www.q6886.com/
200 OK 746 B IP
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 1ee113d7705bf19a87be66c19294a1fd
70537f183416152bc06bbb466a0b35486e6756c0
0256ad79b104bfe8e8d8fb4ee9bccb688e7aa92ccf3e3b4f282c41a8c7c7e5e9
GET / HTTP/1.1
Host: www.q6886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Feb 2025 06:46:03 GMT
Content-Type: text/html
Content-Length: 746
Connection: keep-alive
www.q6886.com/leifeng.txt
200 OK 746 B URL User Request GET www.q6886.com/leifeng.txt
IP
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 1ee113d7705bf19a87be66c19294a1fd
70537f183416152bc06bbb466a0b35486e6756c0
0256ad79b104bfe8e8d8fb4ee9bccb688e7aa92ccf3e3b4f282c41a8c7c7e5e9
GET /leifeng.txt HTTP/1.1
Host: www.q6886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Feb 2025 06:46:04 GMT
Content-Type: text/html
Content-Length: 746
Connection: keep-alive
www.q6886.com/common.js
200 OK 651 B IP
Requested by http://www.q6886.com/leifeng.txt
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 2d1e5db43cf6ffaac7f08b4c276e6630
717092b358cd0bceb9e0bcf359cbc5f1fe13dbdf
d8e7214463470f15ea4cc0415f2dd49450009a841a922912ddf90dd1aa47477c
GET /common.js HTTP/1.1
Host: www.q6886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/leifeng.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Feb 2025 06:46:04 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.q6886.com/tj.js
200 OK 258 B IP
Requested by http://www.q6886.com/leifeng.txt
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 3ca312c9ad44727fbe2dd1638fcc9c1c
004d7b6495c412847b7ca1c5fa265f413ca44b81
6fa32ba0017f527279d0c2b673cfa9531948747b2240938091c7a5d48385fb1d
GET /tj.js HTTP/1.1
Host: www.q6886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/leifeng.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Feb 2025 06:46:04 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.q6886.com/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 www.q6886.com/favicon.ico
IP
Requested by http://www.q6886.com/leifeng.txt
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.q6886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/leifeng.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Feb 2025 06:46:05 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:24 GMT
Connection: keep-alive
ETag: "4e0d81e0-47e"
Expires: Sat, 08 Feb 2025 06:46:05 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
200 OK 232 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Requested by http://www.q6886.com/leifeng.txt
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 232
Content-Type: text/javascript
Server: bfe
Date: Mon, 03 Feb 2025 06:46:06 GMT
api.share.baidu.com/s.gif?l=http://www.q6886.com/leifeng.txt
200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.q6886.com/leifeng.txt
IP
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Requested by http://www.q6886.com/leifeng.txt
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.q6886.com/leifeng.txt HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 03 Feb 2025 06:46:07 GMT
hm.baidu.com/hm.js?5a6a8d85e64ceedf74f0e52e78ba624c
200 OK 0 B URL GET HTTP/1.1 hm.baidu.com/hm.js?5a6a8d85e64ceedf74f0e52e78ba624c
IP
Requested by http://www.q6886.com/leifeng.txt
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hm.js?5a6a8d85e64ceedf74f0e52e78ba624c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Date: Mon, 03 Feb 2025 06:46:07 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: text/plain; charset=utf-8
aap.ai-pw23.top/
200 OK 201 B IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by http://www.q6886.com/leifeng.txt
File type HTML document, Unicode text, UTF-8 (with BOM) text
Hash 4f34f37e502941213ffe37286dad0de8
bd5ca625a82c70e0eee11396ec2c4bb9c38f9d2c
6983376e29d2929e0111ae9a71883c231680e30e09a48998ad9b2f1302e0e50d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: aap.ai-pw23.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.q6886.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 25 Jan 2025 09:20:28 GMT
Accept-Ranges: bytes
ETag: "acd8b60a6fdb1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Feb 2025 06:45:52 GMT
Content-Length: 201
p.sda1.dev/16/91dcbdc6a16b00d4c87cf562c49d63eb/300x200.gif
200 OK 76 kB URL GET HTTP/2 p.sda1.dev/16/91dcbdc6a16b00d4c87cf562c49d63eb/300x200.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGoogle Trust Services
Subjectsda1.dev
Fingerprint8B:A9:7C:31:51:F6:F6:74:7B:BC:92:46:E9:8D:09:E7:C8:1A:D7:0A
ValidityThu, 02 Jan 2025 21:05:17 GMT - Wed, 02 Apr 2025 22:02:31 GMT
File type GIF image data, version 89a, 300 x 200
Hash 51465deadf192684c1209b010de78155
f8cf438d6df09812f6b7a91a8fc0bb55f5f2e334
039dec8d1a72a79370829ef6b558ba20934a830b4991147220e3f0c05a6c7fb8
GET /16/91dcbdc6a16b00d4c87cf562c49d63eb/300x200.gif HTTP/1.1
Host: p.sda1.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: image/gif
content-length: 76338
access-control-allow-origin: *
age: 163526
cache-control: max-age=691200, immutable
last-modified: Fri, 31 Jan 2025 09:47:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2ByQ3pcKdRtYQiwHmEGdjBZ3ngCDkLkBNC8ucYh00NuGY%2Bar8lik%2FqcgG6oNubRgayZNI2%2FgH0bM6mw7Qqh8TyhnVosE3PIIFTdNqsMw7wLMEQOQYU5JR2HkdKnekL1k1OSlF5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 90c07657cc4b56bf-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=55384&min_rtt=55384&rtt_var=27692&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=724&delivery_rate=0&cwnd=131&unsent_bytes=0&cid=0000000000000000&ts=0&x=0", cfL4;desc="?proto=TCP&rtt=695&min_rtt=464&rtt_var=498&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1233&delivery_rate=7098039&cwnd=254&unsent_bytes=0&cid=d8876d072e14a369&ts=39&x=0"
X-Firefox-Spdy: h2
imgs.imgclh.com/imgs/2024/08/07/e5073f9040e77997.gif
200 OK 88 kB URL GET HTTP/2 imgs.imgclh.com/imgs/2024/08/07/e5073f9040e77997.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGoogle Trust Services
Subjectimgclh.com
Fingerprint96:70:EA:DA:1E:2D:09:13:7B:31:27:65:73:DC:57:70:B1:DB:FA:DE
ValidityWed, 15 Jan 2025 10:46:01 GMT - Tue, 15 Apr 2025 11:44:31 GMT
File type GIF image data, version 89a, 100 x 100
Hash 00c98fb21db63589ed9ae0f10dabc9b7
42fd299f8feb1a4992035f1c4bbc1794bc5040a4
8255239b13af2d9841e6aa264028339159c8acb310eb106369618977c7f163fd
GET /imgs/2024/08/07/e5073f9040e77997.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: image/gif
content-length: 87827
last-modified: Wed, 07 Aug 2024 06:23:09 GMT
etag: "66b312cd-15713"
expires: Mon, 03 Mar 2025 09:20:43 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 163526
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bv7X%2Bq1YehLNNPHZWVFUFGe0Z%2FDiMIu7s9KLBqgk%2BpMU8j9uq0O92lHsMk9Hp%2B0NrRyp71TEHdx6HkKKQUUgmcKdFAOcGspIrlSMypGD77wlnHIedZGEk2FW0RFjWDYq3GU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90c07657cc465684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=700&min_rtt=473&rtt_var=390&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1234&delivery_rate=6621951&cwnd=254&unsent_bytes=0&cid=9bf541ff9c782d6e&ts=37&x=0"
X-Firefox-Spdy: h2
v.xn--xhq326aj6yqpw.com/e20241129_2010_1.gif
200 OK 51 kB URL GET HTTP/2 v.xn--xhq326aj6yqpw.com/e20241129_2010_1.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
FingerprintAD:73:AB:2D:8B:5C:ED:1C:A1:43:6F:AE:41:17:C2:11:A3:14:9A:87
ValiditySun, 02 Feb 2025 13:00:18 GMT - Sat, 03 May 2025 13:00:17 GMT
File type GIF image data, version 89a, 350 x 200
Hash 8409be7b288e59aa3425e07ace0df045
62a70ecbcb78cbf94037f423f4c2fdad15bc095a
6006973cc12c732b4c7739f2b72199712b27ed50a6b382028ca3a0c944576f47
GET /e20241129_2010_1.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: image/gif
content-length: 51379
last-modified: Fri, 29 Nov 2024 12:18:56 GMT
etag: "6749b130-c8b3"
expires: Sun, 16 Feb 2025 16:09:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1434991
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vx4quEsbk9u5ijHHUPDNZmkgzHGcRxJntKvoITjBib0NgIu08loTvD2PjJjoEp1r%2BPdh4XwtECdYI0KIwICClSsdNrASQz1yeahtTkkjaDtpm6B9ip%2BqbLmsL%2BKGRM9r%2BkSDtJwT52Ux0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90c0765968e9568d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=535&min_rtt=477&rtt_var=198&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2783&recv_bytes=1101&delivery_rate=4693679&cwnd=252&unsent_bytes=0&cid=e6da1337da2f141b&ts=31&x=0"
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/images/layer.js
404 Not Found 479 B URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/images/layer.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 57dd7bfa6c07bfe5eeada45d4bdd78ec
395c6ad5c3ae0e8ea47281f5007c369551b32ad7
c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5
GET /template/69tang6/images/layer.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: text/html
content-length: 479
etag: "616fb297-1df"
X-Firefox-Spdy: h2
pica.zhimg.com/v2-37338d9df0f9bccffdf2f11fe9c7a8b3
200 OK 228 kB URL GET HTTP/2 pica.zhimg.com/v2-37338d9df0f9bccffdf2f11fe9c7a8b3
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerDigiCert, Inc.
