Report - www.2xpuregroup.com/

Report Overview

Visited public
2025-05-04 13:17:06
Tags
URL
www.2xpuregroup.com/
Finishing URL
www.2xpuregroup.com/
IP / ASN
38.12.86.36
#54600 PEG-SV
Title
suncitygroup太阳集团-官方网站 2138cn.vip

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
js.users.51.la	53024	2005-01-17	2012-05-30	2025-05-01	812 B	0 B	0.0.0.0
sp0.baidu.com	18423	1999-10-11	2014-12-05	2025-04-27	478 B	0 B	0.0.0.0
www.2xpuregroup.com	unknown	2025-04-15	2025-05-02	2025-05-02	1.4 kB	7.9 kB	38.12.86.36
sdk.51.la	88367	2005-01-17	2021-03-08	2025-05-03	421 B	37 kB	212.247.59.123
www.sogou.com	39670	2001-12-19	2012-05-22	2025-04-30	452 B	0 B	0.0.0.0
bafydlm7hit2bt.hu3tdwnsvxjza4.com	unknown	2025-04-01	2025-04-01	2025-04-30	13 kB	987 kB	122.10.50.210
p.ssl.qhimg.com	146684	2011-02-17	2015-05-28	2025-04-30	440 B	3.9 kB	3.167.2.10
vkg.hpdbfezgrqwn.vip	unknown	2024-01-16	2024-01-16	2025-05-04	1.1 kB	2.0 kB	122.10.26.202
hm.baidu.com	8254	1999-10-11	2012-05-26	2025-04-30	431 B	0 B	0.0.0.0
www.baidu.com	3121	1999-10-11	2017-01-30	2025-05-03	437 B	1.2 kB	103.235.46.102
collect-v6.51.la	91421	2005-01-17	2021-03-08	2025-05-02	495 B	528 B	212.247.59.123
zz.bdstatic.com	27702	2011-12-26	2017-01-30	2025-05-03	414 B	769 B	157.255.63.48

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-04 13:16:44	low	38.12.86.36	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2025-05-04 13:16:45	low	38.12.86.36	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2	ScriptElement	54 B	2025-03-25	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:55 Last Seen2025-05-11 06:23 Times Seen1155 Hash f0c890a3e1e1e77e8a930e5c4436cf27 503e6a5626f826534ed47d987c09525142c86ba2 15c5f36c182e9bc94f22a707f225944cbc8739b94bbcee9aa801a8e24d4dfbbb Loading...

	www.2xpuregroup.com/	ScriptElement	57 B	2023-03-07	2025-05-11
Pretty URL www.2xpuregroup.com/ IP 38.12.86.36 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:19 Last Seen2025-05-11 19:40 Times Seen2805 Hash 2d313be4b5d93e9b681de954aaeb3006 1e0508be1026244daf1812f988033612c3945bdb 9059d0d74efaf0e229d59a9c05ace7b975b42ccacea21e01aa64c56b2157048c Loading...

	www.2xpuregroup.com/	Function	39 B	2023-04-12	2025-05-11
Pretty URL www.2xpuregroup.com/ IP 38.12.86.36 ASN #54600 PEG-SV Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 04:16 Last Seen2025-05-11 23:31 Times Seen4299 Hash 26421ac860f4dba7f27811712a149502 aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b 266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3 Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/jquery.min.js IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 15:17 Times Seen5143 Hash 12b69d0ae6c6f0c42942ae6da2896e84 d2cc8d43ce1c854b1172e42b1209502ad563db83 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/banner.js	ScriptElement	2.8 kB	2025-05-04	2025-05-06
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/banner.js IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-04 12:53 Last Seen2025-05-06 13:33 Times Seen138 Hash cba6f7dec5c4ddf9754d0623f9690804 1dd07389fdd83f486302bf36b90acb34ab2bd2f1 37cf143676cb1ca6861c4567876377388dd4d4c80db2950e0873a41c32f5e732 Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/quicklink.umd.js	ScriptElement	3.7 kB	2023-03-13	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/quicklink.umd.js IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:20 Last Seen2025-05-11 06:23 Times Seen1755 Hash a52ee49fe4afff274f8c30fe880ddc13 6e9f90f5d82324ded047fcb1ee3a69aaed0f9c91 0eaa691f4b80b80fe92bd5dcfa943126c6bac2e4f6ac1e586de155fa1c287360 Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/popper.min.js	ScriptElement	21 kB	2023-03-07	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/popper.min.js IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-11 21:26 Times Seen2277 Hash c6946dff4854d4611da8aef36666b938 9118198bd2a853baa4644c6e819427150ca35160 7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224 Loading...

