qc.xhscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: tencent-ci
content-length: 54730
x-delay: 23747 us
x-info: real data
x-datasrc: 7
size: 54730
x-reqid: MTY5Njk2OTE4NV8wX0ExODYyNzlDNjg2RjRDRTQ4RThGMzIzQkY0OTRBREQ2
x-rtflag: 1
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 google
date: Tue, 10 Oct 2023 20:19:45 GMT
cache-control: public,max-age=3600
last-modified: Mon, 26 Jun 2023 14:09:35 GMT
etag: c7e11f743807d0c71e843f72640732a4
content-type: image/gif
age: 1898271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.tumhsduusuu.top/CDNtb/00003.gif
200 OK 33 kB URL GET HTTP/2 www.tumhsduusuu.top/CDNtb/00003.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectwww.tumhsduusuu.top
Fingerprint41:39:55:36:EB:76:8B:BC:C1:65:30:9E:90:0F:4E:D9:16:C0:4D:93
ValiditySun, 22 Oct 2023 11:12:37 GMT - Sat, 20 Jan 2024 11:12:36 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Hash 24ea2cd3b57116c5b6ea46a08810ed08
70c40762a6b9adfcfe998cf9e44d8ad81c51f184
f2b79e518b7e140f8fe8e26cc75c3b467654db4b64256a2d8c49a984add47fe3
GET /CDNtb/00003.gif HTTP/1.1
Host: www.tumhsduusuu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Wed, 01 Nov 2023 19:37:35 GMT
content-type: image/gif
content-length: 33316
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=31536000
content-disposition: inline; filename="00003.gif"; filename*=utf-8''00003.gif
content-md5: JOos07VxFsW26kagiBDtCA==
content-transfer-encoding: binary
etag: "FnDEB2Kmua38_pmM-eRNitgcUfGE"
last-modified: Mon, 24 Jul 2023 07:05:10 GMT
x-reqid: Ky0DAJd8skPzlpMX
x-svr: IO
x-qiniu-zone: 1
x-log: X-Log
X-Firefox-Spdy: h2
2023img.yslulu69.xyz/img3/333.gif
200 OK 1.1 MB URL GET HTTP/2 2023img.yslulu69.xyz/img3/333.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subject2023img.yslulu69.xyz
Fingerprint40:EA:D8:A0:1F:59:7D:53:2A:8D:0C:85:1F:46:93:62:B2:5A:39:95
ValidityFri, 22 Sep 2023 15:10:30 GMT - Thu, 21 Dec 2023 15:10:29 GMT
File type GIF image data, version 89a, 500 x 500\012- data
Size 1.1 MB (1125100 bytes)
Hash 6a41037c58c1a551db82e66dbd3ede49
6268be7152f374d0eae3d329b2b5bcc65a0411df
66040f3589adab4143717e37e9d46f51cc2df1cf73db95d0db8318d8e4d473d6
GET /img3/333.gif HTTP/1.1
Host: 2023img.yslulu69.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:35 GMT
content-type: image/gif
content-length: 1125100
last-modified: Wed, 23 Mar 2022 05:18:52 GMT
etag: "623aadbc-112aec"
expires: Fri, 01 Dec 2023 19:37:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9823f7a518f7fe8988bbb3b21c8dafab
41c5036f10799142394a10e472de95c1b8d705d8
7c5d6e6b5b2d8430966a494451fdbd273a146be4caf3e1d481dfe15d72f6837b
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 01 Nov 2023 19:37:36 GMT
Ali-Swift-Global-Savetime: 1698867456
Via: cache5.l2de2[194,194,200-0,M], cache5.l2de2[195,0], cache5.nl2[204,203,200-0,M], cache5.nl2[204,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Nov 2023 19:37:36 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309916988674565352945e
zhibo128x.xyz/18/180180.gif