Subject*.zhimg.com
Fingerprint87:81:D2:18:0A:9D:6A:15:CA:48:99:B7:32:A2:75:68:71:1B:5F:6C
ValidityTue, 14 Jan 2025 00:00:00 GMT - Wed, 11 Feb 2026 23:59:59 GMT
File type GIF image data, version 89a, 590 x 360
Size 228 kB (227569 bytes)
Hash 37338d9df0f9bccffdf2f11fe9c7a8b3
b821d896e360acff3a32e0a9d3de3d103f1995bc
2547120bf0eb66990d8c1264489c0dd77ef4c54ef41db362e9cbf8342f8e8fe7
GET /v2-37338d9df0f9bccffdf2f11fe9c7a8b3 HTTP/1.1
Host: pica.zhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2024 03:45:07 GMT
server: Byte-nginx
content-type: image/gif
date: Wed, 13 Mar 2024 03:45:07 GMT
imagex-demotion: anim/awebp
imagex-fmt: awebp2gif
nw-anim-demotion: true
nw-session-id: 20240313114507E919308D1CF59966B3D56885901ff
nw-session-trace: 2024-03-13T11:45:07.598441684+08:00 47
server-timing: inner; dur=50
x-bdcdn-cache-status: TCP_MISS
x-length: 227569
x-powered-by: ImageX
x-response-date: Wed, 13 Mar 2024 11:45:07 GMT
x-tt-logid: 20240313114507E919308D1CF59966B3D5
x-tt-trace-host: 0197a4392d9ba1caf8fd002d3ae64fda78ed618117ee11fd04f3b1fc0855cf619d551f099ae3101275dc8952434abc1ad14fef1dafc8e15bdaf6c2dffce84202c7c1c2d90dd93f5d6da959dbf89b0a955c29dfb018c1bfe30f0aa9be5b4ffe71fb43b8d9624b6bac432e89e0c49943bd72
x-tt-trace-id: 202403131145070101202320900381B6FB7D4
x-tt-trace-tag: id=5
x-request-ip: 120.233.43.230
x-request-id: 199e21e438d9dfbed5b496676aa673ec
x-response-cinfo: 120.233.43.230
x-response-cache: miss
cache-control: max-age=30
content-length: 227569
accept-ranges: bytes
x-nws-log-uuid: 1019300179760292717
x-cache-lookup: Cache Hit
x-cdn-provider: tencent
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/
200 OK 12 kB IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by http://www.q6886.com/leifeng.txt
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type gzip compressed data, from Unix
Hash d6d41d5f557fffa587dc5aa1b3e84fe8
11eec2a1b63fd50887a8e5334f24c4a09fa610b0
f73ca49073d9e5155e530e9e6d51d7a580c137e1ad55997351492c9d9e9ef227
GET / HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://aap.ai-pw23.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=43q90lmimnimrmo1cstsqcjlpe; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sgawg.aksn-gasd4.vip/i/2024/11/18/127288v.gif
200 OK 300 kB URL GET sgawg.aksn-gasd4.vip/i/2024/11/18/127288v.gif
IP
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectsgawg.aksn-gasd4.vip
FingerprintD5:A2:E1:53:43:DF:05:97:2E:15:B1:3E:D9:D4:12:7A:9C:46:F2:26
ValiditySat, 14 Dec 2024 08:30:37 GMT - Fri, 14 Mar 2025 08:30:36 GMT
File type gzip compressed data, from Unix
Size 300 kB (299797 bytes)
Hash 76008af68378e797da0035bc4143f7a3
5a2621867720e4b2ba92b64f2ab32f0918bfc310
4c434b405203529a9b86c18f46edb19890a86c347eae935ff06272b2e492c2cd
GET /i/2024/11/18/127288v.gif HTTP/1.1
Host: sgawg.aksn-gasd4.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: image/gif
last-modified: Mon, 18 Nov 2024 15:09:57 GMT
vary: Accept-Encoding
etag: W/"673b58c5-93e5"
expires: Wed, 05 Mar 2025 06:46:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-encoding: gzip
X-Firefox-Spdy: h2
imgs.imgclh.com/imgs/2024/08/07/b7f77c3a3bddf480.gif
200 OK 38 kB URL imgs.imgclh.com/imgs/2024/08/07/b7f77c3a3bddf480.gif
IP
Certificate IssuerGoogle Trust Services
Subjectimgclh.com
Fingerprint96:70:EA:DA:1E:2D:09:13:7B:31:27:65:73:DC:57:70:B1:DB:FA:DE
ValidityWed, 15 Jan 2025 10:46:01 GMT - Tue, 15 Apr 2025 11:44:31 GMT
File type GIF image data, version 89a, 960 x 70
Hash 076756ac145dff961f1c5e2ad3f6cdf6
c6764328deaa0abcf0e3b253dbcc709b5eb1db07
ff5ca248e79df4bdbb9fa5ec5b8f3b8c4793323c3949dc76e5d4aef6adf5bf00
GET /imgs/2024/08/07/b7f77c3a3bddf480.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: image/gif
content-length: 38077
last-modified: Wed, 07 Aug 2024 14:09:04 GMT
etag: "66b38000-94bd"
expires: Sun, 23 Feb 2025 23:19:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 804423
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2B%2FMKsjuao5bcYkukfpAUYKh6imeBbVudBTgxTi2IrhshzEUrqIW3e9ATz8XZbnCG%2Fu%2BCmXXNOmavSBccIA8MEgLUCa3yWFdn6scQ7rFjjMiYojZrz3sshaGDWL5Lnw9HwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90c0765e2df87127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4870&min_rtt=1622&rtt_var=2924&sent=45&recv=12&lost=0&retrans=0&sent_bytes=40192&recv_bytes=1670&delivery_rate=12607&cwnd=24000&unsent_bytes=0&cid=3283e42ef4ead0d0&ts=977&x=1", cfExtPri, cfHdrFlush;dur=0
v.xn--xhq326aj6yqpw.com/e20241129_2040_2.gif
200 OK 57 kB URL GET HTTP/3 v.xn--xhq326aj6yqpw.com/e20241129_2040_2.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
FingerprintAD:73:AB:2D:8B:5C:ED:1C:A1:43:6F:AE:41:17:C2:11:A3:14:9A:87
ValiditySun, 02 Feb 2025 13:00:18 GMT - Sat, 03 May 2025 13:00:17 GMT
File type GIF image data, version 89a, 960 x 80
Hash 731da5859a5a9f13280e80e993acc109
82865fe0c3c18319e309307abc2a3e4da1eb1fef
249c4e6939cb6e27b8c337c63c8d057736c7929df6e2f3c468c87331eca2ae56
GET /e20241129_2040_2.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: image/gif
content-length: 56558
last-modified: Fri, 29 Nov 2024 12:41:53 GMT
etag: "6749b691-dcee"
expires: Fri, 28 Feb 2025 13:51:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 406456
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wxUs%2BZGiaim6siItIAL38DsjFeuGn1bMKfZljYHXPcN1XE3qmTDmwgyF2EnzGocqecBCtMukpnnFCAEVQgOahaSdbJmomtdvZxDv7ZqGx9sBP9gc%2BiGsBj%2BObbP3O%2BFABBVjbTrn7pZsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90c0765e3bcb569c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4046&min_rtt=3109&rtt_var=1835&sent=13&recv=8&lost=0&retrans=0&sent_bytes=3722&recv_bytes=1216&delivery_rate=189390&cwnd=12000&unsent_bytes=0&cid=df188196e0de44ba&ts=752&x=1", cfExtPri, cfHdrFlush;dur=0
www.ai-pw24.top:26684/template/69tang6/images/ico-rating-positive.png
200 OK 1.2 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/images/ico-rating-positive.png
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash 9d5c9938ff6fd8694cc725eef96c07c7
32d8a2c65b2df17776496c6b0a1f354928c3d603
f635f4f5f164ae5252844ecba745e23d27a21c85e8adbb5d778471fa73830c2c
GET /template/69tang6/images/ico-rating-positive.png HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/template/69tang6/images/all-responsive-metal.css?v=5.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:11 GMT
content-type: image/png
content-length: 1172
last-modified: Mon, 02 Apr 2018 16:34:50 GMT
etag: "5ac25baa-494"
expires: Wed, 05 Mar 2025 06:46:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/static/js/jquery.autocomplete.js
200 OK 6.8 kB URL GET HTTP/2 www.ai-pw24.top:26684/static/js/jquery.autocomplete.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type gzip compressed data, from Unix
Hash 08f030376ea96568386d73140d3009e5
5cdb5bb6d89cc38b23187e2420027d142e861aaf
9387e08a6a25774df12565ff5b6c4ae48982dbf3728fed5904abcf3e75547b53
GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
vary: Accept-Encoding
etag: W/"61249190-6215"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/static/js/jquery.lazyload.js
200 OK 1.2 kB URL GET HTTP/2 www.ai-pw24.top:26684/static/js/jquery.lazyload.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type gzip compressed data, from Unix
Hash 02a5f4e93d07f919efcdcea3098c8306
d9e9159e734549cd8aa1af7831251b6f28ee16ba
4c6418178926a7a4164a44a0ee84215008d004902e59b9fd848e4d95943e77d0
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
vary: Accept-Encoding
etag: W/"61249190-8b8"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type JavaScript source, ASCII text, with very long lines (619)
Hash 05a0fe5098807083a7cd2a2a3c6d37a1
7e45eb15835f984b5bd88c0577e4d369b08c79b2
3028bb235b1092487ee67c5420d96da259db8b5d1bfb035e70338b569825a9cc
GET /hm.js?6cdc9a2253c9e58f82eb10fc564d352b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11289
Content-Type: application/javascript
Date: Mon, 03 Feb 2025 06:46:11 GMT
Etag: 7b1e1a4a694216fe315e371970f595a8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=666304B08920BE61; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?hca=666304B08920BE61&cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=750156292&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Faap.ai-pw23.top%2F&v=1.3.2&lv=1&sn=52691&r=0&ww=1280&u=https%3A%2F%2Fwww.ai-pw24.top%3A26684%2F&tt=%E7%88%B1%E5%95%AA%E7%BD%91%20%E5%88%9B%E9%80%A0%E7%BE%8E%E5%A5%BD%E5%95%AA%E7%94%9F%E6%B4%BB%EF%BC%81