	www.2xpuregroup.com/	Eval	2.3 kB	2024-09-01	2025-05-11
Pretty URL www.2xpuregroup.com/ IP 38.12.86.36 ASN #54600 PEG-SV Introduced by eval Embedded in HTML false Observations First Seen2024-09-01 01:46 Last Seen2025-05-11 06:23 Times Seen1424 Hash 85ddb566249a56a9130cd4093c09d6ef e9afdbca22a4f199b855d3a2249a07865da82bd1 72f49eca5dd7824a9834dba14c652d01a27c4a4c3700074ac354bac7aa047931 Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/bootstrap.min.js	ScriptElement	60 kB	2023-03-08	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/bootstrap.min.js IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:49 Last Seen2025-05-11 21:26 Times Seen1894 Hash 77cbad27852866cec1e32648eaafd22d 3ee3e67eddf2a6a59a46ef6644f93ba97efeefd1 2ced6f997d7fce10a38ddc75c2f24c9f8945f44e746128f3dcd61d923ea3fdce Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2	ScriptElement	213 B	2025-05-04	2025-05-07
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-04 12:53 Last Seen2025-05-07 14:55 Times Seen177 Hash 1f4f088f3cfb48bdfb72858940812344 be6a90b5acdb08dff447603b4a4e53143784ae34 94abd9a70c6f955a753408954de8f2e8fb912fd8825c0cfbf9016624b49e0ae3 Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2	ScriptElement	602 B	2024-10-08	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-08 13:57 Last Seen2025-05-11 06:23 Times Seen1614 Hash 5d521fee761d154dd90c7983722080b3 1b789883e965019e0ebf20cdf6f90a672e2a3e79 9c9ba85d4ca1fdd78cabc35e5bd261f8f812b25ea1c290da36a650982ae8c53c Loading...

	www.2xpuregroup.com/@public/jquery.cdn.js	ScriptElement	459 B	2024-05-01	2025-05-11
Pretty URL www.2xpuregroup.com/@public/jquery.cdn.js IP 38.12.86.36 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 11:31 Last Seen2025-05-11 06:23 Times Seen117 Hash d9b0f39ef39e4d6cdecb130e430314f5 5e6043a3c914e41fcfbc7eab03de767db050375c a70f068f2ad5d1268d271ab7016706f0662bf971df67353d716fb3b2bd132dba Loading...

	www.2xpuregroup.com/vue.min.js	ScriptElement	2.4 kB	2024-09-01	2025-05-11
Pretty URL www.2xpuregroup.com/vue.min.js IP 38.12.86.36 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-01 01:46 Last Seen2025-05-11 06:23 Times Seen1425 Hash 0c00d684e824fe5dcf93a58a476c6b3c 52f3fc50aa8f49bd98c9bb8ac2d548571f4df309 611d34ed95f8a154088d4b70c5745782b343df16d08bede44bbbd6abcef59cdf Loading...

	zz.bdstatic.com/linksubmit/push.js	ScriptElement	308 B	2023-03-07	2025-05-12
Pretty URL zz.bdstatic.com/linksubmit/push.js IP 157.255.63.48 ASN #136958 China Unicom Guangdong IP network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-12 03:22 Times Seen6626 Hash f9fc52ab67f035b8baf5d558714cc94d 37062a6fb1ef410d496137d44275738ae743c747 c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212 Loading...

	www.2xpuregroup.com/	ScriptElement	206 B	2023-07-05	2025-05-11
Pretty URL www.2xpuregroup.com/ IP 38.12.86.36 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-05 04:25 Last Seen2025-05-11 06:23 Times Seen1814 Hash 4586d6fc0daf723a04dabd67d8196248 83fe154ca56d1d5c769baf77d1820ff8aac5dd30 16835addf51de8a73efaf81b6086be272e61e669564bdb984eea54fe20802a8f Loading...

	www.2xpuregroup.com/	Function	39 B	2023-04-12	2025-05-11
Pretty URL www.2xpuregroup.com/ IP 38.12.86.36 ASN #54600 PEG-SV Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 04:16 Last Seen2025-05-11 23:31 Times Seen4299 Hash 26421ac860f4dba7f27811712a149502 aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b 266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3 Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	36 kB	2025-03-10	2025-05-12
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 212.247.59.123 ASN #1257 Tele2 SWIPnet Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-10 03:40 Last Seen2025-05-12 03:17 Times Seen5550 Hash b8a41c9449b73e8ba0224c6be1f0b7e8 33d79319d4110bcf5c44c36f7dd4a291972ac546 52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565 Loading...

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2	ScriptElement	23 B	2024-08-30	2025-05-11
Pretty URL bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 IP 122.10.50.210 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-30 14:30 Last Seen2025-05-11 06:23 Times Seen1637 Hash f0f1b87913b11f3a422d63e9d709db2f c329f6b620b0f0eaa7ca1bfd084f4eef45fff62f 37b5bded5f5c0153eac6cd0045904278b30466dc6750529fce5ae7728e219968 Loading...

	www.2xpuregroup.com/	ScriptElement	404 B	2023-03-07	2025-05-11
Pretty URL www.2xpuregroup.com/ IP 38.12.86.36 ASN #54600 PEG-SV Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 13:09 Times Seen2995 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

		Size	First Seen	Last Seen
	#1 Write - 7af71163d7bd83ee3c8d288c5b1d6bc4	108 B	2023-03-07 12:06	2025-05-11 06:23
Pretty Observations First Seen2023-03-07 12:06 Last Seen2025-05-11 06:23 Times Seen1785 Hash 7af71163d7bd83ee3c8d288c5b1d6bc4 8c229a05f51a0a0f9a8b80a0f226b82be3eb43a6 7730ce2a87575984b6266e8eb547315c26ed80fd29dacd3553ff17f4f16d7deb Loading...

	#2 Write - a6924e8fc1a367c95adf79004ec337e3	82 B	2024-05-01 11:31	2025-05-11 06:23
Pretty Observations First Seen2024-05-01 11:31 Last Seen2025-05-11 06:23 Times Seen115 Hash a6924e8fc1a367c95adf79004ec337e3 a1139a8452ce4373066d5f1ac6abc44cad06cdb7 b97a9070234aeb97f244467289757910b2c88b2f97a22e61fbad215e7b070a83 Loading...