200 OK 246 kB URL GET HTTP/1.1 zhibo128x.xyz/18/180180.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectzhibo128x.xyz
Fingerprint6C:39:DD:D9:6C:66:D4:E6:8B:89:03:33:A8:BA:8F:61:0F:E5:0F:0A
ValiditySat, 23 Sep 2023 15:14:35 GMT - Fri, 22 Dec 2023 15:14:34 GMT
File type GIF image data, version 89a, 100 x 100\012- data
Size 246 kB (245681 bytes)
Hash 8410d45b2bc678e3d3f6bace277f0194
a34fdab4212014ce03f99c3e15a7a29575e17015
ade534d1d48ad181eb469060240e069ed836e853d47a9c7ff49fb7c32eaf315c
GET /18/180180.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 01 Nov 2023 19:39:46 GMT
Content-Type: image/gif
Content-Length: 245681
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 18:14:43 GMT
ETag: "64a5b313-3bfb1"
Expires: Fri, 01 Dec 2023 08:18:45 GMT
Cache-Control: max-age=2592000
Via: localhost.localdomain
CDN-Cache: HIT
Accept-Ranges: bytes
img.firefoxcartoon.com/image/21dfghjfdsdhjhfdsdfgkjfdsdfgjkkjg.gif
200 OK 303 kB URL GET HTTP/2 img.firefoxcartoon.com/image/21dfghjfdsdhjhfdsdfgkjfdsdfgjkkjg.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectimg.firefoxcartoon.com
Fingerprint2F:1B:40:14:8A:26:FC:DF:D0:24:DF:8C:1B:74:F6:C9:CB:75:6C:76
ValidityWed, 28 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 204 x 204\012- data
Size 303 kB (302941 bytes)
Hash 849d3b77a87512fb8e63de7fe770a145
7257e8ddd72330f7a2f47b86f479e1afca446948
dae2cf0264685acac5a0568c4ff2f4ad162158e367a78542e41255539c2365aa
GET /image/21dfghjfdsdhjhfdsdfgkjfdsdfgjkkjg.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:36 GMT
content-type: image/gif
content-length: 302941
last-modified: Thu, 23 Jun 2022 14:43:46 GMT
etag: "62b47c22-49f5d"
expires: Fri, 01 Dec 2023 19:37:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
image.3001.net/images/20231005/1696486165_651e5315bc3458ef65268.gif
200 OK 596 kB URL GET HTTP/2 image.3001.net/images/20231005/1696486165_651e5315bc3458ef65268.gif
IP
ASN #135391 AOFEI DATA INTERNATIONAL COMPANY LIMITED
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subject*.3001.net
Fingerprint00:F1:30:46:2C:DA:C5:30:69:BB:2D:BF:9B:4F:2D:8E:A7:38:25:EE
ValidityThu, 26 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Size 596 kB (595672 bytes)
Hash 5a483beb88086bc25d6bb500003e967a
4b1c59599692b1bacab4fa37b68f4262d17436b8
8d19255efb7d9cc3cb59ca985fc1835e5bd3a34104fef51ef6b118a22b388715
GET /images/20231005/1696486165_651e5315bc3458ef65268.gif HTTP/1.1
Host: image.3001.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: marco/2.20
date: Wed, 01 Nov 2023 19:37:37 GMT
content-type: image/gif
content-length: 595672
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 86400
x-request-id: d00b008c24c8fb163f5c87bb451563e4; 59333625cff14c0a1764f7eac43c0add; af8530fdc7274ed0f8dfc79180f7193c; ab4b4959dc09eeda65198b8bf6ff288e
x-source: U/200
x-upyun-content-length: 595672
etag: "3f08538faf6b1a241ebc896c6d2d4ff0-1"
last-modified: Thu, 05 Oct 2023 06:09:25 GMT
x-upyun-content-type: image/gif
expires: Thu, 02 Nov 2023 07:18:53 GMT
cache-control: max-age=691200
accept-ranges: bytes
age: 649124