200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?hca=666304B08920BE61&cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=750156292&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Faap.ai-pw23.top%2F&v=1.3.2&lv=1&sn=52691&r=0&ww=1280&u=https%3A%2F%2Fwww.ai-pw24.top%3A26684%2F&tt=%E7%88%B1%E5%95%AA%E7%BD%91%20%E5%88%9B%E9%80%A0%E7%BE%8E%E5%A5%BD%E5%95%AA%E7%94%9F%E6%B4%BB%EF%BC%81
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?hca=666304B08920BE61&cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=750156292&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Faap.ai-pw23.top%2F&v=1.3.2&lv=1&sn=52691&r=0&ww=1280&u=https%3A%2F%2Fwww.ai-pw24.top%3A26684%2F&tt=%E7%88%B1%E5%95%AA%E7%BD%91%20%E5%88%9B%E9%80%A0%E7%BE%8E%E5%A5%BD%E5%95%AA%E7%94%9F%E6%B4%BB%EF%BC%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 03 Feb 2025 06:46:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0016BB134AA7CAF0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
taiwtp1.com/img/200200.gif
200 OK 75 kB URL GET HTTP/2 taiwtp1.com/img/200200.gif
IP
ASN #3462 Data Communication Business Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjecttaiwtp1.com
FingerprintF0:91:25:A3:86:9A:8B:26:ED:80:3D:50:52:A2:8A:53:32:D9:F8:FE
ValidityThu, 19 Dec 2024 10:07:32 GMT - Wed, 19 Mar 2025 10:07:31 GMT
File type GIF image data, version 89a, 200 x 200
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jan 2012 11:50:21 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Wed, 01 Feb 2012 11:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
an.fast011.xyz/b3e30af0b32e519ff2d65fd230acda9d.gif
200 OK 53 kB URL GET an.fast011.xyz/b3e30af0b32e519ff2d65fd230acda9d.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectan.fast011.xyz
Fingerprint57:31:86:19:0E:CE:C0:58:33:8D:E7:CD:F3:03:9C:71:FC:F9:7C:B0
ValidityMon, 20 Jan 2025 23:28:56 GMT - Sun, 20 Apr 2025 23:28:55 GMT
File type gzip compressed data, from Unix
Hash 4b6ef61c5d1337aa2f758e33f97c31ef
256e45232f82d73257c398f04a023decf4a441c0
129b244eefd2bc7b5d0abc1848986b5a1acf21e300faa744a4d7961365663a80
GET /b3e30af0b32e519ff2d65fd230acda9d.gif HTTP/1.1
Host: an.fast011.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 1094014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 90bef04a8d2f085d-FRA
content-encoding: gzip
content-type: image/gif
date: Mon, 03 Feb 2025 02:19:53 GMT
etag: W/"6742ba9e-cada"
expires: Thu, 20 Feb 2025 10:26:19 GMT
last-modified: Mon, 03 Feb 2025 02:19:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTL4hJ3efxkLuzVzwFevxuiYcjGjqZxqU4ZDjwKVIJ6xd5DcF9Zs3VcBGDTBWnjShA2tNs1M8vH1rsS5y03%2FgYsS7WYX8DhOLHnSJU35jNd%2BvqSUQQXboZQ0xofIJJ%2Fxcl2p%2B8zZrwTG2ZytcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5373&min_rtt=5357&rtt_var=2020&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3095&recv_bytes=988&delivery_rate=754900&cwnd=252&unsent_bytes=0&cid=b713875aeaffba14&ts=19&x=0"
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
xxxx85xxxx.com/aa3236c033044e71a6ee8b8cb8611524.gif
200 OK 37 kB URL GET HTTP/2 xxxx85xxxx.com/aa3236c033044e71a6ee8b8cb8611524.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectxxxx85xxxx.com
Fingerprint17:93:A5:D5:E0:86:26:3C:76:67:C5:DA:84:30:A6:9E:C8:BD:0F:CB
ValiditySat, 18 Jan 2025 20:40:24 GMT - Fri, 18 Apr 2025 20:40:23 GMT
File type GIF image data, version 89a, 320 x 185
Hash 922b2420242f36e3606db520ec3614c1
8c03ea4dbac2cdd6d1d17b54d96b8d2732a5ddf6
815febfd34548b679e01f5ae2f03cf6147628c7f5b534a754bdd8c279e163b6e
GET /aa3236c033044e71a6ee8b8cb8611524.gif HTTP/1.1
Host: xxxx85xxxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:11 GMT
content-type: image/gif
content-length: 37297
last-modified: Fri, 07 Jun 2024 06:07:52 GMT
etag: "6662a3b8-91b1"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/static/js/jquery.js
200 OK 37 kB URL GET HTTP/2 www.ai-pw24.top:26684/static/js/jquery.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type gzip compressed data, from Unix
Hash f8ee72cf6796d06ebac35efbbd16e488
7d702eb3d393e42099ca3ecc39f8a6ef1845479f
974c383aa1f3743b883823f86d39aaea7855732c1376e186ffc674ea40443a39
GET /static/js/jquery.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
vary: Accept-Encoding
etag: W/"61249190-169d5"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lan.trans669.top/e01adda05c980e29be17cc9da07c0c9f.gif
200 OK 56 kB URL GET lan.trans669.top/e01adda05c980e29be17cc9da07c0c9f.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectlan.trans669.top
FingerprintB8:6C:3D:14:21:30:D2:85:57:09:33:3B:E4:BA:CC:23:EC:74:E8:1B
ValiditySat, 09 Nov 2024 03:41:41 GMT - Fri, 07 Feb 2025 03:41:40 GMT
File type gzip compressed data, from Unix
Hash 00769a73451cb76aa8646501239fd65b
425fa194e7cf5a7dad5fd8ee0ea8370ddac0bdf8
bcc4c0d9a5cea13a4809080c769ff2ed9f6c8edd747462ea89fe44e4e907515b
GET /e01adda05c980e29be17cc9da07c0c9f.gif HTTP/1.1
Host: lan.trans669.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 539259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 90bc408f4d36dbf6-FRA
content-encoding: gzip
content-type: image/gif
date: Sun, 02 Feb 2025 18:30:23 GMT
etag: W/"67977edf-db18"
expires: Wed, 26 Feb 2025 12:42:44 GMT
last-modified: Sun, 02 Feb 2025 18:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SL0kXZLuAML%2FfCoIUvu3Qc970aZZFrXnGhVH9uOMoL%2Bp6BS%2FCCLl3ZdO7dl0LDWV21BjJwk42RV3qyLpXCfImIC2Da26z7e3b1VoYnrTqu2Fm6nimoZTERSfg1v9Z%2BW7pjruRsGUgvgCMw3fvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5443&min_rtt=5409&rtt_var=1574&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4236&recv_bytes=1517&delivery_rate=714487&cwnd=254&unsent_bytes=0&cid=940d1cf7eb934aa4&ts=2302&x=0"
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
an.fast011.xyz/107f3bebdf35e2795dbadf8c5f5d6a41.gif
200 OK 47 kB URL GET an.fast011.xyz/107f3bebdf35e2795dbadf8c5f5d6a41.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectan.fast011.xyz
Fingerprint57:31:86:19:0E:CE:C0:58:33:8D:E7:CD:F3:03:9C:71:FC:F9:7C:B0
ValidityMon, 20 Jan 2025 23:28:56 GMT - Sun, 20 Apr 2025 23:28:55 GMT
File type gzip compressed data, from Unix
Hash be97763cf4340139943c25a55257f88a
fdcb5d1a9e24ca34eb207b79d5513202c0cfcb52
a81be030be07ebe51a22d82b631b19d5e4a38e2b3e727378ae799292aa89903a
GET /107f3bebdf35e2795dbadf8c5f5d6a41.gif HTTP/1.1
Host: an.fast011.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 1089899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 90be8be788a35d70-FRA
content-encoding: gzip
content-type: image/gif
date: Mon, 03 Feb 2025 01:11:21 GMT
etag: W/"676ad293-b4a4"
expires: Thu, 20 Feb 2025 10:26:22 GMT
last-modified: Mon, 03 Feb 2025 01:11:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGy4d6Cj1y3Ky0mzzH7kZI%2B3X1c6vBjosq%2BRtoni333%2FU0XfCEGvN4SBa9uQKIfQnRqV6UrQpqFC0lsRrKjy17DeVr%2BrZPy0luyCUvLLh9OTw73DxF7SyXJQ8sM7%2B%2FvYPzRCKWYiRYRvyXIRtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5427&min_rtt=5424&rtt_var=2041&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3096&recv_bytes=990&delivery_rate=741610&cwnd=252&unsent_bytes=0&cid=4d71bdda2cd2d8b0&ts=24&x=0"
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
img.jmyqsl.com/bcd0d20f500f7d1ec58c04254e3303bf.gif
307 Temporary Redirect 0 B URL GET img.jmyqsl.com/bcd0d20f500f7d1ec58c04254e3303bf.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerUnizeto Technologies S.A.
Subjectwg1.zjqjs.com
Fingerprint62:32:93:E5:23:17:B0:60:2A:F4:95:F7:3B:22:45:D7:7E:4A:C4:BD
ValidityMon, 18 Nov 2024 14:49:34 GMT - Thu, 18 Dec 2025 14:49:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bcd0d20f500f7d1ec58c04254e3303bf.gif HTTP/1.1
Host: img.jmyqsl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: NgxFence
date: Mon, 03 Feb 2025 06:46:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://wg1.zjqjs.com/bcd0d20f500f7d1ec58c04254e3303bf.gif
x-cache: DYNAMIC
X-Firefox-Spdy: h2
gif.ssjljk.com/bt96080a.gif
302 Found 0 B URL GET HTTP/2 gif.ssjljk.com/bt96080a.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerUnizeto Technologies S.A.