	#3 Write - 923a7afe50bb5a8f68796244e51ec752	82 B	2024-05-01 11:31	2025-05-11 06:23
Pretty Observations First Seen2024-05-01 11:31 Last Seen2025-05-11 06:23 Times Seen115 Hash 923a7afe50bb5a8f68796244e51ec752 0da0c4a9b6ba579ad073fb7bb57c242fe2578c43 8eea17ebedb44ebb8ecc236d1d950a457034b541d453f8014c891358dafb4121 Loading...

	#4 Write - 97348c0c070226edfcbfcd7061944ed9	658 B	2025-05-02 12:26	2025-05-10 20:51
Pretty Observations First Seen2025-05-02 12:26 Last Seen2025-05-10 20:51 Times Seen5 Hash 97348c0c070226edfcbfcd7061944ed9 8107ab1d4a4c2319fb15bcf1547857cdf4ee784b 4c997376b7c2d87eba3c089b1094077416042eb66ce3da98b19ed78d907a727e Loading...

HTTP Transactions (43)

	URL	IP	Response	Size
	www.sogou.com/web/index/images/logo_440x140.v.4.png	0.0.0.0		0 B
URL GET www.sogou.com/web/index/images/logo_440x140.v.4.png IP 0.0.0.0:0 ASN #0 Requested by https://www.2xpuregroup.com/ Certificate IssuerDigiCert Inc Subject.sogou.com Fingerprint2F:2A:79:5A:24:B6:DA:7A:C3:20:C6:A1:AD:A8:F4:24:54:33:5C:6E ValidityTue, 18 Jun 2024 00:00:00 GMT - Sun, 13 Jul 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /web/index/images/logo_440x140.v.4.png HTTP/1.1 Host: www.sogou.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	zz.bdstatic.com/linksubmit/push.js	157.255.63.48	200 OK	308 B
URL GET zz.bdstatic.com/linksubmit/push.js IP 157.255.63.48:443 ASN #136958 China Unicom Guangdong IP network Requested by https://www.2xpuregroup.com/ Certificate IssuerGlobalSign nv-sa Subjectbaidu.com FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0 ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT File type ASCII text, with very long lines (308), with no line terminators Size 308 B (308 bytes) Hash f9fc52ab67f035b8baf5d558714cc94d 37062a6fb1ef410d496137d44275738ae743c747 c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212 HTTP Headers `GET /linksubmit/push.js HTTP/1.1 Host: zz.bdstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: JSP3/2.0.14 date: Sun, 04 May 2025 13:16:45 GMT content-type: application/x-javascript last-modified: Fri, 07 Feb 2025 07:56:51 GMT etag: "67a5bcc3-134" cache-control: max-age=86400 content-encoding: br age: 37263 accept-ranges: bytes tracecode: 33421676010606050058050310 ohc-global-saved-time: Sun, 04 May 2025 02:55:41 GMT ohc-cache-hit: gz5un50 [2], zhuzuncache56 [2] ohc-response-time: 1 0 0 0 0 0 X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/modalStyles.css	122.10.50.210	200 OK	7.3 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/modalStyles.css IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type Unicode text, UTF-8 text Size 7.3 kB (7312 bytes) Hash 15391bfe350ab49b6b9548b4afb268d7 f87f510a208f41edcf56d985f3ce09e9056f3813 3f279344aba08aab677f71ad32972d7e3d1157cf22d2931894295c7ebb2b8a96 HTTP Headers `GET /css/modalStyles.css HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: text/css last-modified: Mon, 28 Apr 2025 10:42:16 GMT vary: Accept-Encoding etag: W/"680f5b88-1c90" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/weide.png	122.10.50.210	200 OK	5.3 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/weide.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 5.3 kB (5294 bytes) Hash b5f40f3c38b9464dbfaa82f5fca1921b 1f3cdc4d8cfebb93899220a15c26943e24973849 0160de7c57628afc1694999264e44c99beb18dffdb2992be7d8223ed5f3ddc94 HTTP Headers `GET /imgs/weide.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 5294 last-modified: Fri, 04 Oct 2024 20:16:01 GMT etag: "67004d01-14ae" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/sansanqiqi.png	122.10.50.210	200 OK	9.2 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/sansanqiqi.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Size 9.2 kB (9166 bytes) Hash 2dc231bc7104153ad42e898e7d4e6779 9abd8a5a5cf86dc95eeb72f882b40e69e2a7d23e 1a622555817668f36c77a472dace4390aa8c2160a1af60330e9dc04de9f91e4f HTTP Headers `GET /imgs/sansanqiqi.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 9166 last-modified: Tue, 15 Oct 2024 17:22:51 GMT etag: "670ea4eb-23ce" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	p.ssl.qhimg.com/t010e288a56a0b005e9.png	3.167.2.10	200 OK	3.3 kB
URL GET p.ssl.qhimg.com/t010e288a56a0b005e9.png IP 3.167.2.10:443 ASN #0 Requested by https://www.2xpuregroup.com/ Certificate IssuerWoTrus CA Limited Subject.ssl.qhimg.com Fingerprint9F:97:DF:6D:B1:CC:B8:56:24:EB:FA:31:A3:58:CC:DE:1E:98:35:B7 ValidityMon, 17 Mar 2025 00:00:00 GMT - Fri, 17 Apr 2026 23:59:59 GMT File type PNG image data, 100 x 22, 8-bit/color RGBA, interlaced Size 3.3 kB (3294 bytes) Hash e7c1f199ef4ad1cd5e2381777f3af90f 8b06f308405eec3219587e4dc9e67bc6280fa841 a01d73b630804f843c99d70f8f64a30303a8bc1273fed46bdf9f3d190bea8a68 HTTP Headers `GET /t010e288a56a0b005e9.png HTTP/1.1 Host: p.ssl.qhimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 3294 date: Thu, 20 Mar 2025 09:27:13 GMT last-modified: Wed, 05 Jul 2023 13:30:09 GMT xzp: orxleiwzhoemlml expires: Wed, 18 Jun 2025 09:27:13 GMT cache-control: s-maxage=7776000, max-age=7776000 access-control-allow-origin: * timing-allow-origin: * xcs: HIT kcs-via: HIT from w-fc01.lato;MISS from w-sc01.lyct accept-ranges: bytes x-cache: Hit from cloudfront via: 1.1 4e0a1f367f79652e0e7d03fa585de7b2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: I37oFuUAUqF4f2PDxLO_RMIQFc61jP82NBaZV0Z8NWICrIYTk2TKfA== age: 3901771 X-Firefox-Spdy: h2