via: T.202.H, V.403-zj-fud-207, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-167, T.132.H, M.gtt-de-fra2-132
X-Firefox-Spdy: h2
storage.googleapis.com/yanc/imgs/y150150b.gif
200 OK 184 kB URL GET HTTP/2 storage.googleapis.com/yanc/imgs/y150150b.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGoogle Trust Services LLC
Subjectstorage.googleapis.com
FingerprintB5:C4:FF:69:46:07:46:83:93:EF:C8:5C:51:72:1A:D8:C9:71:9E:81
ValidityMon, 09 Oct 2023 08:15:02 GMT - Mon, 01 Jan 2024 08:15:01 GMT
File type GIF image data, version 89a, 150 x 150\012- data
Size 184 kB (184507 bytes)
Hash 018b6a34e249ec5f57830a74bf238086
07c278b188004a36ff6ca81a5dd0c677c39dd7b8
48f500c6c3edfdcca5ff014aca91aaf428b0f14318ff0c92cce660ad40e5b2cf
GET /yanc/imgs/y150150b.gif HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoa9Coyzdjkk-sU4FOkppaCTDa3jBoA4-VESXyfd5qJcRoMfXgJQUm4wl4j9FFo7MPgsvw
x-goog-generation: 1684473577221332
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 184507
x-goog-hash: crc32c=1+Y9SQ==, md5=AYtqNOJJ7F9Xgwp0vyOAhg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 184507
server: UploadServer
date: Wed, 01 Nov 2023 19:37:37 GMT
expires: Wed, 01 Nov 2023 20:37:37 GMT
cache-control: public, max-age=3600
last-modified: Fri, 19 May 2023 05:19:37 GMT
etag: "018b6a34e249ec5f57830a74bf238086"
content-type: image/gif
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
el.phncdn.com/gif/44733331.gif
200 OK 36 MB URL GET HTTP/2 el.phncdn.com/gif/44733331.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerDigiCert Inc
Subject*.phncdn.com
Fingerprint1E:A0:80:BD:CA:C6:3F:0D:B7:A2:B1:C1:87:75:5D:26:45:AE:02:FF
ValidityThu, 12 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1280 x 720\012- data
Size 36 MB (35641931 bytes)
Hash d09bdfeea2e9d0234e63c08d8be58f36
a198ae97329ec47286fd7324fb4ba7bc4019e75c
8d5c657deaf83e56da642569b3664e7acfc551fc00cadba33d4b7ee2062cda31
GET /gif/44733331.gif HTTP/1.1
Host: el.phncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 35641931
expires: Sun, 24 Dec 2023 00:18:27 GMT
cache-control: max-age=10051442
last-modified: Thu, 10 Aug 2023 22:12:33 GMT
x-pending-security: A valid hash was not supplied.
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6297-4-3128986-h-0-0---;7271-155-48728----0-1-0
X-Firefox-Spdy: h2
el.phncdn.com/gif/44713091.gif
38 MB URL GET el.phncdn.com/gif/44713091.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerDigiCert Inc
Subject*.phncdn.com
Fingerprint1E:A0:80:BD:CA:C6:3F:0D:B7:A2:B1:C1:87:75:5D:26:45:AE:02:FF
ValidityThu, 12 Jan 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1280 x 720\012- data
Size 38 MB (38254965 bytes)
Hash 49298cee3c7f71ca288c3b5ee2e33fbb
92aa033173166b8e8aa23a93959b24e0617361d1
8e2d6cb5cfcb6b3103685cd30f8cd656e3d22038c70e941b3f8c77e20df39f88
GET /gif/44713091.gif HTTP/1.1
Host: el.phncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
content-length: 38254965
expires: Thu, 21 Dec 2023 07:04:48 GMT
cache-control: max-age=10310685
last-modified: Tue, 08 Aug 2023 20:58:02 GMT
x-pending-security: A valid hash was not supplied.