Subjectgif.ssjljk.com
Fingerprint47:8C:34:BE:FA:C9:29:E6:42:AA:BD:AE:B2:3C:9C:E7:52:55:8B:25
ValidityWed, 16 Oct 2024 13:25:23 GMT - Sat, 15 Nov 2025 13:25:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bt96080a.gif HTTP/1.1
Host: gif.ssjljk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: NgxFence
date: Mon, 03 Feb 2025 06:46:12 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://img.sxjxdyqfw.com/bt96080a.gif
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
ia.51.la/go1?id=21601721&rt=1738565170892&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1738565170892&tt=%25E7%2588%25B1%25E5%2595%25AA%25E7%25BD%2591%2520%25E5%2588%259B%25E9%2580%25A0%25E7%25BE%258E%25E5%25A5%25BD%25E5%2595%25AA%25E7%2594%259F%25E6%25B4%25BB%25EF%25BC%2581&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.ai-pw24.top%253A26684%252F&pu=http%253A%252F%252Faap.ai-pw23.top%252F
200 OK 0 B URL GET HTTP/2 ia.51.la/go1?id=21601721&rt=1738565170892&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1738565170892&tt=%25E7%2588%25B1%25E5%2595%25AA%25E7%25BD%2591%2520%25E5%2588%259B%25E9%2580%25A0%25E7%25BE%258E%25E5%25A5%25BD%25E5%2595%25AA%25E7%2594%259F%25E6%25B4%25BB%25EF%25BC%2581&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.ai-pw24.top%253A26684%252F&pu=http%253A%252F%252Faap.ai-pw23.top%252F
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint02:23:EE:66:4B:0B:EA:02:7E:9B:EA:23:11:68:58:D2:3F:B5:5D:B2
ValidityTue, 19 Mar 2024 08:44:53 GMT - Sun, 20 Apr 2025 08:44:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21601721&rt=1738565170892&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1738565170892&tt=%25E7%2588%25B1%25E5%2595%25AA%25E7%25BD%2591%2520%25E5%2588%259B%25E9%2580%25A0%25E7%25BE%258E%25E5%25A5%25BD%25E5%2595%25AA%25E7%2594%259F%25E6%25B4%25BB%25EF%25BC%2581&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.ai-pw24.top%253A26684%252F&pu=http%253A%252F%252Faap.ai-pw23.top%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Feb 2025 06:46:12 GMT
content-length: 0
server: nginx
via: CHN-GDdongguan-CT24-CACHE19[30],CHN-GDdongguan-CT24-CACHE19[ovl,29],CHN-HAzhengzhou-GLOBAL3-CACHE88[ovl,1]
x-ccdn-req-id-46b1: 4aae86633b8039d057c3363fa80ac5c8
X-Firefox-Spdy: h2
newamjs.cqpwz.com/3391/1372/1372-960x80.gif
200 OK 386 kB URL GET HTTP/2 newamjs.cqpwz.com/3391/1372/1372-960x80.gif
IP
ASN #4812 China Telecom Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectnewamjs.cqpwz.com
Fingerprint41:3F:9A:5C:21:83:8E:5B:EE:CD:C7:F3:5D:42:AE:70:D2:2A:30:D2
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sun, 20 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 386 kB (385649 bytes)
Hash 99420771ab574e6197a995c28a8e22fb
eb51cd497134b44e1c957b10caf4d2c9569668a5
e0f9613ae55c18751ed65c2b466290eec01e4d71bc4881c52d71578456582d8a
GET /3391/1372/1372-960x80.gif HTTP/1.1
Host: newamjs.cqpwz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 385649
date: Mon, 27 Jan 2025 07:21:31 GMT
last-modified: Mon, 20 Jan 2025 07:20:43 GMT
vary: Accept-Encoding
etag: "678df94b-5e271"
expires: Wed, 26 Feb 2025 07:21:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: ens-cache61.l2cn7656[0,0,200-0,H], ens-cache63.l2cn7656[1,0], kunlun8.cn7174[0,0,200-0,H], kunlun8.cn7174[1,0]
age: 602679
ali-swift-global-savetime: 1737962491
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 27 Jan 2025 07:21:33 GMT
x-swift-cachetime: 2591998
timing-allow-origin: *
eagleid: b4a3921c17385651700406643e
X-Firefox-Spdy: h2
txdy.cqpwy.com/300x200.gif
200 OK 292 kB URL GET HTTP/2 txdy.cqpwy.com/300x200.gif
IP
ASN #4812 China Telecom Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjecttxdy.cqpwy.com
Fingerprint17:98:F4:E0:2E:B5:BE:5A:3E:DF:55:94:DB:07:A8:70:40:D2:FC:78
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sun, 20 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 300 x 200
Size 292 kB (292421 bytes)
Hash 6eb156c87891a31595e89787cbda6114
580c3004192ad0d04db965a0b31efe31cee96668
01249808ece2d2e88dc39d20c718e8e048c2cd6f2cfd6b9b9e2a4a796e47d087
GET /300x200.gif HTTP/1.1
Host: txdy.cqpwy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 292421
strict-transport-security: max-age=5184000
date: Sun, 26 Jan 2025 17:10:51 GMT
last-modified: Sat, 18 Jan 2025 12:38:58 GMT
vary: Accept-Encoding
etag: "678ba0e2-47645"
expires: Tue, 25 Feb 2025 17:10:51 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache6.l2cn2629[353,352,200-0,M], cache17.l2cn2629[354,0], kunlun1.cn7174[0,0,200-0,H], kunlun6.cn7174[1,0]
age: 653719
ali-swift-global-savetime: 1737911451
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 26 Jan 2025 17:10:50 GMT
x-swift-cachetime: 2592001
timing-allow-origin: *
eagleid: b4a3921a17385651710673681e
X-Firefox-Spdy: h2
img.qxwoiv.com/96f913d1e0b3d98336457b1b0cce8035.gif
302 Found 0 B URL GET img.qxwoiv.com/96f913d1e0b3d98336457b1b0cce8035.gif
IP
ASN #132525 HeiLongJiang Mobile Communication Company Limited
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.qxwoiv.com
Fingerprint24:49:B8:45:75:BE:FA:65:2B:A2:EB:8A:AE:A5:BA:3A:CC:19:28:62
ValidityFri, 30 Aug 2024 08:38:11 GMT - Mon, 29 Sep 2025 08:38:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /96f913d1e0b3d98336457b1b0cce8035.gif HTTP/1.1
Host: img.qxwoiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: NgxFence
date: Mon, 03 Feb 2025 06:47:19 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://ylg1.duyunfk.com/96f913d1e0b3d98336457b1b0cce8035.gif
x-cache-status: HIT
X-Firefox-Spdy: h2
newamjs.cqpwz.com/339/mgzb960x120.gif
200 OK 200 kB URL GET HTTP/2 newamjs.cqpwz.com/339/mgzb960x120.gif
IP
ASN #4812 China Telecom Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectnewamjs.cqpwz.com
Fingerprint41:3F:9A:5C:21:83:8E:5B:EE:CD:C7:F3:5D:42:AE:70:D2:2A:30:D2
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sun, 20 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 120
Size 200 kB (199936 bytes)
Hash be58b8c62af518f7b145e37ae4b29707
c5c594bf4f34f6a16c4d34ec0768468245d2b6a6
e328d3c29d89e62408a3c5861ec69678b9f9eba2c0f81fe247ddc14338a76c29
GET /339/mgzb960x120.gif HTTP/1.1
Host: newamjs.cqpwz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 199936
date: Mon, 27 Jan 2025 07:21:31 GMT
last-modified: Sat, 30 Nov 2024 11:41:56 GMT
vary: Accept-Encoding
etag: "674afa04-30d00"
expires: Wed, 26 Feb 2025 07:21:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache6.l2cn3129[720,414,200-0,C], cache10.l2cn3129[415,0], kunlun9.cn7174[0,0,200-0,H], kunlun8.cn7174[2,0]
age: 602681
ali-swift-global-savetime: 1737962490
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 27 Jan 2025 07:21:32 GMT
x-swift-cachetime: 2591998
timing-allow-origin: *
eagleid: b4a3921c17385651700726808e
X-Firefox-Spdy: h2
newamjs.cqpwz.com/339/mgzb300x200.gif
200 OK 61 kB URL GET HTTP/2 newamjs.cqpwz.com/339/mgzb300x200.gif
IP
ASN #4812 China Telecom Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectnewamjs.cqpwz.com
Fingerprint41:3F:9A:5C:21:83:8E:5B:EE:CD:C7:F3:5D:42:AE:70:D2:2A:30:D2
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sun, 20 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 300 x 200
Hash 1b894899b50c1d5f3308f5b946ed7a1b
33049ae3a562f95dbf7939c0c6322478cd2ad4ac
7ccb31736921f204bda10708027c31b578f9246a657d5512445e9364152560f0
GET /339/mgzb300x200.gif HTTP/1.1
Host: newamjs.cqpwz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 60977
date: Mon, 27 Jan 2025 07:21:34 GMT
last-modified: Tue, 31 Dec 2024 06:43:33 GMT
vary: Accept-Encoding
etag: "67739295-ee31"
expires: Wed, 26 Feb 2025 07:21:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache24.l2cn3160[0,0,200-0,H], cache36.l2cn3160[2,0], kunlun9.cn7174[0,0,200-0,H], kunlun8.cn7174[2,0]
age: 602674
ali-swift-global-savetime: 1737962497