	vkg.hpdbfezgrqwn.vip/hylfff.php	122.10.26.202	200 OK	623 B
URL OPTIONS vkg.hpdbfezgrqwn.vip/hylfff.php IP 122.10.26.202:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://www.2xpuregroup.com/ Certificate IssuerLet's Encrypt Subjectvkg.hpdbfezgrqwn.vip Fingerprint85:A2:BA:6D:B6:E5:C0:3F:3B:81:18:52:DE:90:0E:CD:0A:38:A8:15 ValidityWed, 16 Apr 2025 15:27:27 GMT - Tue, 15 Jul 2025 15:27:26 GMT File type HTML document, Unicode text, UTF-8 text Size 623 B (623 bytes) Hash 7c29dc6ed66cfad3a090121f9cf024f6 e8cef15e0872a117aa9c9c8829216078d20eba72 a26c70c1325057093b67dd197fed10412bcaf36757f8216d4cc788e6349c1edf HTTP Headers OPTIONS /hylfff.php HTTP/1.1 Host: vkg.hpdbfezgrqwn.vip User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.2xpuregroup.com/ Origin: https://www.2xpuregroup.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:45 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding x-request-id: 8a322fbcc8d443a400244067933eb72f access-control-allow-origin: * access-control-allow-headers: * strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/quicklink.umd.js	122.10.50.210	200 OK	3.7 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/quicklink.umd.js IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (3711), with no line terminators Size 3.7 kB (3711 bytes) Hash a52ee49fe4afff274f8c30fe880ddc13 6e9f90f5d82324ded047fcb1ee3a69aaed0f9c91 0eaa691f4b80b80fe92bd5dcfa943126c6bac2e4f6ac1e586de155fa1c287360 HTTP Headers `GET /js/quicklink.umd.js HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: application/javascript last-modified: Sun, 28 Jul 2024 08:53:58 GMT vary: Accept-Encoding etag: W/"66a60726-e7f" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/bwin.png	122.10.50.210	200 OK	5.4 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/bwin.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 5.4 kB (5376 bytes) Hash 2bc1bf08144630d93b1cfaa5fe79a23c 1df219cb9bc37b20e9c14203234a7353c0de2b5e 2c3818b06418db8dc6bbe87d667087bde5d151c24211e9e08911370c1174276f HTTP Headers `GET /imgs/bwin.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 5376 last-modified: Fri, 04 Oct 2024 20:16:00 GMT etag: "67004d00-1500" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	js.users.51.la/21067571.js	0.0.0.0		0 B
URL GET js.users.51.la/21067571.js IP 0.0.0.0:0 ASN #0 Requested by https://www.2xpuregroup.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /21067571.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/banner/banner.365.png	122.10.50.210	200 OK	16 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/banner/banner.365.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced Size 16 kB (16171 bytes) Hash c0c473ff65d53364b57bae47c1309ddd 62117432116dc2cf7c9db76f20301d011e6c33b5 6ed60433bd74f4340f70783c9037c1614a6578188642f74aedf451101ebfb3e8 HTTP Headers `GET /imgs/banner/banner.365.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 16171 last-modified: Tue, 01 Oct 2024 15:31:18 GMT etag: "66fc15c6-3f2b" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/kaiyun.png	122.10.50.210	200 OK	6.4 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/kaiyun.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 6.4 kB (6379 bytes) Hash 6498a9d97304b0b805c98abbda8ed0fc ebbc775bafbcb958b3e4111a08aa30a8ee04500c 07bf983f17c6b63c74e12bc837f87a19f4656b6d901f91aff0646a0ad1390245 HTTP Headers `GET /imgs/kaiyun.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 6379 last-modified: Tue, 01 Oct 2024 15:31:15 GMT etag: "66fc15c3-18eb" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/tychongse.png	122.10.50.210	200 OK	22 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/tychongse.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 192 x 180, 8-bit colormap, non-interlaced Size 22 kB (21808 bytes) Hash c83eed0df1357aa7a2df0686eef73598 b175dc79cab26c5616a83ca5954865b2285e9c73 f9335a2d909da756905e552dfc2ae98a06001cf6ee1548f79bcdfe6446b3ef1a HTTP Headers `GET /imgs/tychongse.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 21808 last-modified: Fri, 04 Oct 2024 20:16:00 GMT etag: "67004d00-5530" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/wlxe.png	122.10.50.210	200 OK	5.3 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/wlxe.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 5.3 kB (5313 bytes) Hash 759534a3c80e7ad77deee14da3d94cd8 12d6fb2d8e7d74d3235e095d3c3c667e539702de 121dad2a5ca7affda231fc459b5eca6e6141e5d58061681d76679436e1dc5fc3 HTTP Headers `GET /imgs/wlxe.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 5313 last-modified: Fri, 04 Oct 2024 20:16:01 GMT etag: "67004d01-14c1" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	hm.baidu.com/hm.js?2c0553a9793dbc6c3bb526c113eab1a7	0.0.0.0		0 B
URL GET hm.baidu.com/hm.js?2c0553a9793dbc6c3bb526c113eab1a7 IP 0.0.0.0:0 ASN #0 Requested by https://www.2xpuregroup.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /hm.js?2c0553a9793dbc6c3bb526c113eab1a7 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.2xpuregroup.com/	0.0.0.0		0 B
URL GET sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.2xpuregroup.com/ IP 0.0.0.0:0 ASN #0 Requested by https://www.2xpuregroup.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.2xpuregroup.com/ HTTP/1.1 Host: sp0.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/2026shijiebei.png	122.10.50.210	200 OK	17 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/2026shijiebei.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 268 x 411, 8-bit colormap, non-interlaced Size 17 kB (16719 bytes) Hash 9c4488c5c4baaae0286bda2a5ca555eb 0103d52a175d0d91ed500b11f67d73457f7abc4a b7b9498d1beabae57d14a7806c87265571a0a5bbd1b5d49bc7029f1aad3959d6 HTTP Headers `GET /imgs/2026shijiebei.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 16719 last-modified: Tue, 01 Oct 2024 17:57:40 GMT etag: "66fc3814-414f" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/banner/banner.tyc.png	122.10.50.210	200 OK	46 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/banner/banner.tyc.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced Size 46 kB (45808 bytes) Hash a1235db1b76f41f43a7c32439908d4c6 d1ee4e039f8405f5597e6bd858ed4294b69213da 2dab4a9a2f1dd0d7bfcc44e863be3c2af1b0dff2a337eef181b28326cbed460b HTTP Headers `GET /imgs/banner/banner.tyc.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 45808 last-modified: Tue, 01 Oct 2024 15:31:21 GMT etag: "66fc15c9-b2f0" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	www.2xpuregroup.com/vue.min.js	38.12.86.36	200 OK	2.4 kB