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: ams5-6298-1-5023-h-0-0---;7271-124-48728----0-1-0
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: 17856
rule-data-version: 3
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-12-08-22-56-18.chain; p384ecdsa=SMhapQVHc3_vWYC9c7B5fpYXFxYwvw_UUvYQZwmjv5yPRqIZiNzJg-4-bGwNK-iUj2tc5kW-VU9vcS8N7r7kzB4Ew7Gd74yVTEBo4cpL0BM_6IsFd-UM41WjjWHFXyH5
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Wed, 01 Nov 2023 19:35:33 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 134
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/6c7d9b78-4642-461c-9b2d-b802ccd7a1d5.bin
817 kB URL firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/6c7d9b78-4642-461c-9b2d-b802ccd7a1d5.bin
IP
Size 817 kB (817083 bytes)
Hash 6b5b15372ca108d4b33caf02ed016f3e
13df17583626a0987070dde4340f876d08c401c0
9c890391b90d43bf692755185bfa1780ee051467ae9a2775759d9866f4546664
GET /staging/addons-bloomfilters/6c7d9b78-4642-461c-9b2d-b802ccd7a1d5.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpQD9yMON5FtcyUgzr2vGfHCzoKpVBwc4N26uj-t-ZWYotdmNlUQBXlwtrJ_Exl6HAykggCcGkRnydOkAv5lVkMMUatoC5W
x-goog-generation: 1690223885754624
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 817083
x-goog-hash: crc32c=NmyCHA==, md5=a1sVNyyhCNSzPK8C7QFvPg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 817083
server: UploadServer
date: Sat, 28 Oct 2023 15:49:55 GMT
cache-control: public,max-age=604800
age: 359272
last-modified: Mon, 24 Jul 2023 18:38:05 GMT
etag: "6b5b15372ca108d4b33caf02ed016f3e"
content-type: application/octet-stream
alt-svc: clear
X-Firefox-Spdy: h2
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Wed, 07 Jun 2023 18:17:03 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1686161822.36709
Content-Type: application/zip
X-Trans-Id: tx850f8ba461544848b47ef-006519bffadfw1
Cache-Control: public, max-age=190563
Expires: Sat, 04 Nov 2023 00:33:50 GMT
Date: Wed, 01 Nov 2023 19:37:47 GMT
Connection: keep-alive
jt.hza01.com/jingtai/szgg/ky350.gif
0 B URL GET jt.hza01.com/jingtai/szgg/ky350.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/szgg/ky350.gif HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
element.window-locationprotocol.top/template/m1938pc/ads/sp3.js
200 OK 1.8 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/sp3.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (1816), with no line terminators
Hash 669f8a9b2f6a34ebfd90883553c9a0e7
1dd590dbd71d323094e44d9ddf2b5ea0aaa202d4
34d4d75c16e90f86c113e19da248c2d7f6bde32cd5151c715d4a6963ed6646ae
GET /template/m1938pc/ads/sp3.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 11:39:47 GMT
vary: Accept-Encoding
etag: W/"653cf303-6dd"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
jt.hza01.com/jingtai/9588/jzspk680350.wgifw
0 B URL GET jt.hza01.com/jingtai/9588/jzspk680350.wgifw
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/9588/jzspk680350.wgifw HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
maxun077.top/24bff9fdc4c5f3d042055758e983c831.gif
200 OK 266 kB URL GET HTTP/2 maxun077.top/24bff9fdc4c5f3d042055758e983c831.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectmaxun077.top
FingerprintDF:8C:6E:FB:DF:73:E9:9F:E7:92:8B:CA:58:EB:94:1F:D1:79:93:48
ValidityThu, 26 Oct 2023 23:12:49 GMT - Wed, 24 Jan 2024 23:12:48 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 266 kB (265672 bytes)
Hash 16deb8dd632a7ad2b2dbf34dc431756e
c02532c4c572e037c2100dd5d8c896a57ef1d0cb
8612988c08c771a0d50a93625019f71c0bf2892ec98e03d81d0990af30211741
GET /24bff9fdc4c5f3d042055758e983c831.gif HTTP/1.1
Host: maxun077.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 01 Nov 2023 19:33:34 GMT
etag: "1698867215"
expires: Fri, 01 Dec 2023 19:33:34 GMT
last-modified: Wed, 01 Nov 2023 19:33:35 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 265672
X-Firefox-Spdy: h2
jt.hza01.com/jingtai/szgg/1332wy120.gif.js
0 B URL GET jt.hza01.com/jingtai/szgg/1332wy120.gif.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/szgg/1332wy120.gif.js HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
element.window-locationprotocol.top/template/m1938pc/ads/sp1.js
200 OK 1.8 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/ads/sp1.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (1826), with no line terminators
Hash 802daeb59d49d25944db4a4577db681a
de44c0101cb6a001b532494f40dc7be1a8f8aa6f
11669c93426c798dfff6fa1cde4b75d2779404074576ab0ffc5619d43ba2546e
GET /template/m1938pc/ads/sp1.js HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 11:39:29 GMT
vary: Accept-Encoding
etag: W/"653cf2f1-6db"
expires: Thu, 02 Nov 2023 07:37:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
jt.hza01.com/jingtai/szgg/872/960x100-872.gif.js
0 B URL GET jt.hza01.com/jingtai/szgg/872/960x100-872.gif.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/szgg/872/960x100-872.gif.js HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
boyinjs.com/pic/-8a51a6cdea8edf6585b603.gif
0 B URL GET boyinjs.com/pic/-8a51a6cdea8edf6585b603.gif
IP
Requested by https://element.window-locationprotocol.top/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pic/-8a51a6cdea8edf6585b603.gif HTTP/1.1
Host: boyinjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
jt.hza01.com/jingtai/szgg/872/600X350-872.wgifw
0 B URL GET jt.hza01.com/jingtai/szgg/872/600X350-872.wgifw
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/szgg/872/600X350-872.wgifw HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
jt.hza01.com/jingtai/szgg/wy350.gif
0 B URL GET jt.hza01.com/jingtai/szgg/wy350.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/szgg/wy350.gif HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
element.window-locationprotocol.top/template/m1938pc/images/c3.gif
200 OK 120 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/images/c3.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 300 x 300\012- data
Size 120 kB (119944 bytes)
Hash 970ce0b9aa1a39517549704486f6b76e
f800ac879995290b0299b0f835b6625a4a956bce
afdb28e7fae4ca0be680c8182311937f0e64f918cdd9548c56ed96ee92047020
GET /template/m1938pc/images/c3.gif HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/gif
content-length: 119944
last-modified: Thu, 10 Aug 2023 12:24:04 GMT
etag: "64d4d6e4-1d488"
expires: Fri, 01 Dec 2023 19:37:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
maxun066.top/457848ec4c4ba3a5a998e9d4ef376953.gif
200 OK 334 kB URL GET HTTP/2 maxun066.top/457848ec4c4ba3a5a998e9d4ef376953.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectmaxun066.top
Fingerprint1F:EC:6F:56:B1:BC:96:6B:6B:20:D0:93:33:84:2B:97:D2:BE:A7:28
ValidityThu, 26 Oct 2023 10:44:06 GMT - Wed, 24 Jan 2024 10:44:05 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 334 kB (334447 bytes)
Hash 951b69336d9c15a474f41f1570950b3d
dbeb8fd225c80ce43707842386496340cd8d9bb4
76cce8df402fc0d22d11148e2c3234c754729790550a898bf49b5040b6c0e27a
GET /457848ec4c4ba3a5a998e9d4ef376953.gif HTTP/1.1
Host: maxun066.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 137076
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 81f6952b0ff7dc63-LHR
content-type: image/gif
date: Wed, 01 Nov 2023 19:35:45 GMT
etag: "1698867345"
expires: Thu, 30 Nov 2023 05:31:09 GMT
last-modified: Wed, 01 Nov 2023 19:35:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjG3emVsginEgbHEnqO2uuNN4QFKzaCeEGWRMoyKjpLHhr6NHmPTORahUHpEM1UtZIJOLpJXqf4Y52jaE48mim59ZJVju0FggSBImEDugR6Pf7Mo0M7GAtzmVourlI60Lt39wsproPSA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT, policy, disk
content-length: 334447
X-Firefox-Spdy: h2
tupian.baitu1llbkotsfthllcjeg.com/img/55.gif
200 OK 90 kB URL GET HTTP/2 tupian.baitu1llbkotsfthllcjeg.com/img/55.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerGoogle Trust Services LLC
Subjectbaitu1llbkotsfthllcjeg.com
Fingerprint4E:80:E8:DC:7C:86:E9:24:11:1E:0B:A6:9D:F2:C2:03:3E:2B:90:0D
ValidityThu, 05 Oct 2023 20:17:15 GMT - Wed, 03 Jan 2024 20:17:14 GMT
File type GIF image data, version 89a, 100 x 100\012- data
Hash d88ee97b05889f5ef40fbae649237fa5
301be86914172d797eb9dfc06bddee68ddf5c02d
5e9f75505aa2c32edb00f63e4212aeefdac40dad7d9d6e9aab08a0c29f46735c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/55.gif HTTP/1.1
Host: tupian.baitu1llbkotsfthllcjeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:37:33 GMT
content-type: image/gif
expires: Sun, 19 Nov 2023 14:11:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
last-modified: Fri, 20 Oct 2023 14:11:15 GMT
cf-cache-status: HIT
age: 660358
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri0v3RJ%2BzK%2FLj0cvz4r%2Fz7QYM5VTN%2BdbAzskEal5EK1suTv7j5IaY%2BC8EH%2FRffwohetc%2FEnQhAJuF9w38cuwYzLk8vMYn58qgBaFDV%2BSzUI8KjAHevCTxc26TkbYsTdZlcj9L8RWi1PvuK%2Fnw0kNmC1N6Js%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f697d22e82568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.hgimg01.com/upload/vod/20231101-1/d901c58186b1ddb380a65d96f3fdde41.jpg
200 OK 622 kB URL GET HTTP/2 img.hgimg01.com/upload/vod/20231101-1/d901c58186b1ddb380a65d96f3fdde41.jpg
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.hgimg01.com
Fingerprint0C:7D:DA:FE:45:AF:F8:E9:04:7D:6E:95:EB:01:9F:88:D3:AB:3A:40
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 622 kB (622053 bytes)
Hash edf265802fd03b866539e2311f1e696b
27cc514df560632c3cffd4d94bc1e595a5b920ce
e8d0e5da38445203419dfecf37dc400341d4f118ef964e7dc39e2f27453b6381
GET /upload/vod/20231101-1/d901c58186b1ddb380a65d96f3fdde41.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:32 GMT
content-type: image/jpeg
content-length: 622053
last-modified: Wed, 01 Nov 2023 08:22:42 GMT
etag: "65420ad2-97de5"
expires: Fri, 01 Dec 2023 08:22:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
jt.hza01.com/jingtai/8110/img/1009sz/ky960x100.gif.js
0 B URL GET jt.hza01.com/jingtai/8110/img/1009sz/ky960x100.gif.js
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/8110/img/1009sz/ky960x100.gif.js HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
555bb666cc.com/cc7a6c133cf64e38b815e3e25b57a0a6.gif
200 OK 252 kB URL GET HTTP/1.1 555bb666cc.com/cc7a6c133cf64e38b815e3e25b57a0a6.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subject222aa333bb.com
FingerprintCA:E6:7D:98:34:0F:43:C5:2B:4A:A5:73:03:7C:F6:8B:46:F8:20:C0
ValidityTue, 24 Oct 2023 14:41:12 GMT - Mon, 22 Jan 2024 14:41:11 GMT
File type GIF image data, version 89a, 750 x 120\012- data
Size 252 kB (251544 bytes)
Hash aadf9ba2a7dc4d2e750a3c7eecaa27aa
ae0409e071c340538cf60e9db6937dc17acde7bd
e75b889afdbee64bc9d313afb64f734c2c34fa08b87595055f79385f92719c82
GET /cc7a6c133cf64e38b815e3e25b57a0a6.gif HTTP/1.1
Host: 555bb666cc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 19:37:34 GMT
Content-Type: image/gif
Content-Length: 251544
Connection: keep-alive
Last-Modified: Sat, 07 Oct 2023 12:19:13 GMT
ETag: "65214cc1-3d698"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
jt.hza01.com/jingtai/9588/jz96060.gif
0 B URL GET jt.hza01.com/jingtai/9588/jz96060.gif
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerLet's Encrypt
Subjectjt.hza01.com
Fingerprint87:32:00:54:30:B3:BC:A9:54:C3:1F:E1:FF:6D:CC:93:51:AA:07:26
ValidityFri, 27 Oct 2023 08:32:41 GMT - Thu, 25 Jan 2024 08:32:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jingtai/9588/jz96060.gif HTTP/1.1
Host: jt.hza01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
element.window-locationprotocol.top/template/m1938pc/images/video-play.png
200 OK 1.6 kB URL GET HTTP/2 element.window-locationprotocol.top/template/m1938pc/images/video-play.png
IP
Requested by https://element.window-locationprotocol.top/
Certificate IssuerSectigo Limited
Subjectcreate.document-createelement.top
FingerprintFD:AC:E6:F3:4C:60:FA:F2:66:B4:BE:82:12:01:57:78:57:21:85:DC
ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: element.window-locationprotocol.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://element.window-locationprotocol.top/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 Nov 2023 19:37:31 GMT
content-type: image/png
content-length: 1567
last-modified: Wed, 10 Aug 2022 07:27:16 GMT
etag: "62f35dd4-61f"
expires: Fri, 01 Dec 2023 19:37:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
156.250.225.45
111.13.153.152
172.67.74.119
202.81.229.169
0.0.0.0
89.105.216.254
167.235.193.182
128.140.124.155
161.117.155.43
2.18.121.73
104.234.69.51