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 31 Jan 2025 02:27:18 GMT
x-swift-cachetime: 2264059
timing-allow-origin: *
eagleid: b4a3921c17385651700836860e
X-Firefox-Spdy: h2
38.33.15.166:2001/weinisiren/wnsr960u60.gif
200 OK 555 kB URL GET HTTP/2 38.33.15.166:2001/weinisiren/wnsr960u60.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerZeroSSL
Subject38.33.15.150
FingerprintC8:E4:37:0C:23:0C:3A:5D:02:9D:43:7F:A7:EA:17:81:97:F4:12:A1
ValiditySun, 10 Nov 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60
Size 555 kB (555174 bytes)
Hash 291d804249817c5fdd80ac1f6beeeb54
0fcfad6e4e4d3571a5f37ce9d5114f6f6a8a7719
f270fa489981f0b8c9f40ff2783f8e06838085512141b2f940f1333d2a582750
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /weinisiren/wnsr960u60.gif HTTP/1.1
Host: 38.33.15.166:2001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
date: Mon, 03 Feb 2025 06:43:50 GMT
content-type: image/gif
content-length: 555174
last-modified: Sun, 05 Jan 2025 13:26:47 GMT
etag: "878a6-62af576b213c0"
cache-control: max-age=43200
expires: Mon, 03 Feb 2025 18:43:50 GMT
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
txdy.cqpwy.com/960x80.gif
200 OK 524 kB URL GET HTTP/2 txdy.cqpwy.com/960x80.gif
IP
ASN #4812 China Telecom Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjecttxdy.cqpwy.com
Fingerprint17:98:F4:E0:2E:B5:BE:5A:3E:DF:55:94:DB:07:A8:70:40:D2:FC:78
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sun, 20 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 524 kB (523764 bytes)
Hash 8102b307619a90c2245da75bc7445fd9
21ed3095f76e34fe8134cf4575c75b785616c4a7
c2e316430822c76ff6bb32ba2b68876d2d930398f8e3f88cb70578c0b8fe03d7
GET /960x80.gif HTTP/1.1
Host: txdy.cqpwy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 523764
strict-transport-security: max-age=5184000
date: Sun, 26 Jan 2025 17:10:53 GMT
last-modified: Wed, 25 Dec 2024 14:17:03 GMT
vary: Accept-Encoding
etag: "676c13df-7fdf4"
expires: Tue, 25 Feb 2025 17:10:53 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: ens-cache61.l2cn7147[0,0,200-0,H], ens-cache51.l2cn7147[1,0], kunlun6.cn7174[0,0,200-0,H], kunlun6.cn7174[2,0]
age: 653718
ali-swift-global-savetime: 1737911453
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 26 Jan 2025 17:11:55 GMT
x-swift-cachetime: 2591938
timing-allow-origin: *
eagleid: b4a3921a17385651710713697e
X-Firefox-Spdy: h2
666834.xyz/images/2024/01/01/960x120-20240101-2.gif
200 OK 180 kB URL GET HTTP/2 666834.xyz/images/2024/01/01/960x120-20240101-2.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subject666834.xyz
Fingerprint93:94:D4:AE:75:CB:DD:D9:EE:2C:FA:5A:4F:2C:2F:0C:6E:1F:91:DD
ValidityFri, 10 Jan 2025 11:25:08 GMT - Thu, 10 Apr 2025 11:25:07 GMT
File type GIF image data, version 89a, 960 x 120
Size 180 kB (179868 bytes)
Hash 2f5c5f5c910d34de413885946a089876
05873616da07dfd0f47bf3571e41c5d43489d249
ee035a19634a921d1e95eabad4e5175e72ccce653e225747ea4235296a348f3f
GET /images/2024/01/01/960x120-20240101-2.gif HTTP/1.1
Host: 666834.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:12 GMT
content-type: image/gif
content-length: 179868
last-modified: Mon, 01 Jan 2024 13:14:51 GMT
etag: "6592bacb-2be9c"
expires: Wed, 05 Mar 2025 06:46:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
666834.xyz/images/2024/03/19/960-120.gif
200 OK 118 kB URL GET HTTP/2 666834.xyz/images/2024/03/19/960-120.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subject666834.xyz
Fingerprint93:94:D4:AE:75:CB:DD:D9:EE:2C:FA:5A:4F:2C:2F:0C:6E:1F:91:DD
ValidityFri, 10 Jan 2025 11:25:08 GMT - Thu, 10 Apr 2025 11:25:07 GMT
File type GIF image data, version 89a, 960 x 120
Size 118 kB (117697 bytes)
Hash 88536eee2f56fda87b41a4a2ea6c52d3
e9b1f607ce5eb18622e9df8e4197959afc4cd2b8
530fa47d9c2a2a418ec35fedcb8beeced7f0267f9ec519d07f1c899971bfced3
GET /images/2024/03/19/960-120.gif HTTP/1.1
Host: 666834.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:12 GMT
content-type: image/gif
content-length: 117697
last-modified: Tue, 19 Mar 2024 13:59:02 GMT
etag: "65f99a26-1cbc1"
expires: Wed, 05 Mar 2025 06:46:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8832tp1.com/960X60.gif
200 OK 687 kB IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subject8832tp1.com
FingerprintA9:8D:85:D5:D3:18:FF:8F:33:79:26:69:13:AB:06:6B:22:E1:AF:35
ValidityThu, 23 Jan 2025 06:38:54 GMT - Wed, 23 Apr 2025 06:38:53 GMT
File type GIF image data, version 89a, 960 x 60
Size 687 kB (687375 bytes)
Hash ec4a45090d2592e8e74a88ba81bddd29
4070d31ab314069a8f5c274e16b26b7df8df32cf
9688a73e0a71cf98ff0fbb7e3c6ea039a14f64c02dadbf47af2a5fcf130f88bc
GET /960X60.gif HTTP/1.1
Host: 8832tp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 03 Feb 2025 06:46:12 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Jan 2025 12:36:15 GMT
Vary: Accept-Encoding
ETag: W/"6776883f-a86fc"
Expires: Tue, 04 Mar 2025 17:11:44 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
Via: mycdn
CDN-Cache: HIT
666834.xyz/images/2024/01/01/960x120-20240101-3.gif
200 OK 214 kB URL GET HTTP/2 666834.xyz/images/2024/01/01/960x120-20240101-3.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subject666834.xyz
Fingerprint93:94:D4:AE:75:CB:DD:D9:EE:2C:FA:5A:4F:2C:2F:0C:6E:1F:91:DD
ValidityFri, 10 Jan 2025 11:25:08 GMT - Thu, 10 Apr 2025 11:25:07 GMT
File type GIF image data, version 89a, 960 x 120
Size 214 kB (214130 bytes)
Hash 1de7b8803f1926ac515c5dd6e48a6779
e90be92dccd8fd166abaac61e881378c3fae0790
44e9ee563694f4615299c38e79a169ee500b9a6022c67a7a0c85001443df1dd7
GET /images/2024/01/01/960x120-20240101-3.gif HTTP/1.1
Host: 666834.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:12 GMT
content-type: image/gif
content-length: 214130
last-modified: Mon, 01 Jan 2024 13:14:51 GMT
etag: "6592bacb-34472"
expires: Wed, 05 Mar 2025 06:46:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
666834.xyz/images/2024/01/01/960x120-20240101-1.gif
200 OK 194 kB URL GET HTTP/2 666834.xyz/images/2024/01/01/960x120-20240101-1.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subject666834.xyz
Fingerprint93:94:D4:AE:75:CB:DD:D9:EE:2C:FA:5A:4F:2C:2F:0C:6E:1F:91:DD
ValidityFri, 10 Jan 2025 11:25:08 GMT - Thu, 10 Apr 2025 11:25:07 GMT
File type GIF image data, version 89a, 960 x 120
Size 194 kB (193642 bytes)
Hash 5a6cf16ecfa53d0e6ae70abd6021b60e
6a62ff58866388f1a28bfa3b30b0cfd8257e7a41
44ce884e5db2afe61b5c715cf000f8c9fe7a0305c1edd565f1f657b6def91fbd
GET /images/2024/01/01/960x120-20240101-1.gif HTTP/1.1
Host: 666834.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:13 GMT
content-type: image/gif
content-length: 193642
last-modified: Mon, 01 Jan 2024 13:14:57 GMT
etag: "6592bad1-2f46a"
expires: Wed, 05 Mar 2025 06:46:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/ads/77.js
200 OK 339 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/ads/77.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type gzip compressed data, from Unix
Size 339 kB (339201 bytes)
Hash 7af7160293e1fdc6172c9126446df8d7
e272ec22ec0834c1b360ae3d886d9a45f91e33c7
9fa3749c5077f6e16668377f98a83ed16af009d345fa2efc17ec3744c7ae33df
GET /template/69tang6/ads/77.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: application/javascript
last-modified: Sun, 26 Jan 2025 06:06:58 GMT
vary: Accept-Encoding
etag: W/"6795d102-446"
expires: Mon, 03 Feb 2025 18:46:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
222wy333bb.com/3b32b0bd0b9f44e78bfb969d92cb5e94.gif
200 OK 367 kB URL GET HTTP/2 222wy333bb.com/3b32b0bd0b9f44e78bfb969d92cb5e94.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerZeroSSL
Subject222wy333bb.com
Fingerprint2F:C8:70:8A:81:61:B5:C9:02:8E:0E:55:7A:74:AF:FB:36:4A:57:B0
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 120
Size 367 kB (367151 bytes)
Hash a59b1cbd9343c6199cf82b69b4a8fce0
404f1fa01aec4effcbaab329f0207e87d3679141
5d92bb49e4ea2ed6af9761abd3768f7238f5fd438d75e2b935dc6a82c86e979c
GET /3b32b0bd0b9f44e78bfb969d92cb5e94.gif HTTP/1.1
Host: 222wy333bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:12 GMT
content-type: image/gif
content-length: 367151
last-modified: Tue, 14 Jan 2025 14:28:50 GMT
etag: "678674a2-59a2f"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
555ppp999kkk.com/e2c23d8c93054d0c9f0723f27329d6cb.gif
200 OK 52 kB URL GET HTTP/2 555ppp999kkk.com/e2c23d8c93054d0c9f0723f27329d6cb.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subject555ppp999kkk.com
Fingerprint6B:EF:FE:1E:36:32:25:A2:71:81:8E:40:1C:42:54:85:97:5E:E2:26
ValidityTue, 14 Jan 2025 10:58:45 GMT - Mon, 14 Apr 2025 10:58:44 GMT
File type GIF image data, version 89a, 960 x 60
Hash bfc41d24cfe1d122cdad61ed9aaa3d17
5d398215807b2674ff453f4e7745eca4bbf42763
093496aa6de46fb450aff91bd15eef1c6e1dd3def1bea41525a8e8431c80daef
GET /e2c23d8c93054d0c9f0723f27329d6cb.gif HTTP/1.1
Host: 555ppp999kkk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:13 GMT
content-type: image/gif
content-length: 51525
last-modified: Wed, 25 Dec 2024 06:02:04 GMT
etag: "676b9fdc-c945"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
img.blkj58.com/images/91274636-75a7-4385-b3e7-cee240ce87ef
302 Found 0 B URL GET HTTP/2 img.blkj58.com/images/91274636-75a7-4385-b3e7-cee240ce87ef
IP
ASN #63949 Akamai Connected Cloud
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectimg.blkj58.com
FingerprintFA:05:D9:ED:86:3E:68:3E:73:BF:7E:A9:68:0E:58:11:22:E0:9B:25
ValiditySun, 08 Dec 2024 00:00:00 GMT - Sat, 08 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/91274636-75a7-4385-b3e7-cee240ce87ef HTTP/1.1
Host: img.blkj58.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 03 Feb 2025 06:46:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: *
location: https://cbu01.alicdn.com/img/ibank/O1CN01tnoeOK1Bs31Yq0Xvz_!!0-1-cib.gif
strict-transport-security: max-age=31536000
content-length: 0
x-nws-log-uuid: 8762757565063328365
x-cache-lookup: Cache Miss
cache-control: max-age=86400
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/images/all-responsive-metal.css?v=5.0
200 OK 853 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/images/all-responsive-metal.css?v=5.0
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type gzip compressed data, from Unix
Size 853 kB (853242 bytes)
Hash 5f7ab8b12de0006972da4160ebc8c9ca
e0f81237a19666a2f8e8d319526173562bd95e37
f537eaeb422500fb22e456b8ca12d7efea066e35a92812ae8caab6fb5ee666f2
GET /template/69tang6/images/all-responsive-metal.css?v=5.0 HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2022 12:12:50 GMT
vary: Accept-Encoding
etag: W/"6256be42-128bf"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.cosman101.top/960x80-1.gif
200 OK 258 kB URL GET img.cosman101.top/960x80-1.gif
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectimg.cosman101.top
Fingerprint22:4F:F4:3F:BE:DA:D5:EF:C2:C7:A8:3F:89:C0:FF:A3:E9:AB:49:46
ValidityThu, 14 Nov 2024 11:23:15 GMT - Wed, 12 Feb 2025 11:23:14 GMT
File type gzip compressed data, from Unix
Size 258 kB (257855 bytes)
Hash 36bdfbf59f71fdf74a1299b48d8960ae
c37cd182b4306e55b429c1edcd95888cffa1cb1c
970bd271b5c7e24166773f68ab7c2def50615268da13711415b1fda52fd0b572
GET /960x80-1.gif HTTP/1.1
Host: img.cosman101.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 739124
cf-cache-status: HIT
cf-ray: 908ba0fa3990dc4f-FRA
content-encoding: gzip
content-type: image/gif
date: Mon, 27 Jan 2025 20:52:50 GMT
etag: W/"678caae3-3f3e4"
expires: Wed, 26 Feb 2025 20:52:50 GMT
last-modified: Mon, 27 Jan 2025 20:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6%2FWHVb7%2FKseTv9Z52pX%2FCKTyGpXUFk4DP1nyBH4bn%2F2uVlo9RPqZW6BJVh90fmo27jqKmODSrG4Dx9Za6lGBNvaf3hHj2to0c9AQiOH6PTB473P6jmf%2FTuznaiRmpjCrhy4mJbcjCtldch5uw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=10880&min_rtt=5391&rtt_var=10690&sent=123&recv=43&lost=0&retrans=0&sent_bytes=135363&recv_bytes=1894&delivery_rate=10959349&cwnd=274&unsent_bytes=0&cid=f92e8e2383d4a85e&ts=778&x=0"
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
cbu01.alicdn.com/img/ibank/O1CN01tnoeOK1Bs31Yq0Xvz_!!0-1-cib.gif
200 OK 75 kB URL GET HTTP/2 cbu01.alicdn.com/img/ibank/O1CN01tnoeOK1Bs31Yq0Xvz_!!0-1-cib.gif
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type GIF image data, version 89a, 960 x 60
Hash c792d7cb762be89bc2db944599c79799
2779b573589562f631933f823c6d4ff7fa2ec01c
4ca3c5760d1bac7a524dec75e49add633ca58b8dd744372721e34ab14d93cc3c
GET /img/ibank/O1CN01tnoeOK1Bs31Yq0Xvz_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ai-pw24.top:26684/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 75121
date: Sun, 29 Dec 2024 12:45:38 GMT
last-modified: Sun, 29 Dec 2024 12:44:37 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.007
traceid: 2ff6079817354763377884740e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: cache9.l2fr1[0,0,200-0,H], cache23.l2fr1[1,0], ens-cache5.es5[0,0,200-0,H], ens-cache4.es5[2,0]
access-control-allow-origin: *
age: 3088836
ali-swift-global-savetime: 1735476338
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 29 Dec 2024 12:45:46 GMT
x-swift-cachetime: 31535992
timing-allow-origin: *
eagleid: a3b5319817385651743768133e
X-Firefox-Spdy: h2
img.sxjxdyqfw.com/bt96080a.gif
200 OK 189 kB URL GET HTTP/2 img.sxjxdyqfw.com/bt96080a.gif
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.sxjxdyqfw.com
FingerprintC5:A4:AB:90:4B:00:9F:7B:8A:AD:A2:46:B1:AC:51:84:B8:D3:CB:B3
ValidityMon, 06 Jan 2025 12:14:45 GMT - Thu, 05 Feb 2026 12:14:44 GMT
File type GIF image data, version 89a, 960 x 80
Size 189 kB (189052 bytes)
Hash 2f15ac3d55c895d0150e7ebe4ffe57d5
302f071f71526fec26fe030d8f70467e6d7c3bfd
e2eb6793b77bf6898f33ed4f1fc03c05b6d8d66c77eeb9b87de63d333e02245e
GET /bt96080a.gif HTTP/1.1
Host: img.sxjxdyqfw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ai-pw24.top:26684/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Mon, 03 Feb 2025 06:46:14 GMT
content-type: image/gif
content-length: 189052
x-oss-request-id: 677F88F2B7D61A9A9382B288
etag: "2F15AC3D55C895D0150E7EBE4FFE57D5"
last-modified: Fri, 01 Nov 2024 12:57:15 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17513205082532430180
x-oss-storage-class: Standard
x-oss-ec: 0048-00000111
content-disposition: attachment
x-oss-force-download: true
content-md5: LxWsPVXIldAVDn6+T/5X1Q==
x-oss-server-time: 2
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
imgsrc.baidu.com/forum/pic/item/b8389b504fc2d562388c66dda11190ef76c66c7e.jpg
200 OK 3.8 kB URL GET HTTP/2 imgsrc.baidu.com/forum/pic/item/b8389b504fc2d562388c66dda11190ef76c66c7e.jpg
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 1
Hash 6b384ba5ec8dff9f6df95951be4f0196
e2d90b4a358ec9e86be61c1cbad7ff56b2b6d952
09e8d9ad19155d16008b14de50f9b6322f5e51fc94d1063dee3c4b1d4865067d
GET /forum/pic/item/b8389b504fc2d562388c66dda11190ef76c66c7e.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 03 Feb 2025 06:46:14 GMT
content-type: image/jpeg
content-length: 3802
access-control-allow-origin: *
etag: 6b384ba5ec8dff9f6df95951be4f0196
expires: Mon, 03 Feb 2025 06:46:44 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/static/js/home.js
200 OK 38 kB URL GET HTTP/2 www.ai-pw24.top:26684/static/js/home.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/home.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
vary: Accept-Encoding
etag: W/"61249190-95a5"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ylg1.duyunfk.com/96f913d1e0b3d98336457b1b0cce8035.gif
200 OK 0 B URL GET ylg1.duyunfk.com/96f913d1e0b3d98336457b1b0cce8035.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerUnizeto Technologies S.A.
Subjectylg1.duyunfk.com
FingerprintFE:DB:78:4C:08:4A:EC:54:00:F9:20:77:6F:A4:50:4B:2E:A8:60:1E
ValidityMon, 11 Nov 2024 09:53:46 GMT - Thu, 11 Dec 2025 09:53:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /96f913d1e0b3d98336457b1b0cce8035.gif HTTP/1.1
Host: ylg1.duyunfk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ai-pw24.top:26684/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Mon, 03 Feb 2025 06:46:14 GMT
content-type: image/gif
last-modified: Sun, 20 Oct 2024 08:43:06 GMT
vary: Accept-Encoding
etag: W/"6714c29a-50c85"
expires: Wed, 11 Dec 2024 12:42:20 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
an.match158.top/20d60ff12bf8f0ae372c701a47bc51af.gif
0 B URL GET an.match158.top/20d60ff12bf8f0ae372c701a47bc51af.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectan.match158.top
Fingerprint97:69:E9:EC:67:9D:E8:05:9E:2B:75:58:FF:FA:28:44:EA:14:6B:95
ValidityWed, 08 Jan 2025 01:14:04 GMT - Tue, 08 Apr 2025 01:14:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20d60ff12bf8f0ae372c701a47bc51af.gif HTTP/1.1
Host: an.match158.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
klw.xn--jlq97i83egxqlzbiho69smk2a.com/gif/e20241008_1832_1.gif
0 B URL GET klw.xn--jlq97i83egxqlzbiho69smk2a.com/gif/e20241008_1832_1.gif
IP
Requested by https://www.ai-pw24.top:26684/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gif/e20241008_1832_1.gif HTTP/1.1
Host: klw.xn--jlq97i83egxqlzbiho69smk2a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
acat.imgoss113.top/8b4a7cdbbdb272707974b2c28cb86001.gif
200 OK 0 B URL GET acat.imgoss113.top/8b4a7cdbbdb272707974b2c28cb86001.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectacat.imgoss113.top
FingerprintD6:A8:10:C5:FC:0A:29:B7:F5:0B:0E:F7:8F:5E:F5:71:01:F0:C0:36
ValidityFri, 15 Nov 2024 15:22:52 GMT - Thu, 13 Feb 2025 15:22:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8b4a7cdbbdb272707974b2c28cb86001.gif HTTP/1.1
Host: acat.imgoss113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 2178783
cf-cache-status: HIT
cf-ray: 909ed2fe2b74d270-FRA
content-encoding: gzip
content-type: image/gif
date: Thu, 30 Jan 2025 04:47:28 GMT
etag: W/"67134f76-48f1e"
expires: Sat, 1 Mar 2025 04:47:28 GMT
last-modified: Thu, 30 Jan 2025 04:47:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0kC2fTbZ9MDTHQdDfuIx340R%2F2jzgOTAI02sdDI%2FTvX%2BF9LKWLFqYSYVB%2BZqgzvzFnL249QQObu5JRXryGzVglai3ea5nwbY0bKedmmWxiPI%2FFf8TxcLirUTqc21b3mk%2FI7ph5KOM9QDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5500&min_rtt=5492&rtt_var=2065&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3093&recv_bytes=1044&delivery_rate=736343&cwnd=252&unsent_bytes=0&cid=c2f44a04176d7c64&ts=17&x=0"
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
we.nn11661.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
200 OK 0 B URL GET we.nn11661.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwe.nn11661.com
FingerprintEA:A8:12:D4:0F:16:61:A5:B4:7E:75:23:22:7C:0B:2D:68:45:0E:4D
ValidityMon, 09 Dec 2024 15:25:59 GMT - Sun, 09 Mar 2025 15:25:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: we.nn11661.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 1313636
cf-cache-status: HIT
cf-ray: 90bacdeb4bebdc4f-FRA
content-encoding: gzip
content-type: image/gif
date: Sun, 02 Feb 2025 14:17:22 GMT
etag: W/"64773dce-4668d"
expires: Tue, 4 Mar 2025 14:17:22 GMT
last-modified: Sun, 02 Feb 2025 14:17:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twTW66GfGPYCAQtSCfyTyCH5fITl3O%2FBnOZIVB1K0pwuii%2BPnFIZKbKVA74gQ4hu4gUlKz64wOEJjG5lWKmGtifj%2FBjSyN7PF32CCScEnpp%2B6zy0vxUBbmp8WoGS0WLefpeX6%2BDcAFam366Uxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5518&rtt_var=2759&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=711&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/ads/hfx.js
200 OK 2.8 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/ads/hfx.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type HTML document, ASCII text, with very long lines (2986), with no line terminators
Hash 347eb72aeab828f3b4fe6e858c44b208
1d189928d5fe38da131456162fecb10ed96b90ac
662f65b66c387e12007c8361f504854e38583b0c143b27ef937f239a99dc870c
GET /template/69tang6/ads/hfx.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2025 12:31:56 GMT
vary: Accept-Encoding
etag: W/"679f65bc-ac3"
expires: Mon, 03 Feb 2025 18:46:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
333ppp111ppp.com/6864c2ecc0ea42b38985efb016de5fe0.gif
200 OK 838 kB URL GET HTTP/2 333ppp111ppp.com/6864c2ecc0ea42b38985efb016de5fe0.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerZeroSSL
Subject333ppp111ppp.com
FingerprintF3:8F:AC:DB:83:6A:20:CF:A3:9F:A4:9E:D5:06:61:2F:CE:9A:94:79
ValidityWed, 25 Dec 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 838 kB (837644 bytes)
Hash 6d09e1bf9b9ea7c03bc5e425b50a9de8
7197363753bc7b4e8f7d14b2b137f1dec897ebd0
19d42abf9fa85ffe5a5871899db5371f9ca350ea0c737dba52d4160113fccf9b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /6864c2ecc0ea42b38985efb016de5fe0.gif HTTP/1.1
Host: 333ppp111ppp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:12 GMT
content-type: image/gif
content-length: 837644
last-modified: Tue, 01 Oct 2024 13:50:12 GMT
etag: "66fbfe14-cc80c"
psc-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.imgclh.com/imgs/2024/08/06/57c3043e9af1dc6a.gif
200 OK 263 kB URL GET HTTP/3 imgs.imgclh.com/imgs/2024/08/06/57c3043e9af1dc6a.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGoogle Trust Services
Subjectimgclh.com
Fingerprint96:70:EA:DA:1E:2D:09:13:7B:31:27:65:73:DC:57:70:B1:DB:FA:DE
ValidityWed, 15 Jan 2025 10:46:01 GMT - Tue, 15 Apr 2025 11:44:31 GMT
File type GIF image data, version 89a, 960 x 60
Size 263 kB (262759 bytes)
Hash fdf27459f857daaa792d0198190eb4b3
afe8cc813e0ce5ad3e0ea0fa049ad585008716d4
67f4f89f237e71616c3aff0c3ec2fc011eab7f62c27a0887fb001a8de2a27058
GET /imgs/2024/08/06/57c3043e9af1dc6a.gif HTTP/1.1
Host: imgs.imgclh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: image/gif
content-length: 262759
last-modified: Tue, 06 Aug 2024 15:56:19 GMT
etag: "66b247a3-40267"
expires: Fri, 21 Feb 2025 19:40:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 990353
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lSagovjdDIvRcGOm%2BUcsWxVpKJGfaWWIFbyTX6ZAB%2BuPsPGF5rSXc5UGvAZOKeIuAW6kPjSZ2nENkLXxZWAOtjrK%2FANWVPDk0okBCgteUk6Kxolu%2FtE%2BEPLh8WtziIy5zw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90c0765e1df67127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5334&min_rtt=3385&rtt_var=2661&sent=15&recv=11&lost=0&retrans=0&sent_bytes=4192&recv_bytes=1627&delivery_rate=173959&cwnd=12000&unsent_bytes=0&cid=3283e42ef4ead0d0&ts=975&x=1", cfExtPri, cfHdrFlush;dur=0
www.ai-pw24.top:26684/template/69tang6/images/jquery.fancybox-metal.css?v=5.0
200 OK 4.0 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/images/jquery.fancybox-metal.css?v=5.0
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type ASCII text, with very long lines (4125), with no line terminators
Hash afc722c43c4fdbe20599f55def6e1600
a23af0be2b95810c39419e37d54c01dbb411de53
6867bf913f7a5bc1e2eeaf079117e1cd812324c1ade3568d5b96cd58862c94ea
GET /template/69tang6/images/jquery.fancybox-metal.css?v=5.0 HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: text/css
last-modified: Mon, 02 Apr 2018 14:00:56 GMT
vary: Accept-Encoding
etag: W/"5ac23798-fc7"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/ads/we1.js
200 OK 2.7 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/ads/we1.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (2554), with no line terminators
Hash 18e5cad16abd60a933609065c43e8523
3176fffeb3b3f8b3b8486508f9e49c3fd5b8cb6c
4d4dbe8759d93947d8c855840a69fc507f00b2c875700a57e2861b1bf092be56
GET /template/69tang6/ads/we1.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: application/javascript
last-modified: Sun, 26 Jan 2025 06:06:11 GMT
vary: Accept-Encoding
etag: W/"6795d0d3-a83"
expires: Mon, 03 Feb 2025 18:46:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
klw.xn--jlq97i83egxqlzbiho69smk2a.com/66d144f096841b95.gif
0 B URL GET klw.xn--jlq97i83egxqlzbiho69smk2a.com/66d144f096841b95.gif
IP
Requested by https://www.ai-pw24.top:26684/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /66d144f096841b95.gif HTTP/1.1
Host: klw.xn--jlq97i83egxqlzbiho69smk2a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
lan.trans669.top/0299cd2983683e9b4c8381366e21d8b2.gif
200 OK 0 B URL GET lan.trans669.top/0299cd2983683e9b4c8381366e21d8b2.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectlan.trans669.top
FingerprintB8:6C:3D:14:21:30:D2:85:57:09:33:3B:E4:BA:CC:23:EC:74:E8:1B
ValiditySat, 09 Nov 2024 03:41:41 GMT - Fri, 07 Feb 2025 03:41:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0299cd2983683e9b4c8381366e21d8b2.gif HTTP/1.1
Host: lan.trans669.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 274712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 90a306096aaa4dcb-FRA
content-encoding: gzip
content-type: image/gif
date: Thu, 30 Jan 2025 17:01:22 GMT
etag: W/"67977ed2-e4f3"
expires: Wed, 26 Feb 2025 12:42:50 GMT
last-modified: Thu, 30 Jan 2025 17:01:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qHKTQQ2hC2kLSVl8oF7n%2FYTborxbpvFaM9azD3TGHIpmh62cgGGANg0CGdqN7qmJaxjUsbv42ZNG5EaMtF5NY%2B8PeWOW3wnqBZM2io17%2BMJ6DuLf7ECKgLETSoCkrZwZajHybP8xSPo30MLjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5806&min_rtt=5723&rtt_var=2205&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3096&recv_bytes=1215&delivery_rate=706622&cwnd=252&unsent_bytes=0&cid=988060aa84ea30b7&ts=21&x=0"
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/images/main.min.js?v=5.0
200 OK 190 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/images/main.min.js?v=5.0
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
Size 190 kB (190037 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/69tang6/images/main.min.js?v=5.0 HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: application/javascript
last-modified: Mon, 02 Apr 2018 13:51:38 GMT
vary: Accept-Encoding
etag: W/"5ac2356a-2e655"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/ads/hfz.js
200 OK 3.2 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/ads/hfz.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
File type HTML document, ASCII text, with very long lines (3489), with no line terminators
Hash 39dd99d0d2f32d9be87e6b65fd6a3ec7
8c08e2da462e6cdf7ab8e479b6623a9e8a85f0f5
a93bfb8336dcbc73c29b01b38d3831c8523ce7b019e34a28f5ef271ece468645
GET /template/69tang6/ads/hfz.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: application/javascript
last-modified: Fri, 31 Jan 2025 08:05:22 GMT
vary: Accept-Encoding
etag: W/"679c8442-ca1"
expires: Mon, 03 Feb 2025 18:46:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
js.users.51.la/21601721.js
200 OK 4.9 kB URL GET HTTP/2 js.users.51.la/21601721.js
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint86:00:57:A6:AB:AF:E8:AC:33:B1:AB:3C:43:5C:85:88:74:A5:91:0E
ValidityTue, 19 Mar 2024 08:46:12 GMT - Sun, 20 Apr 2025 08:46:11 GMT
File type JavaScript source, ASCII text, with very long lines (5147), with no line terminators
Hash 8da25f36dd667739901eb43e79582e08
4f06c9cecbc7f4ddcbac184e3cbb11620748d503
d4775143df6f0e9b4797c320582674ef7dc84df7c4c057b4ef0cd2a002680c06
GET /21601721.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: application/javascript; charset=utf-8
server: openresty
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
via: EU-SWE-stockholm-EDGE1-CACHE2[393],EU-SWE-stockholm-EDGE1-CACHE2[ovl,392],EU-GER-frankfurt-EDGE5-CACHE2[ovl,366],CHN-HElangfang-GLOBAL6-CACHE29[ovl,19]
x-ccdn-req-id-46b1: 691c6f9cae236c9ec75281a761055f19
X-Firefox-Spdy: h2
we.nn11661.com/1e17037a1361c66bf1c9dfb5258f3845.gif
200 OK 0 B URL GET we.nn11661.com/1e17037a1361c66bf1c9dfb5258f3845.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwe.nn11661.com
FingerprintEA:A8:12:D4:0F:16:61:A5:B4:7E:75:23:22:7C:0B:2D:68:45:0E:4D
ValidityMon, 09 Dec 2024 15:25:59 GMT - Sun, 09 Mar 2025 15:25:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1e17037a1361c66bf1c9dfb5258f3845.gif HTTP/1.1
Host: we.nn11661.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 182775
cf-cache-status: HIT
cf-ray: 901bb8b57b4fd3a8-FRA
content-encoding: gzip
content-type: image/gif
date: Tue, 14 Jan 2025 06:55:37 GMT
etag: W/"645e2875-9450"
expires: Thu, 13 Feb 2025 06:55:37 GMT
last-modified: Tue, 14 Jan 2025 06:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmNV%2FSVvFqZvaO0BRLhApmn%2FLKr1jJdqUHzzA%2Fqt7io%2F0CNRAjqsfbyd%2F8YbeB5cMTer85Xaja0lFtInfyYFIqD0SAUx%2Bf2LUvZ4Jum%2BP3lA%2BbQweaS0mphwVkpoMdESKkfzALWX%2FYcs6dlzXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5679&min_rtt=5371&rtt_var=325&sent=297&recv=65&lost=0&retrans=0&sent_bytes=371391&recv_bytes=1109&delivery_rate=22936934&cwnd=423&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
vary: Accept-Encoding
x-cache: HIT, policy, disk
X-Firefox-Spdy: h2
an.fast011.xyz/3a87920b4cee28032f50be4654642900.gif
200 OK 0 B URL GET an.fast011.xyz/3a87920b4cee28032f50be4654642900.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectan.fast011.xyz
Fingerprint57:31:86:19:0E:CE:C0:58:33:8D:E7:CD:F3:03:9C:71:FC:F9:7C:B0
ValidityMon, 20 Jan 2025 23:28:56 GMT - Sun, 20 Apr 2025 23:28:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /3a87920b4cee28032f50be4654642900.gif HTTP/1.1
Host: an.fast011.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 639764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 90b22418e91c6945-FRA
content-encoding: gzip
content-type: image/gif
date: Sat, 01 Feb 2025 13:03:20 GMT
etag: W/"676ad289-4f0c8"
expires: Mon, 24 Feb 2025 03:20:36 GMT
last-modified: Mon, 03 Feb 2025 06:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrTS2jPKBQwTlR9EDg9QFKaE1wYIc%2FIFsZKzDXK4EGXr3RWm9mLhC6ACQPIQ77uduOOs3UCZj%2BzRborYtg%2B5IoLyNfJasyp%2FlUoDPS5rJb%2BDmErqOIgnTTp9pwCsvpTcojah6ieYDRQ%2FHqVXPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5399&min_rtt=5392&rtt_var=1530&sent=5&recv=7&lost=0&retrans=0&sent_bytes=3095&recv_bytes=1094&delivery_rate=744888&cwnd=252&unsent_bytes=0&cid=6af0c45de6eed848&ts=22&x=0"
vary: Accept-Encoding
x-cache: HIT, server, memory
X-Firefox-Spdy: h2
an.fast011.xyz/9f58b0f72fcee11d9348e85abcfc20f6.gif
200 OK 0 B URL GET an.fast011.xyz/9f58b0f72fcee11d9348e85abcfc20f6.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectan.fast011.xyz
Fingerprint57:31:86:19:0E:CE:C0:58:33:8D:E7:CD:F3:03:9C:71:FC:F9:7C:B0
ValidityMon, 20 Jan 2025 23:28:56 GMT - Sun, 20 Apr 2025 23:28:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9f58b0f72fcee11d9348e85abcfc20f6.gif HTTP/1.1
Host: an.fast011.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 1083279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 90bdeabedad92c29-FRA
content-encoding: gzip
content-type: image/gif
date: Sun, 02 Feb 2025 23:21:20 GMT
etag: W/"6742ba9e-4f2cb"
expires: Thu, 20 Feb 2025 10:26:41 GMT
last-modified: Sun, 02 Feb 2025 23:21:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYJ0ztd0pU%2BApYBtvRknhpEZRl%2F7akp0j%2BikgdoXXtkkEjyYatr8My1QkYTmazF8UIp4FG2gjl6yj2LS8%2F8mSeXmyBnykK1Fb1aKFm4M9Vmms1GdwwhFxqpj3n%2B4R38%2B0HnNSxKL%2BwTWfJAhlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5339&min_rtt=5328&rtt_var=1519&sent=5&recv=7&lost=0&retrans=0&sent_bytes=3095&recv_bytes=1174&delivery_rate=750974&cwnd=252&unsent_bytes=0&cid=1318c85356b5bd38&ts=20&x=0"
vary: Accept-Encoding
x-cache: HIT, server, disk
X-Firefox-Spdy: h2
wg1.zjqjs.com/bcd0d20f500f7d1ec58c04254e3303bf.gif
200 OK 0 B URL GET wg1.zjqjs.com/bcd0d20f500f7d1ec58c04254e3303bf.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerUnizeto Technologies S.A.
Subjectwg1.zjqjs.com
Fingerprint62:32:93:E5:23:17:B0:60:2A:F4:95:F7:3B:22:45:D7:7E:4A:C4:BD
ValidityMon, 18 Nov 2024 14:49:34 GMT - Thu, 18 Dec 2025 14:49:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bcd0d20f500f7d1ec58c04254e3303bf.gif HTTP/1.1
Host: wg1.zjqjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ai-pw24.top:26684/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Mon, 03 Feb 2025 06:46:13 GMT
content-type: image/gif
last-modified: Wed, 04 Dec 2024 08:15:00 GMT
vary: Accept-Encoding
etag: W/"67500f84-66331"
expires: Sun, 12 Jan 2025 16:00:02 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
txdy111.cqpwt.com/960x80.gif
200 OK 339 kB URL GET HTTP/2 txdy111.cqpwt.com/960x80.gif
IP
ASN #4812 China Telecom Group
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerTrustAsia Technologies, Inc.
Subjecttxdy111.cqpwt.com
Fingerprint98:7F:44:9B:C0:6C:3E:55:A0:F9:EF:37:33:C4:AC:F8:69:32:04:C5
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sun, 20 Apr 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 339 kB (338627 bytes)
Hash b318993fae46c8a5ee5404b075ae98d2
1786fc1768712d8d1d8e2415345492b46e3b92cc
173169947e358ce143ff0c99071bb6e43504517095e5fbca9a11c002de3021cd
GET /960x80.gif HTTP/1.1
Host: txdy111.cqpwt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 338627
date: Mon, 27 Jan 2025 08:00:37 GMT
last-modified: Sat, 11 Jan 2025 11:52:21 GMT
vary: Accept-Encoding
etag: "67825b75-52ac3"
expires: Wed, 26 Feb 2025 08:00:37 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache8.l2cn7492[508,232,200-0,C], cache6.l2cn7492[233,0], kunlun10.cn7174[0,0,200-0,H], kunlun3.cn7174[2,0]
age: 600334
ali-swift-global-savetime: 1737964837
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 27 Jan 2025 08:00:36 GMT
x-swift-cachetime: 2592001
timing-allow-origin: *
eagleid: b4a3921717385651722897896e
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/static/css/home.css
200 OK 21 kB URL GET HTTP/2 www.ai-pw24.top:26684/static/css/home.css
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/css/home.css HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: text/css
last-modified: Tue, 24 Aug 2021 06:28:18 GMT
vary: Accept-Encoding
etag: W/"61249182-5337"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/images/app.css
200 OK 31 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/images/app.css
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/69tang6/images/app.css HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:09 GMT
content-type: text/css
last-modified: Sat, 09 Oct 2021 05:56:37 GMT
vary: Accept-Encoding
etag: W/"61612f15-79ac"
expires: Mon, 03 Feb 2025 18:46:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ai-pw24.top:26684/template/69tang6/ads/hfs.js
200 OK 11 kB URL GET HTTP/2 www.ai-pw24.top:26684/template/69tang6/ads/hfs.js
IP
ASN #134548 DXTL Tseung Kwan O Service
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectwww.ai-pw24.top
FingerprintFB:17:B5:D0:DA:0E:F2:32:6F:7B:9F:33:1A:B8:B1:83:34:0C:3F:53
ValiditySat, 25 Jan 2025 08:15:46 GMT - Fri, 25 Apr 2025 08:15:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/69tang6/ads/hfs.js HTTP/1.1
Host: www.ai-pw24.top:26684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 03 Feb 2025 06:46:10 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2025 12:31:47 GMT
vary: Accept-Encoding
etag: W/"679f65b3-29ed"
expires: Mon, 03 Feb 2025 18:46:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
an.match158.top/91c657ce75fbacb33578506f52e36e6f.gif
0 B URL GET an.match158.top/91c657ce75fbacb33578506f52e36e6f.gif
IP
Requested by https://www.ai-pw24.top:26684/
Certificate IssuerLet's Encrypt
Subjectan.match158.top
Fingerprint97:69:E9:EC:67:9D:E8:05:9E:2B:75:58:FF:FA:28:44:EA:14:6B:95
ValidityWed, 08 Jan 2025 01:14:04 GMT - Tue, 08 Apr 2025 01:14:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /91c657ce75fbacb33578506f52e36e6f.gif HTTP/1.1
Host: an.match158.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ai-pw24.top:26684/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
154.206.169.211
180.101.212.103
154.91.91.59
104.160.179.210
172.104.135.123
104.21.7.170
45.201.216.146
163.181.49.229
212.247.59.123
220.128.218.220
43.152.140.79