URL GET www.2xpuregroup.com/vue.min.js IP 38.12.86.36:443 ASN #54600 PEG-SV Requested by https://www.2xpuregroup.com/ Certificate IssuerZeroSSL Subjectwww.2xpuregroup.com FingerprintE8:C5:C4:A4:E4:18:44:68:A3:51:86:18:19:73:A0:94:40:57:4A:D9 ValiditySat, 26 Apr 2025 00:00:00 GMT - Fri, 25 Jul 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (2379) Size 2.4 kB (2380 bytes) Hash 0c00d684e824fe5dcf93a58a476c6b3c 52f3fc50aa8f49bd98c9bb8ac2d548571f4df309 611d34ed95f8a154088d4b70c5745782b343df16d08bede44bbbd6abcef59cdf HTTP Headers `GET /vue.min.js HTTP/1.1 Host: www.2xpuregroup.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Cookie: PHPSESSID=idlgmehtd33496vtj45hoi9nb7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 04 May 2025 13:16:45 GMT Content-Type: application/javascript; charset=utf-8 Last-Modified: Mon, 28 Apr 2025 03:05:49 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"680ef08d-94c" Expires: Tue, 03 Jun 2025 13:16:45 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/bootstrap.min.js	122.10.50.210	200 OK	60 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/bootstrap.min.js IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (59765) Size 60 kB (60003 bytes) Hash 77cbad27852866cec1e32648eaafd22d 3ee3e67eddf2a6a59a46ef6644f93ba97efeefd1 2ced6f997d7fce10a38ddc75c2f24c9f8945f44e746128f3dcd61d923ea3fdce HTTP Headers `GET /js/bootstrap.min.js HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: application/javascript last-modified: Tue, 26 Dec 2023 13:01:43 GMT vary: Accept-Encoding etag: W/"658aceb7-ea63" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/W88.png	122.10.50.210	200 OK	11 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/W88.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 11 kB (11423 bytes) Hash 36e99eab94c2c02b70c014bacf9d86ee 4ad09dd35613763520749684737d6277a94773bc b95c931f43bc4e2a23c6350717153d182d813f087fe970a4aa0e13984d190d2a HTTP Headers `GET /imgs/W88.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 11423 last-modified: Tue, 18 Mar 2025 08:47:19 GMT etag: "67d93317-2c9f" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/2025fajia.png	122.10.50.210	200 OK	33 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/2025fajia.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 1780 x 2251, 8-bit colormap, non-interlaced Size 33 kB (32644 bytes) Hash 8f0cd5f85d6de29491700d70995017ff 91b6374b9717a6d9df3574ad1a246d7da44dbf1b eb0be5a9c93ed5ef86eda2ec2de2d8bdb24bf08e048dbdb7e8161444f46ad63a HTTP Headers `GET /imgs/2025fajia.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 32644 last-modified: Tue, 01 Oct 2024 17:57:38 GMT etag: "66fc3812-7f84" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/2025shiyunhui.png	122.10.50.210	200 OK	28 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/2025shiyunhui.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 309 x 497, 8-bit colormap, non-interlaced Size 28 kB (27838 bytes) Hash 48f648a53cd03787cab32621f6088895 408fac6305133287fdf50315d8212e07f4a0c89c fa5c757347298a9b2cd0b3823d37d4c1c5a2c75520207f37b61ad9873df50557 HTTP Headers `GET /imgs/2025shiyunhui.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 27838 last-modified: Tue, 01 Oct 2024 17:57:38 GMT etag: "66fc3812-6cbe" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	www.2xpuregroup.com/	38.12.86.36	200 OK	3.7 kB
URL User Request GET www.2xpuregroup.com/ IP 38.12.86.36:443 ASN #54600 PEG-SV Certificate IssuerZeroSSL Subjectwww.2xpuregroup.com FingerprintE8:C5:C4:A4:E4:18:44:68:A3:51:86:18:19:73:A0:94:40:57:4A:D9 ValiditySat, 26 Apr 2025 00:00:00 GMT - Fri, 25 Jul 2025 23:59:59 GMT File type HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Size 3.7 kB (3692 bytes) Hash 48146a96c6a92d57dce1d64e51443705 85bf86f78e8bbb76f63ce6e09f8b401dae5c738e e4de25861c05e71ac5e09a7d956cae032ad5e91a399dbf7aac4d3eca6b05eed0 HTTP Headers `GET / HTTP/1.1 Host: www.2xpuregroup.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 04 May 2025 13:16:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding cfrom: rewrite x-powered-by: java Server: home Set-Cookie: PHPSESSID=idlgmehtd33496vtj45hoi9nb7; path=/ Last-Modified: Sun, 04 May 2025 13:16:44 GMT Pragma: cache Expires: Tue, 06 May 2025 13:16:44 GMT Cache-Control: max-age=172800 Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	www.baidu.com/img/baidu_jgylogo3.gif	103.235.46.102	200 OK	705 B
URL GET www.baidu.com/img/baidu_jgylogo3.gif IP 103.235.46.102:443 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Requested by https://www.2xpuregroup.com/ Certificate IssuerGlobalSign nv-sa Subjectbaidu.com FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0 ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT File type GIF image data, version 89a, 117 x 38 Size 705 B (705 bytes) Hash 803bb46a6acef395ed9353de2dcf26f5 684764e45ebb267a15c337a6eb671047c7873ead dc506b4253e2bb145e5b370f6088842382a8c2bd0632d9b265744f706727f7f5 HTTP Headers `GET /img/baidu_jgylogo3.gif HTTP/1.1 Host: www.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=315360000 Content-Length: 705 Content-Type: image/gif Date: Sun, 04 May 2025 13:16:45 GMT Etag: "2c1-63266d3290dc0" Expires: Wed, 02 May 2035 13:16:45 GMT Last-Modified: Thu, 10 Apr 2025 06:37:51 GMT P3p: CP=" OTI DSP COR IVA OUR IND COM " Server: Apache Set-Cookie: BAIDUID=32BA8CC8F9C445E632A63440CD36411B:FG=1; expires=Mon, 04-May-26 13:16:45 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1`

	js.users.51.la/20519907.js	0.0.0.0		0 B
URL GET js.users.51.la/20519907.js IP 0.0.0.0:0 ASN #0 Requested by https://www.2xpuregroup.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /20519907.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/jquery.min.js	122.10.50.210	200 OK	90 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/jquery.min.js IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 90 kB (89475 bytes) Hash 12b69d0ae6c6f0c42942ae6da2896e84 d2cc8d43ce1c854b1172e42b1209502ad563db83 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f HTTP Headers `GET /js/jquery.min.js HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: application/javascript last-modified: Tue, 26 Dec 2023 13:01:43 GMT vary: Accept-Encoding etag: W/"658aceb7-15d83" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/popper.min.js	122.10.50.210	200 OK	21 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/js/popper.min.js IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (21084) Size 21 kB (21218 bytes) Hash c6946dff4854d4611da8aef36666b938 9118198bd2a853baa4644c6e819427150ca35160 7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224 HTTP Headers `GET /js/popper.min.js HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: application/javascript last-modified: Tue, 26 Dec 2023 13:01:44 GMT vary: Accept-Encoding etag: W/"658aceb8-52e2" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/gf.fc8d6758.png	122.10.50.210	200 OK	40 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/gf.fc8d6758.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 1200 x 400, 8-bit colormap, non-interlaced Size 40 kB (40362 bytes) Hash e8756f5a60a8553b7d9b26851bebfa7d 09d5262bbbdfec24e88b8faba8a00e6b80b8e831 5462953296cdf1f3ec26a1bda5e1c1212fd09a07494b61bba542100767600686 HTTP Headers `GET /imgs/gf.fc8d6758.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 40362 last-modified: Tue, 01 Oct 2024 15:31:14 GMT etag: "66fc15c2-9daa" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	collect-v6.51.la/v6/collect?dt=4	212.247.59.123	210 No Reason Phrase	0 B
URL POST collect-v6.51.la/v6/collect?dt=4 IP 212.247.59.123:443 ASN #1257 Tele2 SWIPnet Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerGlobalSign nv-sa Subject.51.la FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /v6/collect?dt=4 HTTP/1.1 Host: collect-v6.51.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Length: 318 Origin: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 210 No Reason Phrase date: Sun, 04 May 2025 13:16:47 GMT content-length: 0 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com access-control-allow-credentials: true via: EU-SWE-stockholm-EDGE1-CACHE1[215],EU-SWE-stockholm-EDGE1-CACHE1[ovl,208],EU-GER-frankfurt-EDGE7-CACHE1[ovl,185],EA-HKG-EDGE6-CACHE1[ovl,23],EA-HKG-GLOBAL1-CACHE25[ovl,21] x-ccdn-req-id-46b1: 0427520b4dad3f7242de7974fce58cc3 X-Firefox-Spdy: h2

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/betway.png	122.10.50.210	200 OK	6.9 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/betway.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 6.9 kB (6928 bytes) Hash 4f9f1c048148b5759db7c70d4427ca5b 40006416fcdc12c925f6069aba457b2b85552ae0 26b6d720a2df9da5151756fd37ec0c69651304677250be9d7246936835e5acec HTTP Headers `GET /imgs/betway.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 6928 last-modified: Fri, 04 Oct 2024 20:16:00 GMT etag: "67004d00-1b10" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/M88.png	122.10.50.210	200 OK	5.8 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/M88.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 5.8 kB (5783 bytes) Hash c62f912b67c25b324e69d7c5e75234d8 93bac056a3142c583d8d7261b24e165534c6683d 9b7f96b55e389d9e218db90fb1219c5a5034ec4d1cb628a13fd28dfd1c521e31 HTTP Headers `GET /imgs/M88.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 5783 last-modified: Mon, 21 Apr 2025 13:53:31 GMT etag: "68064ddb-1697" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	vkg.hpdbfezgrqwn.vip/hylfff.php	122.10.26.202	200 OK	664 B
URL POST vkg.hpdbfezgrqwn.vip/hylfff.php IP 122.10.26.202:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://www.2xpuregroup.com/ Certificate IssuerLet's Encrypt Subjectvkg.hpdbfezgrqwn.vip Fingerprint85:A2:BA:6D:B6:E5:C0:3F:3B:81:18:52:DE:90:0E:CD:0A:38:A8:15 ValidityWed, 16 Apr 2025 15:27:27 GMT - Tue, 15 Jul 2025 15:27:26 GMT File type HTML document, Unicode text, UTF-8 text Size 664 B (664 bytes) Hash 55ad3d68e024b6954226678bb451b63a 20b583949dd0573b94e46ac229ba3f3656eefde2 a503ff3e8b312e7baa3a1c3721b932afa146e582425bc0a259373ee0fdc85016 HTTP Headers POST /hylfff.php HTTP/1.1 Host: vkg.hpdbfezgrqwn.vip User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded;charset=UTF-8; Content-Length: 104 Origin: https://www.2xpuregroup.com DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:45 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding x-request-id: a8d5cd18e53acc4200244067a014e4c9 access-control-allow-origin: * access-control-allow-headers: * strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2	122.10.50.210	200 OK	33 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://www.2xpuregroup.com/ Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type HTML document, Unicode text, UTF-8 text Size 33 kB (33363 bytes) Hash db6eae5f7e89a879ab7db737c7291f09 322195684299492ce7bb75bbae2da1a5af19c7af 96503e777c16f86deefd7c26fa042a1e4efaf1cc7843692d5e822b757b5ca0b6 HTTP Headers GET /?id=2 HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:46 GMT content-type: text/html last-modified: Sun, 04 May 2025 08:03:40 GMT vary: Accept-Encoding etag: W/"68171f5c-8253" strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/bootstrap.min.css	122.10.50.210	200 OK	160 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/bootstrap.min.css IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type ASCII text, with very long lines (65326) Size 160 kB (160257 bytes) Hash 9593715f4442d1f9d4e1a79e04481212 b480b8701abf383a48c32c7535e2387a1bf04cf3 1535585d0a5316a2dd4237a2a10d314dd174701c571f244cc0c44528b8b7fb3b HTTP Headers `GET /css/bootstrap.min.css HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: text/css last-modified: Tue, 26 Dec 2023 13:01:53 GMT vary: Accept-Encoding etag: W/"658acec1-27201" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/bg.lanse.jpg	122.10.50.210	200 OK	296 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/bg.lanse.jpg IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3593x1400, components 3 Size 296 kB (296412 bytes) Hash acc29e2a810dbb1885ed42bccfcc3ddf 16175006f7ecbe64fec2bf622188680e9620e525 40a9ef15524032293e0f19486dd17456585762f1fce3ba47349cb2e79e2d56e5 HTTP Headers `GET /imgs/bg.lanse.jpg HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/jpeg content-length: 296412 last-modified: Mon, 07 Oct 2024 16:04:16 GMT etag: "67040680-485dc" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/bet365.png	122.10.50.210	200 OK	11 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/bet365.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 11 kB (11205 bytes) Hash 65fb72a68b9dca68ade34ada3253fc2a 5260a46f7843f885a7552940a68975abf2d62bc7 5bc5dd8a9766bb21896db9db9ea8c03e0f16098f1eb46c6bf3f8a33e57d33702 HTTP Headers `GET /imgs/bet365.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 11205 last-modified: Tue, 01 Oct 2024 15:31:11 GMT etag: "66fc15bf-2bc5" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/188jinbaobo.png	122.10.50.210	200 OK	4.3 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/188jinbaobo.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 4.3 kB (4303 bytes) Hash eaf4080a25184f8bd3cf68c96e01f003 858ae929b632ae67ab64b4778ea0117a3d972470 c88e9278bd955a8de13590bdc476c7cd724a44a37e56681582a1c02be94708e4 HTTP Headers `GET /imgs/188jinbaobo.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 4303 last-modified: Tue, 01 Oct 2024 15:31:11 GMT etag: "66fc15bf-10cf" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	www.2xpuregroup.com/@public/jquery.cdn.js	38.12.86.36	200 OK	459 B
URL GET www.2xpuregroup.com/@public/jquery.cdn.js IP 38.12.86.36:443 ASN #54600 PEG-SV Requested by https://www.2xpuregroup.com/ Certificate IssuerZeroSSL Subjectwww.2xpuregroup.com FingerprintE8:C5:C4:A4:E4:18:44:68:A3:51:86:18:19:73:A0:94:40:57:4A:D9 ValiditySat, 26 Apr 2025 00:00:00 GMT - Fri, 25 Jul 2025 23:59:59 GMT File type JavaScript source, ASCII text Size 459 B (459 bytes) Hash d9b0f39ef39e4d6cdecb130e430314f5 5e6043a3c914e41fcfbc7eab03de767db050375c a70f068f2ad5d1268d271ab7016706f0662bf971df67353d716fb3b2bd132dba HTTP Headers `GET /@public/jquery.cdn.js HTTP/1.1 Host: www.2xpuregroup.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.2xpuregroup.com/ Cookie: PHPSESSID=idlgmehtd33496vtj45hoi9nb7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 04 May 2025 13:16:45 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 459 Last-Modified: Sat, 27 Feb 2021 08:18:51 GMT Connection: keep-alive ETag: "603a006b-1cb" Expires: Tue, 03 Jun 2025 13:16:45 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-Ranges: bytes`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css	122.10.50.210	200 OK	23 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type ASCII text, with very long lines (4600) Size 23 kB (22652 bytes) Hash d9d9cd462c58308135d4217c78dfd237 12b3742243c1e8058c74f6584d1b62ba5e784e91 5cf6b5172247800a55bbd115807039cd53018d648ccfc47ac61dfc80384a11f8 HTTP Headers `GET /css/style.css HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: text/css last-modified: Fri, 02 May 2025 06:36:56 GMT vary: Accept-Encoding etag: W/"68146808-587c" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/banner.js	122.10.50.210	200 OK	2.8 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/banner.js IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text Size 2.8 kB (2844 bytes) Hash cba6f7dec5c4ddf9754d0623f9690804 1dd07389fdd83f486302bf36b90acb34ab2bd2f1 37cf143676cb1ca6861c4567876377388dd4d4c80db2950e0873a41c32f5e732 HTTP Headers `GET /banner.js HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: application/javascript last-modified: Sun, 04 May 2025 08:03:23 GMT vary: Accept-Encoding etag: W/"68171f4b-b1c" expires: Mon, 05 May 2025 01:16:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	sdk.51.la/js-sdk-pro.min.js	212.247.59.123	200 OK	36 kB
URL GET sdk.51.la/js-sdk-pro.min.js IP 212.247.59.123:443 ASN #1257 Tele2 SWIPnet Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerGlobalSign nv-sa Subject.51.la FingerprintAE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C ValidityTue, 18 Mar 2025 04:08:22 GMT - Sun, 19 Apr 2026 04:08:21 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (35899) Size 36 kB (36115 bytes) Hash b8a41c9449b73e8ba0224c6be1f0b7e8 33d79319d4110bcf5c44c36f7dd4a291972ac546 52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565 HTTP Headers `GET /js-sdk-pro.min.js HTTP/1.1 Host: sdk.51.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sun, 04 May 2025 13:16:47 GMT content-type: text/plain; charset=utf-8 server: openresty cache-control: no-store access-control-allow-origin: * access-control-allow-credentials: true via: EU-SWE-stockholm-EDGE1-CACHE1[227],EU-SWE-stockholm-EDGE1-CACHE1[ovl,213],EU-GER-frankfurt-EDGE7-CACHE1[ovl,190],EA-HKG-EDGE6-CACHE1[ovl,38],EA-HKG-GLOBAL1-CACHE21[ovl,35],CHN-GDdongguan-GLOBAL1-CACHE109[ovl,30] x-ccdn-req-id-46b1: cc6648d4c3fc2a0098748a425fe8a5d8 X-Firefox-Spdy: h2`

	bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/yonglilanse.png	122.10.50.210	200 OK	7.5 kB
URL GET bafydlm7hit2bt.hu3tdwnsvxjza4.com/imgs/yonglilanse.png IP 122.10.50.210:443 ASN #134548 DXTL Tseung Kwan O Service Requested by https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/?id=2 Certificate IssuerSectigo Limited Subjectbafydlm7hit2bt.hu3tdwnsvxjza4.com FingerprintA7:8F:CE:13:EB:81:05:9B:01:78:04:85:F7:C2:25:1A:29:A6:6E:6F ValidityTue, 01 Apr 2025 00:00:00 GMT - Wed, 01 Apr 2026 23:59:59 GMT File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced Size 7.5 kB (7502 bytes) Hash 1a684e7fdc32555e242beecd6d832128 3923f73e18c1f33eb92806d83404f21e0f152eed f22e7768100f4b362caa9fc76f402f7299102c68118c6b9490f97b9687b9680e HTTP Headers `GET /imgs/yonglilanse.png HTTP/1.1 Host: bafydlm7hit2bt.hu3tdwnsvxjza4.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bafydlm7hit2bt.hu3tdwnsvxjza4.com/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 May 2025 13:16:47 GMT content-type: image/png content-length: 7502 last-modified: Fri, 04 Apr 2025 18:59:41 GMT etag: "67f02c1d-1d4e" expires: Tue, 03 Jun 2025 13:16:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML