{"report_id":"865e344e-10e3-471c-b3f4-8f743e8353c8","version":6,"status":"done","tags":[],"date":"2026-03-07T16:22:13Z","url":{"schema":"http","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.181.150","port":0,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"title":"父亲_搜索_第1页 - 尤物宝典","dom":{"size":84708,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (45596)","md5":"bbd5ad0fbfc8cf3d3b742b14ddb27b84","sha1":"49d74c67ece1852e7c9b2d0303fc2edef2432d8b","sha256":"11b121d549e20ab30bbae69eac50f6a725bac186048e825d6539e72910bac57f","sha512":"ea47d5ce8bac865d886686a0ee07903e62e04cd119ad189bfa29f9423c7c80f2c83970a687b0d6b46dded34d9e7dfe36a45463176e89b783a3da32d81edd92a5","ssdeep":"1536:geTw9nVV6YCQp2f3tM39V0G1J8MyrEWOO:bTUy3u39V0gJ8MyrVOO","tlshash":"b083e8720289692f660b45c8a674bb5ce19a076fced38c01b2fdb7d2e749ff68905047","dom_hash":"domhash5abf26ce4fc37f9783852bd22a9fa65c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.181.150","port":0,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-11T16:22:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"da.da15525716.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fqjpg5.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-05-14","domain_rank":0,"first_seen":"2025-08-25T01:14:58.379267Z","last_seen":"2026-03-07T01:47:07.653886Z","alert_count":0,"request_count":4,"received_data":0,"sent_data":1920,"comment":"","tags":null,"fingerprints":null},{"fqdn":"d3ccefxs96519j.cloudfront.net","ip":{"addr":"54.192.209.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-06-30T07:13:17.425046Z","last_seen":"2026-03-06T18:33:33.366879Z","alert_count":0,"request_count":1,"received_data":96183,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"www.jkuntp.com","ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"domain_registered":"2023-02-23","domain_rank":3345365,"first_seen":"2023-03-12T07:09:25Z","last_seen":"2026-02-27T07:13:25.431119Z","alert_count":0,"request_count":1,"received_data":62374,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"jpxjpg2.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-10-31","domain_rank":0,"first_seen":"2025-10-31T14:51:54.085174Z","last_seen":"2026-03-03T07:56:28.566508Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":481,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dq38rjje7qjm3.cloudfront.net","ip":{"addr":"18.239.47.58","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-03-24T19:11:01.50764Z","last_seen":"2026-03-06T23:17:34.307628Z","alert_count":0,"request_count":1,"received_data":94060,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"11221.xn--gps-8y0gm25n.xn--55qx5d","ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"domain_registered":"2025-04-18","domain_rank":0,"first_seen":"2025-12-03T14:43:28.608781Z","last_seen":"2026-03-07T00:44:22.321285Z","alert_count":0,"request_count":1,"received_data":596935,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fourhoi.com","ip":{"addr":"172.66.169.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-08","domain_rank":19874,"first_seen":"2025-01-12T23:54:02.694323Z","last_seen":"2026-02-23T11:18:04.106347Z","alert_count":0,"request_count":2,"received_data":292296,"sent_data":901,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"img1.souavzy.info","ip":{"addr":"104.21.12.156","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-15","domain_rank":4283918,"first_seen":"2025-06-15T03:19:19.494945Z","last_seen":"2026-03-05T02:19:14.612835Z","alert_count":0,"request_count":3,"received_data":1682,"sent_data":1461,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sbzytpimg1.com","ip":{"addr":"23.140.204.25","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-04-24","domain_rank":160397,"first_seen":"2024-07-25T07:47:58Z","last_seen":"2026-03-02T16:53:14.192571Z","alert_count":0,"request_count":2,"received_data":245518,"sent_data":978,"comment":"","tags":null,"fingerprints":null},{"fqdn":"2026tu.myxuanxuan.com","ip":{"addr":"101.33.21.239","port":443,"asn":139341,"as":"ACE","country":"United States","country_code":"US"},"domain_registered":"2016-04-10","domain_rank":0,"first_seen":"2026-01-26T20:19:42.17682Z","last_seen":"2026-03-03T01:49:52.828292Z","alert_count":0,"request_count":1,"received_data":643926,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img1.souavzy.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-12-15","domain_rank":7039838,"first_seen":"2025-07-26T06:21:28.482432Z","last_seen":"2026-03-05T02:19:14.767782Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":972,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img1.souavimg.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-13T06:05:21.935474Z","last_seen":"2026-03-05T02:19:17.213844Z","alert_count":0,"request_count":6,"received_data":0,"sent_data":2922,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pg888.12img707989.com","ip":{"addr":"205.198.65.15","port":5658,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-12-17","domain_rank":0,"first_seen":"2025-12-18T04:56:01.819009Z","last_seen":"2026-03-06T10:32:29.6222Z","alert_count":0,"request_count":1,"received_data":732708,"sent_data":458,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.mdynieu.com","ip":{"addr":"161.129.35.190","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-07T12:04:46.874157Z","last_seen":"2026-03-02T14:58:31.744236Z","alert_count":0,"request_count":1,"received_data":407041,"sent_data":462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.meituan.net","ip":{"addr":"163.171.134.109","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"domain_registered":"2010-01-25","domain_rank":189994,"first_seen":"2017-02-03T02:36:44Z","last_seen":"2026-03-06T03:12:30.353861Z","alert_count":0,"request_count":1,"received_data":407469,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"img1.ah7907.com","ip":{"addr":"36.151.194.102","port":443,"asn":56046,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"2024-08-29","domain_rank":0,"first_seen":"2025-11-08T09:13:57.808607Z","last_seen":"2026-03-06T18:33:33.708453Z","alert_count":0,"request_count":4,"received_data":631359,"sent_data":1772,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fsffbhd.4000522777.xn--fiqs8s","ip":{"addr":"172.67.73.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-31","domain_rank":0,"first_seen":"2026-02-08T15:30:41.519119Z","last_seen":"2026-03-02T14:58:29.631081Z","alert_count":0,"request_count":2,"received_data":1284550,"sent_data":982,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sbzytpimg4.com","ip":{"addr":"23.140.204.25","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-04-24","domain_rank":0,"first_seen":"2026-01-09T01:30:30.561069Z","last_seen":"2026-03-01T17:52:05.500667Z","alert_count":0,"request_count":2,"received_data":201902,"sent_data":978,"comment":"","tags":null,"fingerprints":null},{"fqdn":"jpxjpg3.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-01-23","domain_rank":0,"first_seen":"2026-01-28T07:23:17.649338Z","last_seen":"2026-03-03T08:06:55.278546Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":481,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajt.ywbd9.monster","ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":23,"request_count":23,"received_data":486771,"sent_data":12337,"comment":"","tags":null,"fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"sbzytpimg3.com","ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-04-24","domain_rank":0,"first_seen":"2025-11-20T08:56:43.016348Z","last_seen":"2026-03-07T04:15:05.237929Z","alert_count":0,"request_count":11,"received_data":3937324,"sent_data":5379,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sex8sex811.com","ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2025-02-25","domain_rank":660237,"first_seen":"2025-06-25T17:42:29.557339Z","last_seen":"2026-03-03T22:51:28.752653Z","alert_count":0,"request_count":2,"received_data":284,"sent_data":898,"comment":"","tags":null,"fingerprints":null},{"fqdn":"jpgjingpinx1.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-03-13","domain_rank":172398,"first_seen":"2025-04-02T05:04:02.716789Z","last_seen":"2026-03-05T02:19:14.75996Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":486,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img1212.syhze.com","ip":{"addr":"205.198.65.15","port":443,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2014-05-15","domain_rank":0,"first_seen":"2025-12-21T08:33:05.525239Z","last_seen":"2026-03-07T01:42:14.214173Z","alert_count":0,"request_count":2,"received_data":940974,"sent_data":898,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.alicdn.com","ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2008-06-25","domain_rank":61670,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2026-03-04T23:10:25.092548Z","alert_count":0,"request_count":11,"received_data":3295218,"sent_data":5430,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"d18wfmxtvthwf6.cloudfront.net","ip":{"addr":"54.192.209.4","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-10-19T14:31:41.989548Z","last_seen":"2026-03-02T03:05:13.284748Z","alert_count":0,"request_count":2,"received_data":557564,"sent_data":913,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"txdy.hznunxc.com","ip":{"addr":"157.185.128.120","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"domain_registered":"2025-07-15","domain_rank":0,"first_seen":"2026-02-12T23:34:46.222479Z","last_seen":"2026-03-06T10:32:29.455701Z","alert_count":0,"request_count":1,"received_data":120303,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-12-18","domain_rank":0,"first_seen":"2026-01-09T02:45:23.4071Z","last_seen":"2026-03-06T15:02:46.621404Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":491,"comment":"","tags":null,"fingerprints":null},{"fqdn":"da.da15525716.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-07-17","domain_rank":5801341,"first_seen":"2025-08-03T13:57:15.219117Z","last_seen":"2026-03-07T13:30:22.339793Z","alert_count":2,"request_count":2,"received_data":0,"sent_data":904,"comment":"","tags":null,"fingerprints":null},{"fqdn":"11224.xn--gps-8y0gm25n.xn--55qx5d","ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"domain_registered":"2025-04-18","domain_rank":0,"first_seen":"2025-12-12T01:01:33.916178Z","last_seen":"2026-03-02T14:58:30.066784Z","alert_count":0,"request_count":1,"received_data":686930,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mdutpianzxusifas.com","ip":{"addr":"45.204.71.19","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"domain_registered":"2026-01-23","domain_rank":0,"first_seen":"2026-01-25T07:46:05.172822Z","last_seen":"2026-03-06T22:51:46.662522Z","alert_count":0,"request_count":1,"received_data":146282,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"xing.sex8sex833.com","ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2025-02-25","domain_rank":0,"first_seen":"2025-09-30T04:22:11.843559Z","last_seen":"2026-03-03T22:51:29.112656Z","alert_count":0,"request_count":4,"received_data":496,"sent_data":1816,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pic.sex8sex844.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-25","domain_rank":0,"first_seen":"2025-11-17T08:50:51.130806Z","last_seen":"2026-03-03T22:51:28.469404Z","alert_count":0,"request_count":3,"received_data":476338,"sent_data":1359,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"la.lashayu.com","ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-05-31","domain_rank":3641502,"first_seen":"2025-06-14T15:54:25.098652Z","last_seen":"2026-03-01T16:46:53.933802Z","alert_count":0,"request_count":2,"received_data":380,"sent_data":968,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/js/swiper.min.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b86ae99b32e343617cf58b13c8f8a5e","sha1":"3f05a00dd1c1b280dc0238291d9b8fe6881e4d02","sha256":"a4eda3c573e9e41048c3b6802ebbf32187cf2012c50abab539bacdb4b825db89","sha512":"8eefc318783c0b88d8e299a4938a57a23cafb97716635e8dfe48a711108294172a3da9ff8fcc69babde3f9d539c8a0738e6ca8e8cd8b39cfa0581cf2b6b438a5","ssdeep":"3072:vPwozDkR63EE+58hmJRFznHgyjm0vYphwoLQPDZS:HRcRjWhKXnHgyjm0vYphwogZS","tlshash":"1ae39396b3cc257e85d76307ae7dc540e27ed43af21284bc32ac58d958ad8180779ef8","size":153765,"data":"","first_seen":"2023-03-14T09:42:10Z","last_seen":"2026-04-04T04:00:03.839972Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/js/common.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3389e213750ffb34f1de8ba3f43ebe29","sha1":"906e1a83ac965157170f289d4969d6f16bcfb3d4","sha256":"368caee50f32a18e8ab345fd2e90e0d835ecf159ff8805c89204bd5f9ad8049e","sha512":"0ed534d98d78bfa286c803a9cc45f8dbc2b4b7f8c09ac8bf0f8518a5362d1b4df161d4147c1bcdae6d91f3c02e5148fd9d27198d4c221dd3d755332fd7e71f52","ssdeep":"384:beiiVhcbvPMPHPSH6PMHlnEiX/hWfG3xngv4Po/DHuxHS:bv7PMPHPc6PwPoixHS","tlshash":"bd4253a8fbed4627a0b732a35d6ff198263a044fe1589c03fd3c08516fec9690616d9d","size":12634,"data":"","first_seen":"2025-08-25T06:56:27.757037Z","last_seen":"2026-04-04T04:00:03.836533Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/js/index.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf002bb7bc90b725450837f981182694","sha1":"afce90ed5a595f83517599c5cc9d491204da7a7a","sha256":"cad8fb9cbeb5f4d69d64f63cc46c01bc2afdcfdff894bad291757f13cfc213ae","sha512":"ab874dd9a9bc75beb61f0b1ad943e586a6d6ae37739f989b5f2af1099f941da06fc44e35e80f82fa7905ed6eb4fb160a8bd46f0e4478e7e7c8ff7cd00d886802","ssdeep":"384:OOy/ANJhnCwh6zrhJAihUBFEaNYZ/7NJh2CwhlzrhIAihvBFXobPgmpiGX28/0iS:IANjnCk6z9JA+UBw7Nj2Cklz9IA+vBY0","tlshash":"1f62b2287115667641fdb363a43c62b015e9fcb1e43174b1f46d84b10babaec2a70e6b","size":14791,"data":"","first_seen":"2025-08-25T06:56:27.690705Z","last_seen":"2026-04-04T04:00:03.851881Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/static/js/jquery.lazyload.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9dfc308833c7ae64a6e0e6bd33fb51d7","sha1":"527e4dbceb22c063ed1bc5bd2ec362d9a412892a","sha256":"f3a5e91219434ff92ae7b36b9582136a75f56b605ebeb54bac21efdfea4466d1","sha512":"383aec26af4153c8d03cf7ab898378d5be2d509fcc12e87daaccaf2a51f145ac57b08c3001db895ed95b24e807c5290d256e5570a519b2c478185b9472d27578","ssdeep":"","tlshash":"d641e5863f027534f179a9ad430f52096127d03b92d58dd1b089d8ecfcf86579a3698b","size":2232,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T12:57:38.403151Z","times_seen":18871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/abc/fixed_ui_9a02c6.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d08efdcf636d6a083af1ef015b95dd6b","sha1":"a342f68c11a76c176d40546c420a00aa6f15e247","sha256":"34f84f87f1bb91f520526e4af193bed9c766631b52fa99d4b27168b5df0babb2","sha512":"9a40cdc0f896938164a077eaf0d57c74cb9e179f880adb69f6dfd9f654ba7c9d081aa5dc092769a624353fd185c4206000125c52bb1637bcdb57611ef5032963","ssdeep":"96:RBrFraBfXJMwE3xg250lE/fEQTzg2ACuWJkiTaoP5VYb5G6JS/lWrN1/sKQtX:HBLwUm250lqfPT8RCuWJV5VGGg+gMltX","tlshash":"69b1935e79e330a68a2330b48fff150836319023920ddda47c1dd1a46fa9b946672fe9","size":5587,"data":"","first_seen":"2026-03-07T16:22:29.510897Z","last_seen":"2026-03-07T16:22:29.510897Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/static/js/jquery.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T15:48:44.569044Z","times_seen":60616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f406745cf3b401be5106b3320e382cf3","sha1":"296c06ac2334119736f5a090eba57eb73d69878f","sha256":"688874c1d6547199b7c3b7510f12178856ccfa018e09f17fcd1c28785d64ea16","sha512":"cbc6ca6cd0530366ea627d062752bc7076c22069161cffca57f88615b59e0e59dd98bb213aee2ac699a20963e66c3099ec94b84bf08bb92f86df8caa628e7334","ssdeep":"","tlshash":"89d0a73ba041443028efb79678aa87d83c3040057f861004891cccb66160fbad93bed8","size":247,"data":"","first_seen":"2025-08-25T06:56:27.784627Z","last_seen":"2026-04-04T04:00:03.893053Z","times_seen":274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"22de6ab8f2d9a947ea0d7edf6f875e6d","sha1":"e13d824b553d88271426f5a28872f88eb9731e3b","sha256":"f34207e4a77c719b4924aba953418fe3d003f30d5c9558793922957fb70352e9","sha512":"3ce16192be5bf6d83ff85324cf132989e60ec42e131fe3cfe8929bf0e710cba33513d7c595aa3f13ca5fca2cc8fd826d719fdc4b7eb58b4099da25a3d620dd0f","ssdeep":"","tlshash":"dfe0ab1e1b930039c1eb73cbfa9d33a11970130414a8a402c44ecaca0e22e6cf9df8e6","size":419,"data":"","first_seen":"2026-03-07T16:22:29.561224Z","last_seen":"2026-03-07T16:22:29.561224Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57ca1679beecd06eaa00944bec96c8d5","sha1":"90d2c545a94b7fa7ea2a0bb2e79d47db91cf7164","sha256":"7c766318d776596c427c9707337cc501d4a06a8186257b80a24d129fc3b97d42","sha512":"971021ae72ea21612944d42c4b9048028e447eb31df65c34a3311c1a6246773b9d8465eb20cb52c6b34099d5a7a714d791cd2eed9323764eed0b3addd104aa6b","ssdeep":"","tlshash":"27e07d9a8841d2e6d986b3bbffe0d368e8983b193817d83207101cd6221336fd446b4d","size":332,"data":"","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-04T15:25:57.554778Z","times_seen":8956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"img1.ah7907.com/846-960x60.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"36.151.194.102","port":443,"asn":56046,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /846-960x60.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 16:21:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221348,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1046,"timings":{"blocked":-1,"dns":300,"connect":212,"send":0,"wait":216,"receive":0,"ssl":315},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xing.sex8sex833.com/20251104/Mw2RbvD5/1.jpg","fqdn":"xing.sex8sex833.com","domain":"sex8sex833.com","tld":"com"},"ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xing.sex8sex833.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 26 Sep 2025 13:37:39 GMT","end":"Sat, 26 Sep 2026 13:37:38 GMT"},"fingerprint":{"sha1":"28:B4:22:5C:4D:3B:2D:75:D1:AA:11:BA:8B:68:D2:F4:0C:24:56:3C","sha256":"6F:10:DA:E6:82:FD:27:6D:3B:9D:3C:45:0E:7C:3D:E5:97:73:D9:BB:0B:4F:75:19:4F:20:88:F9:00:89:42:D6"}}},"request":{"raw":"GET /20251104/Mw2RbvD5/1.jpg HTTP/1.1\r\nHost: xing.sex8sex833.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sat, 07 Mar 2026 16:22:49 GMT\r\nContent-Length: 404\r\nContent-Type: text/html; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2614,"timings":{"blocked":363,"dns":29,"connect":162,"send":0,"wait":1158,"receive":0,"ssl":897},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"11221.xn--gps-8y0gm25n.xn--55qx5d/d/11221?_t=1766049818","fqdn":"11221.xn--gps-8y0gm25n.xn--55qx5d","domain":"11221.xn--gps-8y0gm25n.xn--55qx5d","tld":""},"ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.xn--gps-8y0gm25n.xn--55qx5d","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 14:22:13 GMT","end":"Tue, 07 Apr 2026 14:22:12 GMT"},"fingerprint":{"sha1":"01:F6:A8:64:D2:BF:90:49:78:62:32:E0:6F:0D:E9:33:66:39:30:EF","sha256":"5D:E4:BC:B9:AE:B1:76:CF:D1:39:B2:34:04:CA:CA:2F:97:94:D8:E3:B1:2D:D1:41:C3:4B:27:0D:1C:BF:03:26"}}},"request":{"raw":"GET /d/11221?_t=1766049818 HTTP/1.1\r\nHost: 11221.xn--gps-8y0gm25n.xn--55qx5d\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 07 Mar 2026 16:21:54 GMT\r\ncontent-type: text/html\r\ncontent-length: 145\r\nlocation: https://fsffbhd.4000522777.xn--fiqs8s/9acf3f15aa2f10616fcec1e9f8124088.gif?_t=1766049818\r\ncache-control: public, max-age=3600\r\nexpires: Saturday, 07-Mar-2026 16:21:54 GMT\r\nstrict-transport-security: max-age=31536000\r\nx-via-jsl: 679faae,-\r\nset-cookie: __jsluid_s=819a894b03ee360971af177d50d0f45a; max-age=31536000; path=/; HttpOnly; SameSite=None; secure\r\nx-cache: miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":596432,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2091,"timings":{"blocked":-1,"dns":1050,"connect":217,"send":0,"wait":596,"receive":0,"ssl":228},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:53.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 292628\r\ndate: Mon, 05 Jan 2026 06:12:44 GMT\r\nlast-modified: Tue, 11 Nov 2025 08:55:36 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.062\r\ntraceid: a3b58aa117675935639996215e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache40.l2de4[0,8,200-0,H], ens-cache40.l2de4[10,0], ens-cache1.se3[0,0,200-0,H], ens-cache20.se3[3,0]\r\naccess-control-allow-origin: *\r\nage: 5306949\r\nali-swift-global-savetime: 1767593564\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 18 Jan 2026 05:44:22 GMT\r\nx-swift-cachetime: 30414502\r\nback_uri: /imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif_.avif\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005138495604e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":292628,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"3a29654deae45805d8794954abbb5044","sha1":"42691fc8287fde23d6f03fb34434deabb343df14","sha256":"cc2627b8bf79a940675f68df3fcdb91bf14a94b98c1938dd334c2bfc62538bb3","sha512":"b272db82b275b8f2f0fe414b1f339432bc2663520931f602714e2ede08e8b655f766060cff98dda94f176180b3bcdc53a6e382c4faa10ce67ca13e8008f65353","ssdeep":"6144:Nq0IoTY/D/9IDmn8IDVS+jIDmn0JVr3AW9DuCDP:LTcNl5H03QuDuCDP","tlshash":"3c541216e3668b1f117098c1a1f16d7efaedaa1736f5aef1450c4c42053f9e8a339c62","first_seen":"2025-11-09T02:30:37.967304Z","last_seen":"2026-04-04T15:25:57.340317Z","times_seen":7807,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/yinhe/960-120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.4","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:57.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /yinhe/960-120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 215880\r\ndate: Wed, 25 Feb 2026 03:20:56 GMT\r\nlast-modified: Sun, 30 Mar 2025 12:21:24 GMT\r\netag: \"c2e3bac355c689e234388104488b22e2\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: kTsYBccHKXoG8ki0swCE05mW5LtbBvAyMzDfHhD79_3KVHeIAdMSiA==\r\nage: 910862\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":215880,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"c2e3bac355c689e234388104488b22e2","sha1":"fcf87563ac96adb085897c5e4b9ba62681e5139e","sha256":"3e2c70fe6b947f60c3dd5752c94d502a3443c28f781738d2e308567ad5cd90cf","sha512":"239bc5d1df9c1aa3cb7cb72bc2c5451dbaa7dc8255bc9cc348dbe22ab5752e37a11047d421769e0228f8a645981a246d0b5af00792de9dce6a6b1f8f504cd044","ssdeep":"3072:Y8szBTXPqZiXzUBgLKsbV9UnxQCBL/YYYDSMdIok1RLp8veNVhRZ2:3OBLfzUHoexXL/YDSCIfXL/hRZ2","tlshash":"ed2422faf626c923c47eabc16370eda256f7c78471e2100657c17f5ada603a0cb9851d","first_seen":"2025-04-02T02:40:05.475958Z","last_seen":"2026-03-15T13:02:26.875639Z","times_seen":10144,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":26,"dns":97,"connect":1,"send":0,"wait":3,"receive":7,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xing.sex8sex833.com/20251105/4Begy0ye/1.jpg","fqdn":"xing.sex8sex833.com","domain":"sex8sex833.com","tld":"com"},"ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xing.sex8sex833.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 26 Sep 2025 13:37:39 GMT","end":"Sat, 26 Sep 2026 13:37:38 GMT"},"fingerprint":{"sha1":"28:B4:22:5C:4D:3B:2D:75:D1:AA:11:BA:8B:68:D2:F4:0C:24:56:3C","sha256":"6F:10:DA:E6:82:FD:27:6D:3B:9D:3C:45:0E:7C:3D:E5:97:73:D9:BB:0B:4F:75:19:4F:20:88:F9:00:89:42:D6"}}},"request":{"raw":"GET /20251105/4Begy0ye/1.jpg HTTP/1.1\r\nHost: xing.sex8sex833.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sat, 07 Mar 2026 16:22:49 GMT\r\nContent-Length: 404\r\nContent-Type: text/html; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2599,"timings":{"blocked":345,"dns":21,"connect":163,"send":0,"wait":1163,"receive":0,"ssl":903},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavzy.org/upload/vod/20251101-1/4898259b861b7f0d084f3be2261da79f.jpg","fqdn":"img1.souavzy.org","domain":"souavzy.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.548Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251101-1/4898259b861b7f0d084f3be2261da79f.jpg HTTP/1.1\r\nHost: img1.souavzy.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"txdy.hznunxc.com/960x120.gif","fqdn":"txdy.hznunxc.com","domain":"hznunxc.com","tld":"com"},"ip":{"addr":"157.185.128.120","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"txdy.hznunxc.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 11 Feb 2026 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:1B:5C:BB:4A:86:94:97:1F:FD:C6:4E:1E:49:73:4B:A8:80:1F:A7","sha256":"AF:92:C9:25:B6:70:75:C0:04:EC:5E:04:B8:5F:6F:C1:11:04:3A:C3:D6:3E:61:46:65:D5:81:E5:D9:BE:03:37"}}},"request":{"raw":"GET /960x120.gif HTTP/1.1\r\nHost: txdy.hznunxc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:54 GMT\r\ncontent-type: image/gif\r\ncontent-length: 119760\r\nexpires: Sat, 14 Mar 2026 12:28:02 GMT\r\nserver: nginx\r\nlast-modified: Mon, 29 Dec 2025 06:33:05 GMT\r\nvary: Accept-Encoding\r\netag: \"695220a1-1d3d0\"\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvia: 1.1 PS-ORD-04i3e151:8 (W), 1.1 PS-FRA-01uMN61:10 (W), 0.0 PS-CDG-04gzn111:17 (W)\r\nage: 2001232\r\nx-px: ht PS-CDG-04gzn111none\r\nx-ws-request-id: 69ac50a2_PS-CDG-04gzn111_41491-36223\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119760,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"149b6d51518d57a39011a6971132ffa2","sha1":"529eeaead1047e4eddd186cfad5015aa987c4e14","sha256":"72c2db6b6259e584134783af7112131d031638bd29be489d53f58d7db2a8b7fb","sha512":"2e2e211b2e27bb10b1deed4cb4460866eeaff5ae5bcac6a550d7906225add955ad68ae8efdf5133d8fb7783a29d00cb72d170af8305c4fd510b5e3ea5a0a155f","ssdeep":"3072:l/GDzsUvQAUdTbhVQ3VFYDAoY/JJM6jqYm433v1:u4UI3TbKVcYDMFQ339","tlshash":"36c3123b424b4782376d70b07bf1e6058186800eae7a3597a562ca870fb1e7585ddc93","first_seen":"2025-12-29T08:49:02.459481Z","last_seen":"2026-04-04T15:25:57.273623Z","times_seen":4445,"resource_available":false,"data":null}},"time_used":1741,"timings":{"blocked":-1,"dns":669,"connect":27,"send":0,"wait":29,"receive":34,"ssl":982},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/headFootCommon.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/headFootCommon.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 23810\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23810,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"de8bb16af7cd2ae955cc60493bf51b40","sha1":"cfe628a5c120a4248fc1ce5eca068c7fdb5e7841","sha256":"476746ff3b7720f53c1d9266b38cc3f82a91684a8a45cf163fb53fe032e0c6b7","sha512":"c08dc2f179d7c60c89ca12617490c9623647dd78c8e6119d98deb8c2612d7dcc4249b65d024e63cef5a88244e8d6f40c1149ca51c2213b2e49d9817511c6d7c4","ssdeep":"384:3MbJo6Py2kOeEIb4Eb568XUOFvnVuJbmGZS/EllU6j21Rka16iwo+a6cC70BMVBV:8bJo6tkOeEIbNb568X3FvnVuJbmGZS/a","tlshash":"6ab26526d21012097037e774ebb2a755fe660073930302b97feda608dfba54856b2fd9","first_seen":"2025-08-25T06:56:27.772937Z","last_seen":"2026-04-04T04:00:03.870895Z","times_seen":276,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com/storage/assets/img_960f3a1202.gif","fqdn":"fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com","domain":"zhuanshutupian458.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.555Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /storage/assets/img_960f3a1202.gif HTTP/1.1\r\nHost: fdhdfgfghfdgdhfgdghfdgfg.zhuanshutupian458.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1776,"timings":{"blocked":-1,"dns":1776,"connect":479,"send":0,"wait":0,"receive":0,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20260103-1/2c86c4c5aef3579ad4618bf412f4d258.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260103-1/2c86c4c5aef3579ad4618bf412f4d258.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 193725\r\nlast-modified: Sat, 03 Jan 2026 02:31:07 GMT\r\nvary: Accept-Encoding\r\netag: \"69587f6b-2f4bd\"\r\nexpires: Sat, 28 Mar 2026 17:55:50 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 771961\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":193725,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 854x480, components 3","md5":"286ea764cee1eb33093f6fa262bcd078","sha1":"b35969efb1099e34753177ae2e8db609095c4096","sha256":"6161e78bc6a7eab52a3c06d3b0f15a667c67c418d4091722762b51a344c2aad6","sha512":"d3fe4e700906a8fcdf6b6f9470942722ccce2099844b15aa304e6f80406e52fc79c5648fb1aeac6c858e83c5e5e075246a96559fb3c285ae2951772ca2b556f2","ssdeep":"3072:4E+6vEcp0lr7+W0y+BLrxaJPxLB78qvSbezFuBfQoWrO:+67CB7+WivgpBQezFuBflWS","tlshash":"7f1413565958dd6fdcb176bee3a25039d348c5efd3b8c1008001af6bf036ed816785a9","first_seen":"2026-01-03T21:12:09.885299Z","last_seen":"2026-03-07T16:22:29.464107Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1788,"timings":{"blocked":-1,"dns":110,"connect":165,"send":0,"wait":546,"receive":571,"ssl":348},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20251219/fUGqQMpC/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20251219/fUGqQMpC/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 171166\r\nserver: cloudflare\r\nlast-modified: Sat, 20 Dec 2025 02:20:17 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"694607e1-29c9e\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tv9FP%2BWeml%2BBU0e4ooZdRFg3hYb%2FCelIum4ZbG3yW2af0jG5cP4kKjG7gdwqmuvRxfDUzlO%2Bz9bTuqNSSuVboG4y0taW5QbpkuyA%2F3iZvMeQ4A%3D%3D\"}]}\r\ncf-ray: 9d8aef7fcf2ca9d3-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":171166,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3","md5":"17c6063afc3cb66ce3cb811e80439aac","sha1":"fe230615077ff6d1322741ea6f8f70b8a1932d2f","sha256":"a5a50128ef0181de86fde553fb930a4c1fc096cae5ef65222b3f976092340d1d","sha512":"0339a1b9a443d394d8841d77ad43eb8755b255c56744c183aa3a09da8d501299ffb515ea987c883bd1187a64b8192bd66dce9a559ca95172ebc81aafd9f379e0","ssdeep":"3072:GZp8Vl5MPXKxkQMESZ45X0uUSGnGn5T9jfB5cUAQ/VX7MQEtdBV1PtK/npiQLBFH:7VlW4BlWvdGnNdvtj/VrSZtK/npf7OZI","tlshash":"54f31276c7d5cb3eee7432f15942806be252a6324c67558c04176aacd39338ba3cc6bd","first_seen":"2025-12-23T05:58:38.888739Z","last_seen":"2026-03-15T22:33:20.483862Z","times_seen":5,"resource_available":false,"data":null}},"time_used":785,"timings":{"blocked":-1,"dns":84,"connect":9,"send":0,"wait":488,"receive":21,"ssl":144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fourhoi.com/piyo-224/cover-n.jpg","fqdn":"fourhoi.com","domain":"fourhoi.com","tld":"com"},"ip":{"addr":"172.66.169.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fourhoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 23:39:25 GMT","end":"Thu, 28 May 2026 00:39:22 GMT"},"fingerprint":{"sha1":"7E:95:F9:B8:83:9B:28:3D:EC:20:85:2F:A2:9D:71:10:39:46:3E:06","sha256":"BF:01:28:6B:9D:E6:01:AD:41:5C:2F:24:37:2A:65:78:64:E5:3D:5D:91:9C:96:9B:23:EF:12:62:D6:E5:C1:DD"}}},"request":{"raw":"GET /piyo-224/cover-n.jpg HTTP/1.1\r\nHost: fourhoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:50 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 131345\r\nserver: cloudflare\r\nvary: accept-encoding\r\nx-oss-request-id: 69826436CDAAFE3138648F2A\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\netag: \"0EC92EA754B12B3EBA7180E118FCD9A7\"\r\nlast-modified: Sun, 16 Nov 2025 07:35:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5613329074458912837\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\ncontent-md5: Dskup1SxKz66cYDhGPzZpw==\r\nx-oss-server-time: 34\r\nvia: ens-cache16.l2de4[0,0,200-0,H], ens-cache4.l2de4[0,0], ens-cache19.se3[0,0,200-0,H], ens-cache22.se3[2,0]\r\nage: 101319\r\nali-swift-global-savetime: 1770153014\r\nx-cache: HIT TCP_HIT dirn:11:884019034\r\nx-swift-savetime: Mon, 09 Feb 2026 20:28:45 GMT\r\nx-swift-cachetime: 92796089\r\ntiming-allow-origin: *\r\neagleid: 9b66d7aa17727991914236966e\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-bgj: imgq:100,h2pri\r\npriority: u=1;i=?0,cf-chb=(262;u=3;i=?0 9530;u=5;i=?0 76523;u=6;i=?0)\r\ncf-polished: webp_bigger\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\ncf-ray: 9d8aef80bfc2349b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":131345,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x536, components 3","md5":"2e383cbc78df56215117f16e2e9acfe7","sha1":"3126688084a397d5f902c6a8a3adb65104ba8d76","sha256":"1f6417985feb3123e4eb5ed35b001dfca90b9b56969f037c61514fb3a809cd03","sha512":"56c8e7ebffe91e1e4386999da21a38572e8aed7c8c9fbf61f6a0bcb51014ed9b0931dc3638b45f013e20d9a084b419fd82e1070997c1dc3ed6a07d03f3182e33","ssdeep":"3072:KgJfW7EP0ZQws5mjYqqU34yWHu2hZbiy/5x09D1UsFtBEuCGQsXRXo:DBWrar5fqOjHu2btxx0F7EGQa2","tlshash":"ded31213eeea2e03aa320098d16153e153d5b986fd05fd7d10d53a2b5daae5f40fca83","first_seen":"2025-11-19T03:46:19.125964Z","last_seen":"2026-03-07T16:22:29.46942Z","times_seen":6,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":-1,"dns":195,"connect":33,"send":0,"wait":20,"receive":55,"ssl":108},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.mdynieu.com/images/69146317ec12e29e413cb55f.gif","fqdn":"www.mdynieu.com","domain":"mdynieu.com","tld":"com"},"ip":{"addr":"161.129.35.190","port":443,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mdynieu.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 12 Dec 2025 00:00:00 GMT","end":"Thu, 12 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A0:E7:35:D4:DC:48:E4:5E:1B:FF:4B:B6:D3:6D:0D:58:B1:F6:27:29","sha256":"D2:17:69:66:D0:31:B0:DE:3F:24:F3:24:DB:38:FC:40:63:C5:36:DC:5B:B0:8F:60:02:55:7A:68:1D:EA:44:7C"}}},"request":{"raw":"GET /images/69146317ec12e29e413cb55f.gif HTTP/1.1\r\nHost: www.mdynieu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-length: 0\r\nreferrer-policy: no-referrer\r\ncache-control: max-age=600\r\nlocation: https://img.meituan.net/portalweb/27a1e3a72fece63c3ff55f2c96c993a5588276.gif\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":406836,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2134,"timings":{"blocked":66,"dns":1198,"connect":254,"send":0,"wait":254,"receive":6,"ssl":356},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d18wfmxtvthwf6.cloudfront.net/pg/980x120.gif","fqdn":"d18wfmxtvthwf6.cloudfront.net","domain":"d18wfmxtvthwf6.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.4","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:57.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /pg/980x120.gif HTTP/1.1\r\nHost: d18wfmxtvthwf6.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 340665\r\nlast-modified: Wed, 14 May 2025 14:12:32 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Fri, 06 Mar 2026 01:27:11 GMT\r\netag: \"b4c14c37321b858948f5616dbb436738\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: veWiq3bA-FGqRPupJlDM-DWSK-TuoIi8vyEN3-9ofU_Dwxb_W1oqEg==\r\nage: 140087\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":340665,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 120","md5":"b4c14c37321b858948f5616dbb436738","sha1":"e98847771ba3752949935dc11f4c7d4d8c14c787","sha256":"f5c79e791b436ecf1ad188dbe87ad4b35d3b9956bcf766600fb134f2a014131f","sha512":"a197f0fbc291afe3bcae5d35d05a23269e80fb7828215f41244c6136b63656c239fe6d24b4e2d6dc1ba713f06c7dfea763904a794043aba806c273f3311dc6e4","ssdeep":"6144:gFli6a0djJW4zenv4zenEO1LDyD3/wGR/Yi/wGR/Yi/wGRz3VkvJ6KI7KqmQIkX5:5p+3SSSJiD3/Z/Z/HMJ1IbI1I1kU1","tlshash":"4a741314e221ad80fe3a923b49f1c8f1a53d56f498afa9770661e7d4c6f44d0bf448e2","first_seen":"2026-02-01T06:13:19.223962Z","last_seen":"2026-03-15T12:50:18.76148Z","times_seen":1922,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":28,"dns":75,"connect":0,"send":0,"wait":6,"receive":9,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavzy.info/upload/vod/20250622-1/5a50c8644d888716c72e7da5907a2638.png","fqdn":"img1.souavzy.info","domain":"souavzy.info","tld":"info"},"ip":{"addr":"104.21.12.156","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"souavzy.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 01:03:28 GMT","end":"Sat, 25 Apr 2026 02:02:04 GMT"},"fingerprint":{"sha1":"B5:4D:EA:D3:4F:97:AA:F3:CD:32:47:A3:B0:04:E7:76:2D:95:1B:71","sha256":"DE:1A:A9:94:5F:14:35:2F:84:62:B6:B8:72:6E:3D:74:FE:FC:43:1B:38:14:47:B3:E4:56:5F:90:95:E5:C3:56"}}},"request":{"raw":"GET /upload/vod/20250622-1/5a50c8644d888716c72e7da5907a2638.png HTTP/1.1\r\nHost: img1.souavzy.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Abosb6ssndPmbpnZHm5noe7UqJBtSDcRsXoSC%2FeT6s6z3n6lfrPO1pN7dCMEEdNswSEdkm%2ByNQ%2FuauQUe8Lu%2BxYgNGyOPvnQ0sDucg%2B8olky\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d8aef80b8240d2b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":258,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavimg.com/upload/vod/20251128-1/79792b4ef691da23202ad847bf886dc6.jpg","fqdn":"img1.souavimg.com","domain":"souavimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:51.924Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251128-1/79792b4ef691da23202ad847bf886dc6.jpg HTTP/1.1\r\nHost: img1.souavimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/4183327079/O1CN018KuqHz22AEs9TacwK_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/4183327079/O1CN018KuqHz22AEs9TacwK_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 403606\r\ndate: Fri, 13 Feb 2026 05:15:30 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 2ff602a017709597307166529e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de4[0,0,200-0,H], ens-cache16.l2de4[1,0], ens-cache16.se3[0,0,200-0,H], ens-cache20.se3[2,0]\r\naccess-control-allow-origin: *\r\nage: 1940783\r\nali-swift-global-savetime: 1770959730\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 13 Feb 2026 05:18:23 GMT\r\nx-swift-cachetime: 31535827\r\nback_uri: /imgextra/i1/4183327079/O1CN018KuqHz22AEs9TacwK_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005134875433e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":403606,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d0bbd6e83f13d75dfd204a1757309ff3","sha1":"e038ef39d13d339f32a585f16bb2c65ba607093e","sha256":"9a3c716b0b97716ba8136b243a3468b50aa62cc130b43e213a54a5ba7ec584db","sha512":"43143383b5711607d3ae0f52732f519740355a23c0c4d2675828f1d6833b94e9be3f08b3fea365f4d2d38310a887306992a9ff7318f7e50128cfcc47052c9fb0","ssdeep":"6144:z+H10Njx+v7YjWPE8zi+PEoTXoSzqoSNEyzNaJG97ztF8M7zMM9e3ZXKGLSgLnZt:zo6VxLzZoTdVygU9Xz8MXe64z9t","tlshash":"c584235252134f3e81aa071ed92e5c883c6ad886d612eb23977fc875b7019dd9234eb3","first_seen":"2026-02-13T06:47:10.3791Z","last_seen":"2026-04-04T15:25:57.512951Z","times_seen":2181,"resource_available":false,"data":null}},"time_used":1173,"timings":{"blocked":-1,"dns":1064,"connect":8,"send":0,"wait":48,"receive":12,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/ky61-960x120.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"36.151.194.102","port":443,"asn":56046,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /ky61-960x120.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 16:21:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44406,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1096,"timings":{"blocked":-1,"dns":350,"connect":214,"send":0,"wait":218,"receive":0,"ssl":310},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN015le7R022AEsJ5jGju_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN015le7R022AEsJ5jGju_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 442163\r\ndate: Tue, 03 Mar 2026 08:23:21 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 2ff6309f17725262013815622e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache1.l2de4[0,0,200-0,H], ens-cache27.l2de4[1,0], ens-cache16.se3[0,0,200-0,H], ens-cache20.se3[1,0]\r\naccess-control-allow-origin: *\r\nage: 374312\r\nali-swift-global-savetime: 1772526201\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 03 Mar 2026 08:36:44 GMT\r\nx-swift-cachetime: 31535197\r\nback_uri: /imgextra/i4/4183327079/O1CN015le7R022AEsJ5jGju_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 1\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005135015443e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":442163,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"a959dff57b5058e20b52d9eee9856451","sha1":"f429b441579c13a080de49602a836dc091809ed6","sha256":"b55482457dcd5b1a75ccd8af9902c9d9ccf11451e79300f43b4bef9a94260474","sha512":"cb38c08e2b12d580f0a3425f51b2d1af7914d8914881fd188915ad897d7d150000c7c807edf0ee7c4e003333ae6491a1693f369c2932d220549d896a00154db5","ssdeep":"12288:MbOF/O5B0GXiLvxLv9Qu2R3J0rKuDmQvmQP8AtpW6:sb0xdQJ0zdv4sW6","tlshash":"6c9423bb6dfb9054a8130fa829e7061ccb80de8446ec2a79a9571ff7189872cbd1c855","first_seen":"2026-03-07T00:44:39.681251Z","last_seen":"2026-04-04T15:25:57.392955Z","times_seen":1787,"resource_available":false,"data":null}},"time_used":1082,"timings":{"blocked":-1,"dns":952,"connect":12,"send":0,"wait":54,"receive":14,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sex8sex811.com/20250625/FejYBUI5/1.jpg","fqdn":"sex8sex811.com","domain":"sex8sex811.com","tld":"com"},"ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex811.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 22 Jun 2025 13:10:45 GMT","end":"Mon, 22 Jun 2026 13:10:44 GMT"},"fingerprint":{"sha1":"C9:53:EE:A5:BF:D8:DA:43:BD:4D:33:2D:23:50:62:EE:70:A0:CD:A5","sha256":"0D:37:98:9E:87:92:F0:5C:60:79:C3:46:29:6A:A3:16:B6:D0:7B:AD:75:40:95:A3:1E:67:B0:45:0C:F2:BC:15"}}},"request":{"raw":"GET /20250625/FejYBUI5/1.jpg HTTP/1.1\r\nHost: sex8sex811.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 404\r\ndate: Sat, 07 Mar 2026 16:22:50 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2739,"timings":{"blocked":401,"dns":9,"connect":165,"send":0,"wait":1163,"receive":0,"ssl":995},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:53.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 221348\r\ndate: Mon, 22 Dec 2025 06:11:39 GMT\r\nlast-modified: Thu, 13 Nov 2025 09:36:51 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.046\r\ntraceid: a3b5329d17663838996584187e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache14.l2de4[0,17,200-0,H], ens-cache7.l2de4[20,0], ens-cache12.se3[0,0,200-0,H], ens-cache20.se3[4,0]\r\naccess-control-allow-origin: *\r\nage: 6516614\r\nali-swift-global-savetime: 1766383899\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 18 Jan 2026 05:44:22 GMT\r\nx-swift-cachetime: 29204837\r\nback_uri: /imgextra/i1/2207246784654/O1CN016SCogX1kFaOO1vIZt_!!2207246784654.gif_.avif\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005138505607e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":221348,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 60","md5":"91a4c6f090426e12424905e992711b10","sha1":"a2cb6864351065d53d1c4c502877adfd11103e4a","sha256":"88584290d770ecec2239e81884a8bf52306a473d03aafbdb9a359555e3b9c439","sha512":"ce208676f2178d6a9c8498f495422167058647fabfe812391f392ada0df7088434bd33a8a718c4d24a53c7b9c77af94d83faf3815f6364c76d203f97fe9cdb36","ssdeep":"6144:k/sj3j3iWwPIu/wQFxkt8gRZI1ZpLugfoi:k/sjz3iVIgwUgRS7VffX","tlshash":"6124137ee1c01f226e0522e9a7b8bf1b05b55487ed84a47729bdf9d6c7482b3e7601c0","first_seen":"2025-10-14T12:40:30.101425Z","last_seen":"2026-04-04T15:25:57.275219Z","times_seen":8636,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:53.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 71518\r\ndate: Sun, 04 Jan 2026 07:16:14 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5839717675109745792448e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache26.l2de4[0,8,200-0,H], ens-cache8.l2de4[10,0], ens-cache24.se3[0,0,200-0,H], ens-cache20.se3[2,0]\r\naccess-control-allow-origin: *\r\nage: 5389539\r\nali-swift-global-savetime: 1767510974\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 18 Jan 2026 05:44:22 GMT\r\nx-swift-cachetime: 30331912\r\nback_uri: /imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005138555609e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":71518,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"77124bec289e16c03715536db0a93a69","sha1":"5de89ae0a04b1f38fad10253e63173c0b686ad35","sha256":"a3485681d348a07947e41b4b1f4ae28733254265db0fd08ac9db716c3733c769","sha512":"5690c31f2995495454b1e9f46b74b696c0418985c5d49d8ab68975b731876e461df8cd05bb027cf3d871191a500bd273b649d037e9e1719c890784e368206c54","ssdeep":"1536:E8dgdKUYKUsoK6sIET9wjMr/JF+aPbqiuYZtJvfDD:E+zUvwhEBwjM7+YyYZtJvfDD","tlshash":"8e630233a165d51fd223253ca591909dba377fe1cd6671f9f6c7cf478a08083c9aa828","first_seen":"2026-01-04T07:53:55.650353Z","last_seen":"2026-04-04T15:25:57.279824Z","times_seen":4021,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpgjingpinx1.top/upload/vod/20250706-1/4234ccc1843f71273515488c2a1a8a21.jpg","fqdn":"jpgjingpinx1.top","domain":"jpgjingpinx1.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.485Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20250706-1/4234ccc1843f71273515488c2a1a8a21.jpg HTTP/1.1\r\nHost: jpgjingpinx1.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":132,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"da.da15525716.com/20251105/6uhS5I8u/1.jpg","fqdn":"da.da15525716.com","domain":"da15525716.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:51.932Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /20251105/6uhS5I8u/1.jpg HTTP/1.1\r\nHost: da.da15525716.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"da.da15525716.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"la.lashayu.com/upload/vod/20251027-1/f4d3cce04f8a0b3ea5099f7e1cfcb1ac.jpg","fqdn":"la.lashayu.com","domain":"lashayu.com","tld":"com"},"ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"la.lashayu.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 15:25:31 GMT","end":"Thu, 14 May 2026 15:25:30 GMT"},"fingerprint":{"sha1":"12:7F:43:CD:93:DA:C7:A7:30:0E:6C:68:FE:76:BE:A7:3A:FA:2E:70","sha256":"38:45:87:B6:6F:92:7D:F1:17:B4:75:66:B9:26:63:9C:76:3F:DB:CE:27:66:3E:C2:8D:5F:08:BE:F4:CA:99:4D"}}},"request":{"raw":"GET /upload/vod/20251027-1/f4d3cce04f8a0b3ea5099f7e1cfcb1ac.jpg HTTP/1.1\r\nHost: la.lashayu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Sat, 07 Mar 2026 16:21:50 GMT\r\netag: \"5ccd7441-3\"\r\nserver: nginx\r\nx-cache: BYPASS, Status: 404\r\ncontent-length: 3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/4183327079/O1CN011SH9va22AErRbNeqF_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/4183327079/O1CN011SH9va22AErRbNeqF_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 218186\r\ndate: Tue, 10 Feb 2026 08:16:14 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.094\r\ntraceid: a3b5019d17707113743023013e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache19.l2de4[0,0,200-0,H], ens-cache2.l2de4[0,0], ens-cache22.se3[0,0,200-0,H], ens-cache20.se3[4,0]\r\naccess-control-allow-origin: *\r\nage: 2189139\r\nali-swift-global-savetime: 1770711374\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 10 Feb 2026 08:33:40 GMT\r\nx-swift-cachetime: 31534954\r\nback_uri: /imgextra/i4/4183327079/O1CN011SH9va22AErRbNeqF_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 4\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005134955437e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":218186,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"c746674e75d4ad03a61fdb261ee49376","sha1":"8cf71520c90c49746b49b3d4172bec815f88ee9c","sha256":"d6c1f96b8762b8f0d419fae7639ee8e519f2c0714d3a765288cd08bc58d4424f","sha512":"03a5ca97a917978cfb706777139f3cc069c6c8e06b09872c9783baa4aee2a701bc49ded5b8713748d6a90ff3f79ab0dd6aaf497e6863f44abe03e32cac5721fd","ssdeep":"3072:n9qyzDgNNsg1X0jksIxGcivXXfG2Qk6hBKofVLHhLHd6DlzLgkHEXLZ0EUHQ5JC+:nkQkTkwsmivXMk6hE8VT6z9EMHQPH7","tlshash":"dd2413479e0f1c4665c41b1ab473a3b71b32cb9cfa83506e43667e7b81a84b97207937","first_seen":"2026-02-10T10:56:09.229979Z","last_seen":"2026-04-04T15:25:57.38549Z","times_seen":2204,"resource_available":false,"data":null}},"time_used":1120,"timings":{"blocked":-1,"dns":1004,"connect":7,"send":0,"wait":53,"receive":7,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fsffbhd.4000522777.xn--fiqs8s/9acf3f15aa2f10616fcec1e9f8124088.gif?_t=1766049818","fqdn":"fsffbhd.4000522777.xn--fiqs8s","domain":"fsffbhd.4000522777.xn--fiqs8s","tld":""},"ip":{"addr":"172.67.73.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:54.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4000522777.xn--fiqs8s","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 07:30:32 GMT","end":"Sat, 09 May 2026 07:30:31 GMT"},"fingerprint":{"sha1":"FF:0F:4B:0B:66:7A:99:CF:94:C0:49:3D:85:E5:C9:86:98:B7:37:5A","sha256":"43:BD:60:69:CF:8C:1A:A9:8F:2A:45:8B:67:9B:D8:CE:5E:AD:46:40:6D:E0:09:85:5F:16:F0:2D:FD:A5:D2:8E"}}},"request":{"raw":"GET /9acf3f15aa2f10616fcec1e9f8124088.gif?_t=1766049818 HTTP/1.1\r\nHost: fsffbhd.4000522777.xn--fiqs8s\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 596432\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FUceeIKjiF4KjJR%2BDyL9O%2FOajsBA8MjqehrrX6PA00c6MYs2HSlUntfv3uF1tZbnLIBQoR8x0pm6q71eLolmTrZgQlGx7NyecdVqsd1i5Sc1mwMeNz5%2BMovhfQE%3D\"}]}\r\nlast-modified: Fri, 12 Dec 2025 13:55:30 GMT\r\netag: \"693c1ed2-b42e7\"\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1954;u=4;i=?0 77885;u=5;i=?0)\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-bgj: imgq:100,h2pri\r\ncf-polished: ok, orig_size=738023\r\nvary: accept, accept-encoding\r\nage: 4908\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\ncf-ray: 9d8aef980c4097c6-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":596432,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"70e27bd33ccc423d6ca629fe1a2694a3","sha1":"8f9b122d30952f553d18eb43f1a0d8fa43616f05","sha256":"2e4d5ced9b2775a2fcf90c86296064a475d629e3abfa9bc388d4c7e58a924b5a","sha512":"ccc4192c2f2d5bfdf26a698e8c1b065b607055b3c5cff1a3a3b5bbfa8cc0b1631d7d281bf5028d596a6ffd4f757b5f362015caa1b480563f58d7f8a32c3e79b4","ssdeep":"12288:o+1WCsh1cclbxyjPvVfdwCAqlH3JbHk55dJt9uMYpNlR:oush1cobxcGOHW5J5YT","tlshash":"32c42345e8fe2db59265a33cacf61a129dd700e96cd520591c9aff633ce0a4705ecf48","first_seen":"2026-02-12T00:35:26.594188Z","last_seen":"2026-04-04T15:25:57.357303Z","times_seen":2172,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/img/topList.png","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/img/topList.png HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/png\r\ncontent-length: 182\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":182,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 18, 8-bit/color RGBA, non-interlaced","md5":"f8980a5aca0b14f06231b25cb42d7e3c","sha1":"bf33108269a768c145c890401e50d051adc52237","sha256":"8e45419a1fe53f5c7fd1972dd808a6e376100f7f6f2b1d9b5b3f4a3ef1bb6c1f","sha512":"46cfbe64c08d56176168b1100505f2bf36df18dc441d8f72d9fb2f1cfc1eefe1ed2119fa4676a5d2df996a8dcc4c65029e1af5ffc62e626d119c01c7bea3d60d","ssdeep":"","tlshash":"5fc022c2afcd646c949e927351222552d87200eb1010501a7a28c06c84b8e8088e8a02","first_seen":"2023-05-10T14:39:56Z","last_seen":"2026-04-04T04:00:03.799491Z","times_seen":287,"resource_available":false,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260204-1/23146a34ab1f0dc3b2c797f043141772.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.204.25","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260204-1/23146a34ab1f0dc3b2c797f043141772.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:50 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74214\r\nlast-modified: Wed, 04 Feb 2026 01:52:58 GMT\r\nvary: Accept-Encoding\r\netag: \"6982a67a-121e6\"\r\nexpires: Sat, 28 Mar 2026 17:40:27 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772883\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74214,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 718x404, components 3","md5":"aafc989e81a4e02a9176a58b058d8102","sha1":"55564daa1fc54d8b1190b1e10ba093bb0c98c51a","sha256":"25897476ca598268c87d8911347ab8ea3c209d9bebb80a8474e2761d40a28009","sha512":"d50dc6bafcf087583977b8a7693c054f2f493af9bb217ec28b4f6a53f77862c74f7919f2511487eb4c40380b899b9f14c71d8e397a29f3f13782a5ad45591d32","ssdeep":"1536:zi4AtjeO96G+6q3FTmhoZKTS8cECEH9tqgEapL5qUvSJhPpM01:sc6+FTmh0KTxCEdtqfapL8ouhPpM01","tlshash":"d773f1a5dd32b3a3ed370afbc6dda0985a25446df50ca2e6ed97dd0c9b440ae012cd1c","first_seen":"2026-03-07T16:22:29.481802Z","last_seen":"2026-03-07T16:22:29.481802Z","times_seen":1,"resource_available":false,"data":null}},"time_used":964,"timings":{"blocked":-1,"dns":34,"connect":151,"send":0,"wait":279,"receive":208,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavimg.com/upload/vod/20251212-1/c9a3f710a3dcbd234de752a87eef9c74.jpg","fqdn":"img1.souavimg.com","domain":"souavimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.499Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251212-1/c9a3f710a3dcbd234de752a87eef9c74.jpg HTTP/1.1\r\nHost: img1.souavimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg1.com:3519/upload/vod/20251116-1/1518aa2abe57ae2d6820c5e5592ad250.jpg","fqdn":"sbzytpimg1.com","domain":"sbzytpimg1.com","tld":"com"},"ip":{"addr":"23.140.204.25","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251116-1/1518aa2abe57ae2d6820c5e5592ad250.jpg HTTP/1.1\r\nHost: sbzytpimg1.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 95998\r\nlast-modified: Sun, 16 Nov 2025 04:07:50 GMT\r\nvary: Accept-Encoding\r\netag: \"69194e16-176fe\"\r\nexpires: Sat, 28 Mar 2026 18:12:30 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 770961\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95998,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1600x900, components 3","md5":"a20282678a40137d7f5b5e09c30ec533","sha1":"1f37978d5ab8fffb459bdff1763b05816e83772f","sha256":"01630a31296d4115f114c5b746c7b77def3480dcc565d8b09dc6ff8f7f57c627","sha512":"6ff287edb412e0ab9720d39355d95eec0d0b987723496b2739e11eaa798f8d4f36eafbcff19817a561d00963cbf84944aad866fba3c6fb6b4807e7a433920acf","ssdeep":"1536:bbEjfE/G8mBQLA4z6z9vfE+SkNyoVqNRzVrLe5h5QlSWUTeLErLYkrskozN:Cf5VvfE+SkNy/DVrLe5h5QlSWOc5LN","tlshash":"b293028be61b865dac499d0daf0f232378500f1d9cb8dd25461b8ddabbb27097d0903d","first_seen":"2025-05-17T06:18:39.357337Z","last_seen":"2026-03-07T16:22:29.483828Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1314,"timings":{"blocked":-1,"dns":219,"connect":155,"send":0,"wait":241,"receive":60,"ssl":628},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/jjvment-18.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/jjvment-18.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 3879\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3879,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7deae08a4c0c888f5ea5773cf31b8601","sha1":"210dd60ee34380e594f80b2ad021442dfa9a0d2a","sha256":"002af7c626f8966ce3937a3c55ca434d7937cc7fb7796720665a6b72ad89d22c","sha512":"433139e94553458083e8dd265ad3d103bf03038b1d6b1f774046bcca14309e7bc5a11215a40c5d8adca0f4d0631fe1655574b7cf652961b354101f8eb1489c0d","ssdeep":"","tlshash":"dc8133111b299a44c72ed1d62ebcab593b2e00d32f5b9d0f7da978989b8e24404f3dc5","first_seen":"2024-08-20T12:47:30.192681Z","last_seen":"2026-04-04T04:00:03.867181Z","times_seen":277,"resource_available":false,"data":null}},"time_used":452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":452,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fqjpg5.top/upload/vod/20251115-1/c4233be7bf6a01ee5f3ce660ed04ad21.jpg","fqdn":"fqjpg5.top","domain":"fqjpg5.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.528Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251115-1/c4233be7bf6a01ee5f3ce660ed04ad21.jpg HTTP/1.1\r\nHost: fqjpg5.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":292,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavimg.com/upload/vod/20251212-1/c9a3f710a3dcbd234de752a87eef9c74.jpg","fqdn":"img1.souavimg.com","domain":"souavimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:51.922Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251212-1/c9a3f710a3dcbd234de752a87eef9c74.jpg HTTP/1.1\r\nHost: img1.souavimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavimg.com/upload/vod/20251122-1/7949e37d716b768767757d2123ff5a9b.jpg","fqdn":"img1.souavimg.com","domain":"souavimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:51.927Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251122-1/7949e37d716b768767757d2123ff5a9b.jpg HTTP/1.1\r\nHost: img1.souavimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/img/search.png","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/img/search.png HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/png\r\ncontent-length: 478\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":478,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced","md5":"6d158647ec071876d4f1cb9ec8a249db","sha1":"4dcaa364a5b0be0a2e7d09e912e9bd4cd465f47c","sha256":"4895e534cd20a3373ada20983e3d63519e0156f110567b2b8aa6218571ecb261","sha512":"9abf22fb078e94371c820359b96715d85dc1d99fb5ec5a1b989ed72cf5b2aa7cd932203f3be3c83e397fcf6ffec7884acd29ae2a89e93eba3d12679a7ab0c8eb","ssdeep":"","tlshash":"18f054d3ca0039486fa254202372f104a6b288ff9700081765e26b35c782c5888cb292","first_seen":"2023-05-10T14:39:56Z","last_seen":"2026-04-04T04:00:03.821787Z","times_seen":288,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":626,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251220-1/6e88a9a1720b530c0a5cca24042c4d24.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251220-1/6e88a9a1720b530c0a5cca24042c4d24.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 761922\r\nlast-modified: Sat, 20 Dec 2025 04:23:14 GMT\r\nvary: Accept-Encoding\r\netag: \"694624b2-ba042\"\r\nexpires: Sat, 28 Mar 2026 17:46:01 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772550\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":761922,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 883 x 490, 8-bit/color RGBA, non-interlaced","md5":"d059dafe8a55e3cfd001da4d0b86ea92","sha1":"f95b3bf39210f2ec59ad763bde5dbed9ed27d6a0","sha256":"4946cbf20aaf2f8164799a8cebe669b383d49fd2b045d7fe2cef50085316aa9b","sha512":"5e2b52a6b8a4db71cf868698d17582b3f58e49e6199d0043c1011d4a660966264fb9fd52334af0e36bd3ad7a840da3a695b1dc1eee4c32892d976261dbca8da7","ssdeep":"12288:/Du/itp6hL226LFagYkOgNjANAeO1nA1ZzcyVpMrju7:/Du/OG2RLJYkOgNkqeO1ALWju7","tlshash":"def423c681e2f90b9421bb5a79cc3b0d0239d776392d269f870e624f34977f4db641a2","first_seen":"2025-08-22T06:16:09.150341Z","last_seen":"2026-03-07T16:22:29.488973Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1878,"timings":{"blocked":-1,"dns":102,"connect":180,"send":0,"wait":524,"receive":670,"ssl":350},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1212.syhze.com/8888/xm/5088/120.gif","fqdn":"img1212.syhze.com","domain":"syhze.com","tld":"com"},"ip":{"addr":"205.198.65.15","port":443,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1212.syhze.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 05:10:16 GMT","end":"Thu, 21 May 2026 05:10:15 GMT"},"fingerprint":{"sha1":"0E:AF:BB:57:33:D9:8E:52:FC:E0:72:FB:99:E6:06:AE:75:3F:77:CD","sha256":"73:97:CE:47:3B:96:59:73:01:A9:E5:B5:E4:AA:29:99:2E:75:1A:0E:52:57:08:31:66:51:91:6E:D4:8A:EC:94"}}},"request":{"raw":"GET /8888/xm/5088/120.gif HTTP/1.1\r\nHost: img1212.syhze.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:53 GMT\r\ncontent-type: image/gif\r\ncontent-length: 443228\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 16 Sep 2024 13:02:03 GMT\r\netag: \"66e82c4b-6c35c\"\r\nexpires: Mon, 06 Apr 2026 05:15:21 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1728000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":443228,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"6dfeb48901b7cd79256ac55ca0e057ad","sha1":"7f5be548b85f2c58a5a75f89831a60372e1fd49e","sha256":"077c10e1c5dda6d69f6cdb1cd61bd9b88d46ab20a09a0d1cd575348b422a80f6","sha512":"eb336246e254747a2ba6cc9ce2a793aa4919f2dce04f7327f82f33fbf1b7177a0a828bb4fdb687af252189476332345f9ca15e7a1163b0c572194b8b27464c45","ssdeep":"12288:bITYwMITYwMITwzFWFbSimWFbSimWFFL851b251b251b251ba:sYwTYwTakQcQc/87272727a","tlshash":"bb9412d3e4ea2823c6a62244ca9df7d57f411156653ea3d79b6b3f100e52d22e0ced09","first_seen":"2025-11-21T00:36:15.409425Z","last_seen":"2026-04-04T15:25:57.338806Z","times_seen":8016,"resource_available":false,"data":null}},"time_used":2853,"timings":{"blocked":-1,"dns":456,"connect":265,"send":0,"wait":527,"receive":1336,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.meituan.net/portalweb/27a1e3a72fece63c3ff55f2c96c993a5588276.gif","fqdn":"img.meituan.net","domain":"meituan.net","tld":"net"},"ip":{"addr":"163.171.134.109","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:54.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meituan.net","organization":"北京三快科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 03 Jun 2025 10:52:10 GMT","end":"Sat, 27 Jun 2026 07:00:02 GMT"},"fingerprint":{"sha1":"0C:29:B8:8B:74:6A:6C:C5:4B:6B:8C:7E:F5:C5:E8:A7:B1:26:B8:CB","sha256":"40:B3:D3:3A:FB:0A:FF:94:27:86:35:5E:B7:62:00:AE:DE:30:88:34:15:60:5F:60:9F:C0:E2:9D:2E:BB:5C:83"}}},"request":{"raw":"GET /portalweb/27a1e3a72fece63c3ff55f2c96c993a5588276.gif HTTP/1.1\r\nHost: img.meituan.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 406836\r\nserver: openresty\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,OPTIONS,HEAD\r\naccess-control-allow-private-network: true\r\ncache-control: max-age=5184000\r\nm-traceid: stnbw2foodf7203m9zij\r\nlast-modified: Fri, 05 Dec 2025 07:15:26 +0000\r\ntiming-allow-origin: *\r\nx-via: 1.1 PS-HKG-04JZz35:6 (Cdn Cache Server V2.0), 0.0 PSrdsdgemSTO1sw92:0 (Cdn Cache Server V2.0)\r\nx-response-cache: edge_hit\r\nage: 1\r\nx-cache: HIT from cache.51cdn.com\r\nx-ws-request-id: 69ac50a3_PSrdsdgemSTO1sw92_10616-3774\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":406836,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"34578e43aadd0f0be311cfc623f3391e","sha1":"895f4361fbcd073db0535c831ba4424822b131a9","sha256":"b762e8d34521fe2e17fbbf032cc05edb46f8b217bbcf7bf030c6b98a50d66760","sha512":"a9cfe1c1e668f7de244195d0b606c8adeaad8f2a940629a72c1d552b6c238797219dc0e05fa423bec6fb3580686e402e4f352b2f1983b04e48b03642dc445cdd","ssdeep":"12288:v1HhfMhcKYspUXuT184HQIOO+EP/WvWG7/:dBfI/dwIIEWvWG7/","tlshash":"448423aadb664e34d5904c2fc1fb890fc4c476e9e3f716e69b36a9098bf7253448e040","first_seen":"2025-11-06T09:50:46.694344Z","last_seen":"2026-04-04T13:29:05.000019Z","times_seen":6868,"resource_available":false,"data":null}},"time_used":1190,"timings":{"blocked":0,"dns":987,"connect":21,"send":0,"wait":34,"receive":102,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dq38rjje7qjm3.cloudfront.net/xhtd/960x120.gif","fqdn":"dq38rjje7qjm3.cloudfront.net","domain":"dq38rjje7qjm3.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"18.239.47.58","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:57.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /xhtd/960x120.gif HTTP/1.1\r\nHost: dq38rjje7qjm3.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 93540\r\nlast-modified: Thu, 11 Dec 2025 03:48:41 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 04 Mar 2026 21:07:32 GMT\r\netag: \"d17c0265bd5c40f03ea3b38db614d5fa\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8428d3ca0a47cd247ba9c371c08ccb6a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: AMS58-P3\r\nx-amz-cf-id: U2oDBTPnFXYFnMsHNQIVpOBYjXiyUqgyPovwYl2NcEi3ajDvgtrMLg==\r\nage: 242098\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":93540,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d17c0265bd5c40f03ea3b38db614d5fa","sha1":"86fd316dbff0105c353ce4fee261d3ffd67c18ce","sha256":"2861568da5dcad2c4d42b984f1fe980881487c41b41994d0e0783f1b574139ce","sha512":"83f8917b4b01282169bb147584c08e1195907014562a3b78d46a8209e1b817f1c1e2a53a4b566919e19d83dddee3bdbfacd55627dc9fb32b1901c921daa9da93","ssdeep":"1536:J5GRXGxtd59jNNhrDeq3zzI6ipoYDnu9/QvY1Wuqk78ks4xycnTYf2JlavtaDpv8:nGRXGxtd597Rpz0tDnc6q1RY4Ecn0kja","tlshash":"289312b791ecd5c697826c8df5e304a056069606af7cfdd71584168690feeed2ac7300","first_seen":"2025-12-12T01:02:04.573696Z","last_seen":"2026-04-04T15:25:57.496857Z","times_seen":6332,"resource_available":false,"data":null}},"time_used":1782,"timings":{"blocked":50,"dns":1581,"connect":17,"send":0,"wait":17,"receive":76,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20260103/fM16CCNq/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20260103/fM16CCNq/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 247803\r\nserver: cloudflare\r\nlast-modified: Sun, 04 Jan 2026 01:21:16 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"6959c08c-3c7fb\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VY2SYxmNQOznCAZom6E4VjxrRhKydHuqADDoIUke9WCJVwU1ZFmue62WhTXK5H2gJqj0LzNUgV5qtao0A5W%2F7ArQjpfWPY07hxCcYbjoQY7gog%3D%3D\"}]}\r\ncf-ray: 9d8aef7fffbea9d3-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":247803,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=360, orientation=upper-left, width=640], baseline, precision 8, 640x360, components 3","md5":"ad53197b3fec275648846c437edc5f86","sha1":"38a819a11d8f2c6218b1851a76662f9bfa588963","sha256":"f2d22b6fc559b8c0bdda50c8fc99845be75e804834cc71735a09d23af6c91ec0","sha512":"40d96dcfeca895bcd7c636e694217e00605306c6a23355b09aaad6f58aa005500d73d7e01e689fd4d853151b09d81a94c59ea90f347852e43645e8354662b813","ssdeep":"6144:/FZvztvnIRu+Kr8K1xA2nkp/z2zRsfryoJXGIu7:/FZv5vnkKB1i2kpr2zRsD6Iu7","tlshash":"003423b3a7d098bfc6ab163349844ecf7613aa026405173e4ff8f9e4ed46e95b414e81","first_seen":"2026-02-06T09:34:02.980832Z","last_seen":"2026-03-07T16:22:29.493533Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1016,"timings":{"blocked":-1,"dns":92,"connect":10,"send":0,"wait":682,"receive":15,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xing.sex8sex833.com/20251031/HQAgUWB8/1.jpg","fqdn":"xing.sex8sex833.com","domain":"sex8sex833.com","tld":"com"},"ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xing.sex8sex833.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 26 Sep 2025 13:37:39 GMT","end":"Sat, 26 Sep 2026 13:37:38 GMT"},"fingerprint":{"sha1":"28:B4:22:5C:4D:3B:2D:75:D1:AA:11:BA:8B:68:D2:F4:0C:24:56:3C","sha256":"6F:10:DA:E6:82:FD:27:6D:3B:9D:3C:45:0E:7C:3D:E5:97:73:D9:BB:0B:4F:75:19:4F:20:88:F9:00:89:42:D6"}}},"request":{"raw":"GET /20251031/HQAgUWB8/1.jpg HTTP/1.1\r\nHost: xing.sex8sex833.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sat, 07 Mar 2026 16:22:50 GMT\r\nContent-Length: 404\r\nContent-Type: text/html; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2842,"timings":{"blocked":-1,"dns":306,"connect":178,"send":0,"wait":1158,"receive":0,"ssl":1185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fqjpg5.top/upload/vod/20251105-1/1f59dc8e9aa519e18a0aa917ba10b046.jpg","fqdn":"fqjpg5.top","domain":"fqjpg5.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.543Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251105-1/1f59dc8e9aa519e18a0aa917ba10b046.jpg HTTP/1.1\r\nHost: fqjpg5.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":275,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavzy.info/upload/vod/20250626-1/daa7d494653249d47815d6ddd75c1ea5.jpg","fqdn":"img1.souavzy.info","domain":"souavzy.info","tld":"info"},"ip":{"addr":"104.21.12.156","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"souavzy.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 01:03:28 GMT","end":"Sat, 25 Apr 2026 02:02:04 GMT"},"fingerprint":{"sha1":"B5:4D:EA:D3:4F:97:AA:F3:CD:32:47:A3:B0:04:E7:76:2D:95:1B:71","sha256":"DE:1A:A9:94:5F:14:35:2F:84:62:B6:B8:72:6E:3D:74:FE:FC:43:1B:38:14:47:B3:E4:56:5F:90:95:E5:C3:56"}}},"request":{"raw":"GET /upload/vod/20250626-1/daa7d494653249d47815d6ddd75c1ea5.jpg HTTP/1.1\r\nHost: img1.souavzy.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o%2FTbc2BtrAq6papP5Ns0bR4MXqo7yABzjpl7TDb5prBvH5nShQWytHdHSh8gAQRpWoIGBrozvtRsYnxBmwPFtzIQvHXkenCEV5HytB6xkmwM\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d8aef80e8910d2b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":786,"timings":{"blocked":318,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/4183327079/O1CN01Jh4YeU22AEs6UM5mZ_!!4183327079.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/4183327079/O1CN01Jh4YeU22AEs6UM5mZ_!!4183327079.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 300651\r\ndate: Fri, 06 Feb 2026 11:12:05 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b55ced17703763248572315e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de4[0,0,200-0,H], ens-cache36.l2de4[2,0], ens-cache19.se3[0,0,200-0,H], ens-cache20.se3[2,0]\r\naccess-control-allow-origin: *\r\nage: 2524188\r\nali-swift-global-savetime: 1770376325\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 06 Feb 2026 20:55:11 GMT\r\nx-swift-cachetime: 31501014\r\nback_uri: /imgextra/i3/4183327079/O1CN01Jh4YeU22AEs6UM5mZ_!!4183327079.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005135055446e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":300651,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"8a47d4e0340db7d8001c1c2c39716b93","sha1":"0fc8202a98d51793df1755c0bdb9ed54294a8519","sha256":"4a6044bb59cb58f446ba34163ea45c5079c9c1a556c3f2bc626440f638efaf30","sha512":"7277d622b154e4756836791b83a92294ece23d66f15b7450937a0525679433e4f90622b04e6a37bc2db1aa067060c3e07fa066fbfe0660ba3c926b54ff52cb2f","ssdeep":"6144:v1p2LgPnLX3nnLXnXw3esj1ls34FfhavVHf7lYJkxmWYQAYg:v1pXXbXXw3eGXH5M7yixDY6g","tlshash":"9f5423c4f7e76f3eaf9218f3296f34883669c81d91f4813a1e86b1eb16231591434d3a","first_seen":"2026-02-07T11:16:48.410559Z","last_seen":"2026-04-04T15:25:57.319273Z","times_seen":2205,"resource_available":false,"data":null}},"time_used":1136,"timings":{"blocked":-1,"dns":996,"connect":12,"send":0,"wait":64,"receive":9,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3ccefxs96519j.cloudfront.net/MGM/980x120.gif","fqdn":"d3ccefxs96519j.cloudfront.net","domain":"d3ccefxs96519j.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:57.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /MGM/980x120.gif HTTP/1.1\r\nHost: d3ccefxs96519j.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 95663\r\nlast-modified: Fri, 08 Aug 2025 06:03:40 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Fri, 06 Mar 2026 01:37:40 GMT\r\netag: \"5a8005b75112b36916f21318ae457043\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 652549e0dcae9775148cb207792b2a40.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: krOc2HQVsFnAaKTrePdUifHAHcd2T1DqCbMfBn0dZHExkFdKtbObhQ==\r\nage: 139458\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":95663,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 980 x 120","md5":"5a8005b75112b36916f21318ae457043","sha1":"180f1ab095baa331066bf1708261d848d55789bf","sha256":"21b3d38760be3d6aaa1088bd68000cf9a0bd24b91baa7e4a93647a97f4f07e7d","sha512":"64180ea90a0dfec12e275bf1f6b3674bfcb69393177e726cbd5c6b03bc091acb7ad77429f6154f96e6071db087131f467c507c1fd95224faac5660fa71635d45","ssdeep":"1536:E2YoK+ONw4XmLHmnjNZ3CTtyO+cL2g1nB+VFS0O6QXkHv288jVG187LWL:77zONw4XqGnB1CxyO+c6cB0O6S6v288s","tlshash":"6c931279b8e135395715549e88ea6b0229ec29a1dff8d5e0fd3ffbe012400fba084752","first_seen":"2025-11-17T16:26:00.337909Z","last_seen":"2026-04-04T15:25:57.321922Z","times_seen":6317,"resource_available":false,"data":null}},"time_used":1627,"timings":{"blocked":44,"dns":1526,"connect":9,"send":0,"wait":3,"receive":3,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251225-1/97f0f6cacfe232326c74d2b2f785a545.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251225-1/97f0f6cacfe232326c74d2b2f785a545.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 438530\r\nlast-modified: Thu, 25 Dec 2025 02:50:01 GMT\r\nvary: Accept-Encoding\r\netag: \"694ca659-6b102\"\r\nexpires: Sat, 28 Mar 2026 17:46:13 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772538\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":438530,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 748 x 414, 8-bit/color RGBA, non-interlaced","md5":"2888e47b558df41905bda74b109d5e1c","sha1":"c7c7f8d861e493ed38fe6ad7ad24e3e44040256e","sha256":"ba9f580cc05e9499232d83f72cfc46891e3c783d85f681d734ddf1f34d856029","sha512":"9670b60e049d01a0c304c1df5d734f775bcc23315d9b707db704dc07d16f93873eb46feae0db341b992aee60909e1d63b1a8b2ae77eec9d69fe66d33590591ed","ssdeep":"12288:pFNs3AUBJvnjcBRJALmO+it05/C7xpPZ1CZeB831Ade:pcxvn4BnALmO+w05C7xRTPKlEe","tlshash":"3d9423cfc94f79f20abbe1b5ba4c897c91117974ecd4d1943277a6480d20294b82eeb5","first_seen":"2025-12-27T15:15:27.589789Z","last_seen":"2026-03-07T16:22:29.49675Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1745,"timings":{"blocked":-1,"dns":104,"connect":164,"send":0,"wait":611,"receive":535,"ssl":306},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jkuntp.com/upload/vod/20250623-1/69c2accc1863936105dd62b7afe3fb3d.jpg","fqdn":"www.jkuntp.com","domain":"jkuntp.com","tld":"com"},"ip":{"addr":"64.112.76.43","port":443,"asn":6939,"as":"HURRICANE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jkuntp.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 16 Mar 2025 16:00:52 GMT","end":"Wed, 15 Apr 2026 16:00:51 GMT"},"fingerprint":{"sha1":"13:82:6E:FD:22:A6:75:AF:0E:AE:85:B2:6A:97:BC:28:30:41:41:12","sha256":"50:62:73:3B:FC:2E:0C:CA:14:8B:44:E2:B4:B5:5B:20:6C:AA:A6:E4:97:C1:05:C1:6A:A6:C0:5E:92:40:4F:5A"}}},"request":{"raw":"GET /upload/vod/20250623-1/69c2accc1863936105dd62b7afe3fb3d.jpg HTTP/1.1\r\nHost: www.jkuntp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 07 Mar 2026 16:21:52 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 61934\r\nConnection: keep-alive\r\nLast-Modified: Mon, 23 Jun 2025 03:33:43 GMT\r\nVary: Accept-Encoding\r\nETag: \"6858cb17-f1ee\"\r\nExpires: Fri, 20 Mar 2026 04:00:20 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: max-age=2592000, public, max-age=15768000\r\nCache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61934,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 429x428, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x337, components 3","md5":"d0013c9043f5533095613c92ba4e5f62","sha1":"e9669cd05240f71ea723cef08fd7b52f248f5611","sha256":"24c52433634491034fa3709b646b2a4e4ea8261b6080a45d44be4c4df7f27141","sha512":"10acc52030a566263bab1f6f4d760d2c76db4bc46d5115de2db6a88a53ace7132e5dc1f595cae1ac5ded5aab8b8da444b7e0abc7e6822a92b5e9934bc9d62bd2","ssdeep":"1536:rt1AhdnJHX9vIW841v8w9u5Di7ruub5ryAzi7dPanm38/:xGXhX9hTu8OuNydCm3A","tlshash":"0d530150f717018a767baf39e2f9f1badb1cdb71f9ec761b8a5a1808f3130966180509","first_seen":"2025-08-26T09:15:30.550231Z","last_seen":"2026-03-20T14:27:27.594277Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2242,"timings":{"blocked":-1,"dns":524,"connect":151,"send":0,"wait":216,"receive":261,"ssl":1087},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/O1CN01NVNrIJ1rGgfwg3qhu_!!2216598935604-1-fleamarket.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/O1CN01NVNrIJ1rGgfwg3qhu_!!2216598935604-1-fleamarket.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 343870\r\ndate: Tue, 24 Feb 2026 09:21:16 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 9b66a79b17719248762374431e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache25.l2de4[0,0,200-0,H], ens-cache26.l2de4[1,0], ens-cache1.se3[0,0,200-0,H], ens-cache20.se3[2,0]\r\naccess-control-allow-origin: *\r\nage: 975637\r\nali-swift-global-savetime: 1771924876\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 24 Feb 2026 09:43:51 GMT\r\nx-swift-cachetime: 31534645\r\nback_uri: /imgextra/i2/O1CN01NVNrIJ1rGgfwg3qhu_!!2216598935604-1-fleamarket.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005135125451e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":343870,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"238239bf4773f01ca956b4660db9fc08","sha1":"b16e1c73e5b4baa750f587eb54dfcbeac7f53a13","sha256":"3ef3e2cdea8b61bd88b40faf96f6b6c2dfc326104b04ee58f1f4b1798dfb7668","sha512":"97df4878d6567c54a0bce399d2b9b59d132f45b59c839c3d0968a623d6cd2f476c06006d77bf2905e8d6a1ab28709193c01fb384630c08f0508950ea126d8dd4","ssdeep":"6144:skDFXvr1efkuVrBSJVEL0KLIN/odsqTwtZfV0KLkbMHjnFf5n1QL9CFMEk9V1:ssF/r1dudB2EYKW/o+qTAJCKobMpxn1I","tlshash":"3c7423fe483949d4316b3e6518376eff00e8fe29125962567dffb4e270c482c119b6a2","first_seen":"2026-02-24T09:59:59.873572Z","last_seen":"2026-03-15T07:53:53.560019Z","times_seen":1004,"resource_available":false,"data":null}},"time_used":1072,"timings":{"blocked":945,"dns":3,"connect":8,"send":0,"wait":67,"receive":10,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/favicon.ico","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:57.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/x-icon\r\ncontent-length: 9662\r\nlast-modified: Fri, 25 Nov 2022 03:52:54 GMT\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\ncache-control: public, max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"c07adc7a7b175ec91d1de1ce0b68c983","sha1":"219aeb249dc7cc01a10cc587c8c860207248ebbc","sha256":"e7521f5188e6abb7cd05cdab9e56047d92f86927bcc0dce844032db99f1f65f1","sha512":"bc496143b8d3c122a43f90db85a99275da208fd873a9ae0880756747cc5f007b350238f54e01abbf857d0c5903a345d7314972de9e3a2461da44a47d4113351c","ssdeep":"192:AkruedqSocLnDaechSx4I03uMIqsh7edoF4:A8kcL/4Smt+MCedoF4","tlshash":"90127e243947e0b1db8c567561a4c9327719e9e15c281b9b1edc3e6a38d81d87e32163","first_seen":"2025-08-31T18:45:30.893315Z","last_seen":"2026-03-07T16:22:29.501316Z","times_seen":4,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/PublicTemplate.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/PublicTemplate.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 11704\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11704,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators","md5":"d91371ded69c5b4ab707900fc63d8600","sha1":"ad0c4332673e55ba6d7a4ebb29b73247e9d7385e","sha256":"7b30f3ff50e2966705514aa4864ac1995379a069c305ed6e5de7c5c79fcdcebc","sha512":"b727d0c28bb1e6bd798ad0bf741008523aeef2a2837a2ab781970cc29ca114ec09c534b54b99b01318b7d4de741ef672d252e86a89698e30925c1dcbdeea535d","ssdeep":"192:GDrhCOZP/FKVJ5k4EjC097COZeje4/S+xkiupbwmJZyCOZuQcqcpIh6ePCHS:GX3UJLGjHS","tlshash":"bd32bc13bb100204f9fa9372abfa9b24f936615746c107b87e8cd52d6f34b4aa651fc1","first_seen":"2023-05-10T14:39:56Z","last_seen":"2026-04-04T04:00:03.810512Z","times_seen":277,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":478,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20260107-1/cffbe1d6a2dba4b09a388f620d852372.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260107-1/cffbe1d6a2dba4b09a388f620d852372.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57333\r\nlast-modified: Wed, 07 Jan 2026 01:40:13 GMT\r\nvary: Accept-Encoding\r\netag: \"695db97d-dff5\"\r\nexpires: Sat, 28 Mar 2026 17:56:27 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 771924\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57333,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 854x480, components 3","md5":"8f8637419ad3966a7ce253c306adb21d","sha1":"0176a84cb11bf886405f530b44a703514e816b75","sha256":"a10453624c7b438eea6cf543b1b13b262324009ce8e716735e1dba8ee20d37c6","sha512":"e115e418290829f2931c840de1c9de55422c6475b549e93766c4d991ab784ebc2f0ed71ddb14caaf33c9bc41797c9ae6a3ad860e8b0a312dd466b35981ecadf1","ssdeep":"1536:FlGM1QdPNC1weU/HrMIQqiD4HUic31LKmoT:Lb1sPNCCj/rRNKLO","tlshash":"8e43f2878d62f631033d7341dec699ba49473445f760a0a2df974d2b704dce428baf89","first_seen":"2025-11-01T21:40:06.56699Z","last_seen":"2026-03-07T16:22:29.505059Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1533,"timings":{"blocked":-1,"dns":112,"connect":162,"send":0,"wait":612,"receive":315,"ssl":289},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.sex8sex844.com/20251218/fj1phWX6/1.jpg","fqdn":"pic.sex8sex844.com","domain":"sex8sex844.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex844.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 15:46:46 GMT","end":"Sun, 12 Apr 2026 16:37:24 GMT"},"fingerprint":{"sha1":"CA:21:68:94:80:0A:96:76:16:85:A4:3D:1E:21:00:EF:F3:79:F9:FC","sha256":"62:D4:A3:B0:8E:B2:A7:89:1A:51:D0:7A:FA:35:60:2A:4B:8D:42:3D:01:6C:01:6D:15:40:7C:56:4B:DB:5A:6F"}}},"request":{"raw":"GET /20251218/fj1phWX6/1.jpg HTTP/1.1\r\nHost: pic.sex8sex844.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 54677\r\nserver: cloudflare\r\nlast-modified: Thu, 18 Dec 2025 08:53:14 GMT\r\ncontent-disposition: attachment; filename=\"1.jpg\"\r\netag: \"6943c0fa-d595\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wvjr8OWSp3bBDRl1StxdRPz3w71Y99xZFRIHdRW0OuwGTFJlY6ArTVLf6ptXv0L8amtUcZSZyXWky82%2BWT2Gk53KNxhqnvRozKp%2BqgXfgwGo7A%3D%3D\"}]}\r\ncf-ray: 9d8aef7fcf27a9d3-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54677,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 702x362, components 3","md5":"dd127de5b83daef0bfb6ca61be3cba6b","sha1":"4c01b2eb88921f712ae2b27fe8006bb82889e4ab","sha256":"18f00740e586c3548a4900496c9399ed3b5b47f18f18beb6dd2bd835f8957f05","sha512":"05fb6beeec65dd2ce3bf26bdbc882e77b00727f87f6a434b1bd51d8ab948e005e89d7ca2d96201a82774930edd56d3b69c6460baf2ed6b4b3e4d57d89277577c","ssdeep":"1536:qbwx8NbKHKMo0qhSTp6SFGej5P0eTbtFSmdgYz:+q8JKHE0LRHNbfzdgYz","tlshash":"a033024ee15b9649b12e473f930a5d8f61a9b85812353abdd60c7c972b20c131e2df6c","first_seen":"2025-12-20T05:29:10.233595Z","last_seen":"2026-03-07T16:22:29.507594Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1142,"timings":{"blocked":-1,"dns":82,"connect":9,"send":0,"wait":688,"receive":180,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jpxjpg2.top/upload/vod/20251218-1/79fda9f7367795d3eb440460ec90ba26.jpg","fqdn":"jpxjpg2.top","domain":"jpxjpg2.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.497Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251218-1/79fda9f7367795d3eb440460ec90ba26.jpg HTTP/1.1\r\nHost: jpxjpg2.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":192,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/static/js/jquery.lazyload.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/static/js/jquery.lazyload.js HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 2232\r\nlast-modified: Tue, 23 Jan 2018 00:08:40 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2232,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2230)","md5":"9dfc308833c7ae64a6e0e6bd33fb51d7","sha1":"527e4dbceb22c063ed1bc5bd2ec362d9a412892a","sha256":"f3a5e91219434ff92ae7b36b9582136a75f56b605ebeb54bac21efdfea4466d1","sha512":"383aec26af4153c8d03cf7ab898378d5be2d509fcc12e87daaccaf2a51f145ac57b08c3001db895ed95b24e807c5290d256e5570a519b2c478185b9472d27578","ssdeep":"","tlshash":"d641e5863f027534f179a9ad430f52096127d03b92d58dd1b089d8ecfcf86579a3698b","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T12:57:38.403151Z","times_seen":18871,"resource_available":true,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/abc/fixed_ui_9a02c6.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /abc/fixed_ui_9a02c6.js HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\ncontent-length: 5587\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5587,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"d08efdcf636d6a083af1ef015b95dd6b","sha1":"a342f68c11a76c176d40546c420a00aa6f15e247","sha256":"34f84f87f1bb91f520526e4af193bed9c766631b52fa99d4b27168b5df0babb2","sha512":"9a40cdc0f896938164a077eaf0d57c74cb9e179f880adb69f6dfd9f654ba7c9d081aa5dc092769a624353fd185c4206000125c52bb1637bcdb57611ef5032963","ssdeep":"96:RBrFraBfXJMwE3xg250lE/fEQTzg2ACuWJkiTaoP5VYb5G6JS/lWrN1/sKQtX:HBLwUm250lqfPT8RCuWJV5VGGg+gMltX","tlshash":"69b1935e79e330a68a2330b48fff150836319023920ddda47c1dd1a46fa9b946672fe9","first_seen":"2026-03-07T16:22:29.510897Z","last_seen":"2026-03-07T16:22:29.510897Z","times_seen":1,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sex8sex811.com/20250628/HN17G3b8/1.jpg","fqdn":"sex8sex811.com","domain":"sex8sex811.com","tld":"com"},"ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex8sex811.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Sun, 22 Jun 2025 13:10:45 GMT","end":"Mon, 22 Jun 2026 13:10:44 GMT"},"fingerprint":{"sha1":"C9:53:EE:A5:BF:D8:DA:43:BD:4D:33:2D:23:50:62:EE:70:A0:CD:A5","sha256":"0D:37:98:9E:87:92:F0:5C:60:79:C3:46:29:6A:A3:16:B6:D0:7B:AD:75:40:95:A3:1E:67:B0:45:0C:F2:BC:15"}}},"request":{"raw":"GET /20250628/HN17G3b8/1.jpg HTTP/1.1\r\nHost: sex8sex811.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 404\r\ndate: Sat, 07 Mar 2026 16:22:49 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2689,"timings":{"blocked":-1,"dns":254,"connect":162,"send":0,"wait":1156,"receive":0,"ssl":1099},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/js/swiper.min.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/js/swiper.min.js HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 153765\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":153765,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (859), with CRLF line terminators","md5":"7b86ae99b32e343617cf58b13c8f8a5e","sha1":"3f05a00dd1c1b280dc0238291d9b8fe6881e4d02","sha256":"a4eda3c573e9e41048c3b6802ebbf32187cf2012c50abab539bacdb4b825db89","sha512":"8eefc318783c0b88d8e299a4938a57a23cafb97716635e8dfe48a711108294172a3da9ff8fcc69babde3f9d539c8a0738e6ca8e8cd8b39cfa0581cf2b6b438a5","ssdeep":"3072:vPwozDkR63EE+58hmJRFznHgyjm0vYphwoLQPDZS:HRcRjWhKXnHgyjm0vYphwogZS","tlshash":"1ae39396b3cc257e85d76307ae7dc540e27ed43af21284bc32ac58d958ad8180779ef8","first_seen":"2023-03-14T09:42:10Z","last_seen":"2026-04-04T04:00:03.839972Z","times_seen":287,"resource_available":true,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/js/index.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/js/index.js HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 14871\r\nlast-modified: Sun, 27 Nov 2022 10:24:50 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14871,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"cf002bb7bc90b725450837f981182694","sha1":"afce90ed5a595f83517599c5cc9d491204da7a7a","sha256":"cad8fb9cbeb5f4d69d64f63cc46c01bc2afdcfdff894bad291757f13cfc213ae","sha512":"ab874dd9a9bc75beb61f0b1ad943e586a6d6ae37739f989b5f2af1099f941da06fc44e35e80f82fa7905ed6eb4fb160a8bd46f0e4478e7e7c8ff7cd00d886802","ssdeep":"384:OOy/ANJhnCwh6zrhJAihUBFEaNYZ/7NJh2CwhlzrhIAihvBFXobPgmpiGX28/0iS:IANjnCk6z9JA+UBw7Nj2Cklz9IA+vBY0","tlshash":"1f62b2287115667641fdb363a43c62b015e9fcb1e43174b1f46d84b10babaec2a70e6b","first_seen":"2025-08-25T06:56:27.690705Z","last_seen":"2026-04-04T04:00:03.851881Z","times_seen":276,"resource_available":true,"data":null}},"time_used":616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img1212.syhze.com/8888/mbh/960x120.gif","fqdn":"img1212.syhze.com","domain":"syhze.com","tld":"com"},"ip":{"addr":"205.198.65.15","port":443,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1212.syhze.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 05:10:16 GMT","end":"Thu, 21 May 2026 05:10:15 GMT"},"fingerprint":{"sha1":"0E:AF:BB:57:33:D9:8E:52:FC:E0:72:FB:99:E6:06:AE:75:3F:77:CD","sha256":"73:97:CE:47:3B:96:59:73:01:A9:E5:B5:E4:AA:29:99:2E:75:1A:0E:52:57:08:31:66:51:91:6E:D4:8A:EC:94"}}},"request":{"raw":"GET /8888/mbh/960x120.gif HTTP/1.1\r\nHost: img1212.syhze.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:53 GMT\r\ncontent-type: image/gif\r\ncontent-length: 496600\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Fri, 30 Jan 2026 13:22:20 GMT\r\netag: \"697cb08c-793d8\"\r\nexpires: Mon, 06 Apr 2026 05:15:23 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1728000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":496600,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"98f1aab916043713d1744086a4aac70d","sha1":"abbc50f57afaea6090ffec73c53bc824926db831","sha256":"4bcfe3c6ff3dcd160bd51a92164046ed60b025895dc6affc06db0d6d88b77259","sha512":"50aded0afad0a2f06bc9b5dd4ba767e64e5cf59b627ee62ce66bf3a769b0fddfa7533cb591e0ad6dfd3be42afa77d37181ea9fd7dac487946081ee0f24e837f0","ssdeep":"6144:9G4QxSTTMRTTMRTTMRfE3O4+g2CjZnFaYG/eFVVL:E0T4RT4RT4RyO4fFZFaL/Q","tlshash":"c3b423ec487fcd5dc8b22c2c3143023349a2b17879df88626793b9d7e5d6b196a82d35","first_seen":"2026-01-31T02:19:27.411392Z","last_seen":"2026-04-04T15:25:57.371862Z","times_seen":2803,"resource_available":false,"data":null}},"time_used":2818,"timings":{"blocked":-1,"dns":434,"connect":260,"send":0,"wait":1174,"receive":659,"ssl":288},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/iconfont.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/iconfont.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 3735\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3735,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2773)","md5":"069153cc8b3029a85f8f6b225bdbc248","sha1":"ad098466c32e6c32f1cc88092285aa9255230253","sha256":"4d38a59bdd952828cd6f72aee15ae96747a791a1c2b5c5bfe60f0ec3aaa49b8e","sha512":"233ec1dede5c9ac9458d8dedf89083dc9d2b975b89ea6988f1658e5a9271a83dea3e53f84a88c445bd4fb31f82cda644b46dbe4048d785ecf28e2ed1ae15e9e1","ssdeep":"","tlshash":"c27129b4a8ff3ca423799cc932126b59ef1b141726821c03201bd9ada4fa29462d1f9c","first_seen":"2024-08-20T12:47:30.212713Z","last_seen":"2026-04-04T04:00:03.876076Z","times_seen":277,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":371,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/tyctyc388-960x120.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"36.151.194.102","port":443,"asn":56046,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /tyctyc388-960x120.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 16:21:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i1/2217565595682/O1CN01JKJBL71rqPYr9sHRK_!!2217565595682.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71518,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1112,"timings":{"blocked":456,"dns":2,"connect":211,"send":0,"wait":211,"receive":0,"ssl":228},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/swiper.min.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/swiper.min.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 21709\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21709,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1467), with CRLF line terminators","md5":"e992daafdf0f61547d18d08a0c6a7afb","sha1":"e714764ee8f07423162ad89a3c7ea974dc9e42a7","sha256":"95320444c9f1cc55ccce5102b8e67610c44330a9dd02801387ea3dcab433b7c5","sha512":"845d75e31d845d7ff8c46a8d9a029ed82766f0e6d84cc9e677de3db226f75f0fe2bf979076212850a377bfe3dbb41344dbd19bd438e98bba9ba15d05ad30377c","ssdeep":"384:F23qZDEVUnf8GMARlMdBh937dBqFoBbMgfqpTM:F2aZwVUf8GMARlMdBh937dBqFoBNfqp4","tlshash":"31a2220c1711204ba7234e5d47f95b34db58c8a36e0348ef72c19e4cd7ba5b8b26b76a","first_seen":"2023-05-10T14:39:56Z","last_seen":"2026-04-04T04:00:03.854582Z","times_seen":276,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fqjpg5.top/upload/vod/20251129-1/ed86198670bc8c1ba877f81960aec42b.jpg","fqdn":"fqjpg5.top","domain":"fqjpg5.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.508Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251129-1/ed86198670bc8c1ba877f81960aec42b.jpg HTTP/1.1\r\nHost: fqjpg5.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":310,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavzy.info/upload/vod/20250701-1/5a3dbcee1e5bfcd772080efcc68d6bb4.jpg","fqdn":"img1.souavzy.info","domain":"souavzy.info","tld":"info"},"ip":{"addr":"104.21.12.156","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"souavzy.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 01:03:28 GMT","end":"Sat, 25 Apr 2026 02:02:04 GMT"},"fingerprint":{"sha1":"B5:4D:EA:D3:4F:97:AA:F3:CD:32:47:A3:B0:04:E7:76:2D:95:1B:71","sha256":"DE:1A:A9:94:5F:14:35:2F:84:62:B6:B8:72:6E:3D:74:FE:FC:43:1B:38:14:47:B3:E4:56:5F:90:95:E5:C3:56"}}},"request":{"raw":"GET /upload/vod/20250701-1/5a3dbcee1e5bfcd772080efcc68d6bb4.jpg HTTP/1.1\r\nHost: img1.souavzy.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KWLrv5pm6xHxxHma9smhTeIjSARJjAfGW5FyuHxfwTt0hY7ro2Aj4z72%2B8GGSQVKNKcKJ0Lc%2B%2FNG5uT098UJ1%2BC7iHj5QbkRpfxAxLQuEat7\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d8aef80a81c0d2b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":842,"timings":{"blocked":-1,"dns":206,"connect":30,"send":0,"wait":460,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"da.da15525716.com/20251105/6uhS5I8u/1.jpg","fqdn":"da.da15525716.com","domain":"da15525716.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.539Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /20251105/6uhS5I8u/1.jpg HTTP/1.1\r\nHost: da.da15525716.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"da.da15525716.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"la.lashayu.com/upload/vod/20251027-1/f4d3cce04f8a0b3ea5099f7e1cfcb1ac.jpg","fqdn":"la.lashayu.com","domain":"lashayu.com","tld":"com"},"ip":{"addr":"156.238.201.107","port":443,"asn":50183,"as":"CenturyNetworks Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:51.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"la.lashayu.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 15:25:31 GMT","end":"Thu, 14 May 2026 15:25:30 GMT"},"fingerprint":{"sha1":"12:7F:43:CD:93:DA:C7:A7:30:0E:6C:68:FE:76:BE:A7:3A:FA:2E:70","sha256":"38:45:87:B6:6F:92:7D:F1:17:B4:75:66:B9:26:63:9C:76:3F:DB:CE:27:66:3E:C2:8D:5F:08:BE:F4:CA:99:4D"}}},"request":{"raw":"GET /upload/vod/20251027-1/f4d3cce04f8a0b3ea5099f7e1cfcb1ac.jpg HTTP/1.1\r\nHost: la.lashayu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\netag: \"5ccd7441-3\"\r\nserver: nginx\r\nx-cache: BYPASS, Status: 404\r\ncontent-length: 3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/000/flink/analytics.php","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"POST /000/flink/analytics.php HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 9\r\nOrigin: https://ajt.ywbd9.monster\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"referrer="}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: https://www.xzylm.com\r\ndate: Sat, 07 Mar 2026 16:21:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nage: 0\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jpxjpg3.top/upload/vod/20260131-1/b6407e523d32cd2459980e08b17dad8b.png","fqdn":"jpxjpg3.top","domain":"jpxjpg3.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.460Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20260131-1/b6407e523d32cd2459980e08b17dad8b.png HTTP/1.1\r\nHost: jpxjpg3.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":56,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/abc/data_b693cf.json","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /abc/data_b693cf.json HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ndate: Sat, 07 Mar 2026 16:20:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300\r\nage: 105\r\ncontent-length: 9710\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9710,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"688122ac13dbb0880c3119d95c15f88b","sha1":"0822e7c8217c675ab49000dd9fadcfffb1e5ff8e","sha256":"79d8213bb52374f13398d75e5d6af9bac9796b9dbe1a7ab7de324c26b41fbde1","sha512":"8f0ad35fd15b833a5af804dc8e8d02790915f02ce25e5df625e1238fc8acb47bc000df29c0af40ac449f97a0442f754b5246a76046648980cdbaf8f3ead74fb9","ssdeep":"96:fFKqW7S7oVcvXcv0m0hffPOcPFPXTPXXWGHO7TnQvMI1MmxYThZWfzQOdIQZvdk4:f47Lc/c8Jf7zt3vI28Of1rwlSfvj4Y","tlshash":"aa126bb737f9697cf6b452c55b0a3f69578d3027884c938727cdec3484b81aa620b463","first_seen":"2026-03-07T16:22:29.522838Z","last_seen":"2026-03-07T16:22:29.522838Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/static/css/a_pc_wap.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/static/css/a_pc_wap.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 2876\r\nlast-modified: Mon, 24 Oct 2022 09:16:10 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2876,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"74a8b81d486fd0fab0c1e1a21faf815c","sha1":"3671d10e96160cba777510eafe225a6fab98dbdf","sha256":"db0fd01915d66b5e8e03851256f02c85422be168cf9b2b68ab776878447f9e1c","sha512":"9399229eae7fd56b29d69e0cacc7b2a439aa45fb392df8549e04ed3fd81ee280694bf2a96acebdfc759862fb7a863fcba5e4adc4228c40bb25ac75fbca504226","ssdeep":"","tlshash":"2e515a162b6f2488a80ba1b85fb567686a294053bb0fcc2975547324ff4e78d09b2789","first_seen":"2023-11-16T12:30:34Z","last_seen":"2026-04-04T15:25:57.379425Z","times_seen":9227,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/img/close1.png","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/img/close1.png HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/png\r\ncontent-length: 1104\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1104,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced","md5":"388c013a75d7a1733f4a0ef638bb881c","sha1":"4df28f5057ad5a1d24fbe6d6fa908d36bf710181","sha256":"c7216b02ccf9645d70246aae7bac88d6ce2781e70470df30fc0c8ff88c0943e2","sha512":"c70253f3270f8c3ec11597a0d49a36252e3e246b6a761286f063521aa0dc55ff6eb923eb3f9df4fd9004e365b86529e65f6b916591830064bd1011a37c9e6973","ssdeep":"","tlshash":"171196b2d6022d286be50f6c5b3606909d0b56b56ce0e119a9790e10b62fdbc8922199","first_seen":"2023-05-10T14:39:56Z","last_seen":"2026-04-04T04:00:03.828599Z","times_seen":276,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":629,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251225-1/2a3a5be550f1d5c2c4def73ce1ea3c56.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251225-1/2a3a5be550f1d5c2c4def73ce1ea3c56.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 496565\r\nlast-modified: Thu, 25 Dec 2025 02:51:03 GMT\r\nvary: Accept-Encoding\r\netag: \"694ca697-793b5\"\r\nexpires: Sat, 28 Mar 2026 17:40:39 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772872\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":496565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 740 x 418, 8-bit/color RGBA, non-interlaced","md5":"f1aa696de03543937d758fba053b4f8f","sha1":"4dd3b08d901a64ca18430af4eb4aaa9ecdd2ccd0","sha256":"14821586d124837487e6cf7bf425e4063dc548265da06b9c4f45fc056c5092b2","sha512":"e7f2e2bf66b05fd91e6ce328b08469468c0256914a75f1f5f3908ba7310c452e51e572dbc756415f20d9644b12b0697d300b55ee3a8c4610a42c076e0c8e2777","ssdeep":"12288:y1g1EZp5ypphWiQVjLsv7t6ppGDUksaUSzg8Vt0UcbpxvoV:2c45ypfWdNyApmVmSzhIUcwV","tlshash":"09b4230041b41426454a6ca2df1cae39f390d7a106d9b6520e3fff9f6831ea1678eb77","first_seen":"2026-01-15T07:02:30.47094Z","last_seen":"2026-03-14T17:52:30.214011Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1811,"timings":{"blocked":-1,"dns":105,"connect":182,"send":0,"wait":507,"receive":599,"ssl":378},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fsffbhd.4000522777.xn--fiqs8s/ea980b9daf2cbb13355e4431bbc43384.gif?_t=1765444375","fqdn":"fsffbhd.4000522777.xn--fiqs8s","domain":"fsffbhd.4000522777.xn--fiqs8s","tld":""},"ip":{"addr":"172.67.73.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:54.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4000522777.xn--fiqs8s","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 07:30:32 GMT","end":"Sat, 09 May 2026 07:30:31 GMT"},"fingerprint":{"sha1":"FF:0F:4B:0B:66:7A:99:CF:94:C0:49:3D:85:E5:C9:86:98:B7:37:5A","sha256":"43:BD:60:69:CF:8C:1A:A9:8F:2A:45:8B:67:9B:D8:CE:5E:AD:46:40:6D:E0:09:85:5F:16:F0:2D:FD:A5:D2:8E"}}},"request":{"raw":"GET /ea980b9daf2cbb13355e4431bbc43384.gif?_t=1765444375 HTTP/1.1\r\nHost: fsffbhd.4000522777.xn--fiqs8s\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:54 GMT\r\ncontent-type: image/gif\r\ncontent-length: 686427\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sVc9eZPEtonwKbLRZb6ZiKimz3QZhC2FdFYolJMG5i2%2BktpeVpNeQorydZ8mVPdMds7fdYbkIsCve3urP4y8DaW1ZeUF3tNw6Nmfy%2BknR9bq5PTlJLT8qwHimSY%3D\"}]}\r\nlast-modified: Fri, 12 Dec 2025 11:26:10 GMT\r\netag: \"693bfbd2-abcad\"\r\naccept-ranges: bytes\r\ncf-polished: ok, orig_size=703661\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-bgj: h2pri,imgq:100\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\npriority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1954;u=4;i=?0 75633;u=5;i=?0)\r\nage: 4907\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9d8aef95f8e497c6-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":686427,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"50ad17c4014d52237a88bb19e9829b31","sha1":"db252c8c8a5ae668e4632ed8a76a1b24c53c9f70","sha256":"554655862976f55793e7639c314556faa823351d74594ae5ad92087cbeb0e612","sha512":"28ef570f60686911a4f0a3103d46bd5dcc95320b7a3dc8cc05a46f9f889b81b041197d528326d0058db11fe5fcf2ff9eb21b74f7c827c954d8a8756ad55a579a","ssdeep":"12288:wwXjxQCC3biqHBA64vfwB2VDUh2aQapzDUS7uahgvxVYGy157FN3fCnVi:wZFnB54He2VmyIuaOJVDy1JXKnE","tlshash":"fae4235203b56265ecd3816ab4d1296e4ceea25f0d38ff31134128da46a379f23653ef","first_seen":"2026-02-13T09:12:04.032312Z","last_seen":"2026-03-24T12:42:29.021486Z","times_seen":1077,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":5,"connect":8,"send":0,"wait":15,"receive":47,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:55.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 643569\r\ndate: Sun, 25 Jan 2026 16:50:48 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 2ff6309e17693598481316951e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache39.l2de4[0,0,200-0,H], ens-cache6.l2de4[1,0], ens-cache12.se3[0,0,200-0,H], ens-cache20.se3[2,0]\r\naccess-control-allow-origin: *\r\nage: 3540667\r\nali-swift-global-savetime: 1769359848\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 25 Jan 2026 16:56:36 GMT\r\nx-swift-cachetime: 31535652\r\nback_uri: /imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005152146172e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":643569,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"f5919b3ac13cce9d56f7966003e826d8","sha1":"75c040dace5ddc741ddcbda8e0bc74fcbff417bc","sha256":"739605b51e61972ae4e03385a848c5cc0561d639eadb33e424567f7f3b9d8f88","sha512":"5864eaf234c1b5816f6faeb6ef6f499154110340a9c412a742b35f4304a7cdba4cb88efbe61887c10593e96737a895d6cd466cd8fe990edce43338535123cd17","ssdeep":"12288:E2PPPsqKfJQrQrQrQFUpPnn9uVK49uVK49uVK49uVKZRV7YC:E2PPPJQc9KK49KK49KK49KKZX7H","tlshash":"c2d41338875b6ab15d82fe6c4ce1a0d980f951df53b74669e7c09c30936a31fb382b64","first_seen":"2024-10-04T10:32:36.972611Z","last_seen":"2026-04-04T15:25:57.320242Z","times_seen":8019,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251205-1/a9dc486aa4e034c360272eb7f0309267.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251205-1/a9dc486aa4e034c360272eb7f0309267.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 958920\r\nlast-modified: Fri, 05 Dec 2025 03:54:11 GMT\r\nvary: Accept-Encoding\r\netag: \"69325763-ea1c8\"\r\nexpires: Sat, 28 Mar 2026 17:49:42 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772329\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":958920,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 973 x 538, 8-bit/color RGBA, non-interlaced","md5":"91cf35176ccb5ee0bf0e48e27f96c0de","sha1":"8a5fd3c1f7a85e3a2b98fc4a12a0dfecd2d79d9a","sha256":"1d11a9aa8bb7fdaa1990e00300b6b0cac8a66050723c8192ee8f7d4ce125b212","sha512":"3a3ce6b8fbe93cb5cf03be78e240913f7600c00983bb41b0574cd80c44618063574a48015f6a576853bb00a888178f9160ee7031eb1ecbcc7ffbe9fa3e637fab","ssdeep":"24576:i00YujkGKJl5b0JpwvBp/igolvDYkuasgXQubrPQSrFIsp:iPjAhb0JpwvBRXolvDYC1X3voA","tlshash":"fa1523ddf93287744b90a3b6764314e182cddd58ada928f0edf145084944fc8689eaff","first_seen":"2025-12-05T21:20:10.388921Z","last_seen":"2026-03-07T16:22:29.530352Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1617,"timings":{"blocked":504,"dns":0,"connect":0,"send":0,"wait":259,"receive":854,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fqjpg5.top/upload/vod/20251106-1/4c8bab67a695ebb29e6c61d51a6dbdcc.jpg","fqdn":"fqjpg5.top","domain":"fqjpg5.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.538Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251106-1/4c8bab67a695ebb29e6c61d51a6dbdcc.jpg HTTP/1.1\r\nHost: fqjpg5.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":348,"timings":{"blocked":330,"dns":18,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/js/common.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/js/common.js HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 12662\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"3389e213750ffb34f1de8ba3f43ebe29","sha1":"906e1a83ac965157170f289d4969d6f16bcfb3d4","sha256":"368caee50f32a18e8ab345fd2e90e0d835ecf159ff8805c89204bd5f9ad8049e","sha512":"0ed534d98d78bfa286c803a9cc45f8dbc2b4b7f8c09ac8bf0f8518a5362d1b4df161d4147c1bcdae6d91f3c02e5148fd9d27198d4c221dd3d755332fd7e71f52","ssdeep":"384:beiiVhcbvPMPHPSH6PMHlnEiX/hWfG3xngv4Po/DHuxHS:bv7PMPHPc6PwPoixHS","tlshash":"bd4253a8fbed4627a0b732a35d6ff198263a044fe1589c03fd3c08516fec9690616d9d","first_seen":"2025-08-25T06:56:27.757037Z","last_seen":"2026-04-04T04:00:03.836533Z","times_seen":276,"resource_available":true,"data":null}},"time_used":616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251121-1/1a91b0de950061a9275d5475a4e09166.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251121-1/1a91b0de950061a9275d5475a4e09166.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71749\r\nlast-modified: Fri, 21 Nov 2025 01:21:22 GMT\r\nvary: Accept-Encoding\r\netag: \"691fbe92-11845\"\r\nexpires: Sat, 28 Mar 2026 18:05:02 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 771409\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71749,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1272x681, components 3","md5":"ac84b80888d7ce3fab6966dc9a04d370","sha1":"4fe774a9379a6acdfe6ff3597801684bb6dd9ad4","sha256":"775dc4f5b6a4d00ff3ad59bbb12fa2cdb12531c4da25b1dd94c4e0295987bb55","sha512":"4d367d22aaa43a922f136105ba7b44980fd96745061120892dc43ca00a83360f73c3fdaa741848c0e0b89a8ff11ca8800280263678e71262c07bb0ce0106e8ba","ssdeep":"1536:EsJH+S3VMa6P9zOulhwQ8lF+sCSlW7IIAsKAnz4iHQqb+l:FJeS3mOunJ8tW7xHKurQN","tlshash":"8a63f20764458947f85c71ebbf020ead96398badcda6a87e31390ec67bd5112cdc483e","first_seen":"2026-01-30T10:34:21.874349Z","last_seen":"2026-03-07T16:22:29.532817Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1387,"timings":{"blocked":486,"dns":0,"connect":0,"send":0,"wait":611,"receive":290,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"11224.xn--gps-8y0gm25n.xn--55qx5d/d/11224?_t=1765444375","fqdn":"11224.xn--gps-8y0gm25n.xn--55qx5d","domain":"11224.xn--gps-8y0gm25n.xn--55qx5d","tld":""},"ip":{"addr":"111.62.149.128","port":443,"asn":24547,"as":"Hebei Mobile Communication Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.xn--gps-8y0gm25n.xn--55qx5d","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 14:22:13 GMT","end":"Tue, 07 Apr 2026 14:22:12 GMT"},"fingerprint":{"sha1":"01:F6:A8:64:D2:BF:90:49:78:62:32:E0:6F:0D:E9:33:66:39:30:EF","sha256":"5D:E4:BC:B9:AE:B1:76:CF:D1:39:B2:34:04:CA:CA:2F:97:94:D8:E3:B1:2D:D1:41:C3:4B:27:0D:1C:BF:03:26"}}},"request":{"raw":"GET /d/11224?_t=1765444375 HTTP/1.1\r\nHost: 11224.xn--gps-8y0gm25n.xn--55qx5d\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 07 Mar 2026 16:21:54 GMT\r\ncontent-type: text/html\r\ncontent-length: 145\r\nlocation: https://fsffbhd.4000522777.xn--fiqs8s/ea980b9daf2cbb13355e4431bbc43384.gif?_t=1765444375\r\ncache-control: public, max-age=3600\r\nexpires: Saturday, 07-Mar-2026 16:21:54 GMT\r\nstrict-transport-security: max-age=31536000\r\nx-via-jsl: 679faae,-\r\nset-cookie: __jsluid_s=3ce14bf83570f6ae71b0a77aed7913a6; max-age=31536000; path=/; HttpOnly; SameSite=None; secure\r\nx-cache: miss\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":686427,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1744,"timings":{"blocked":-1,"dns":1060,"connect":194,"send":0,"wait":287,"receive":0,"ssl":202},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/new_nav.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/new_nav.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 1502\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1502,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"1492049aa5057babda80636a39ca937c","sha1":"3db885d65cfa43091bbf794a0d718f0d0cea07ec","sha256":"61fd38ac5f7e5b6ed7c858f81e9039ff45a9a9cbca4d4853e4094368e36e47f2","sha512":"016417ac58839f2ce7b96f474d0960c9f184c666215f223e9c87ebb918c992090e34dee785263db492781571d079cb55d908db8fc3337916572f50a7e1a46d67","ssdeep":"","tlshash":"7131d03ffb00018801377f345fda625af3da8063d64203d8bbc1ab109b63b5d3661955","first_seen":"2024-08-20T12:47:30.190798Z","last_seen":"2026-04-04T04:00:03.82634Z","times_seen":274,"resource_available":false,"data":null}},"time_used":455,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":455,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/static/js/jquery.js","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/static/js/jquery.js HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: application/javascript\r\ncontent-length: 92629\r\nlast-modified: Thu, 04 Aug 2016 14:39:10 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T15:48:44.569044Z","times_seen":60616,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavimg.com/upload/vod/20251122-1/7949e37d716b768767757d2123ff5a9b.jpg","fqdn":"img1.souavimg.com","domain":"souavimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.520Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251122-1/7949e37d716b768767757d2123ff5a9b.jpg HTTP/1.1\r\nHost: img1.souavimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg4.com:3519/upload/vod/20260222-1/6ad606b1f228141809cbd007651a0737.jpg","fqdn":"sbzytpimg4.com","domain":"sbzytpimg4.com","tld":"com"},"ip":{"addr":"23.140.204.25","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20260222-1/6ad606b1f228141809cbd007651a0737.jpg HTTP/1.1\r\nHost: sbzytpimg4.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 126843\r\nlast-modified: Sun, 22 Feb 2026 02:13:50 GMT\r\nvary: Accept-Encoding\r\netag: \"699a665e-1ef7b\"\r\nexpires: Sat, 28 Mar 2026 17:58:34 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 771797\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":126843,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x537, components 3","md5":"48f0cd35106579cb3e4fb3bb6e0cd62f","sha1":"43bef535a56db53fe7dcade980d9aa399843a1e7","sha256":"1391a18164ae7c290be6bf3022175e705b521ed862827e827c0812fc1c824535","sha512":"b1d98dc1aba52f0b8a89057061ba2a94554e64724bbc16ebad5d20f4deeaaabe1ea44a443299fe156b165372fcf15e4b7f2ad0eddd9c7a86901965c4c95fb37f","ssdeep":"3072:qM/LJ3GbgoVNU2yVouXOWjvoqhWzND/M77tTGG3egs5Y:l2bJNtyXvjBh0/2hTPxsK","tlshash":"9cc313ad9b2543cbb778e738cb92fbcc746e9b48244c4592d916d823ff419ee9103819","first_seen":"2025-10-05T09:40:06.16443Z","last_seen":"2026-03-07T16:22:29.535779Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":532,"dns":38,"connect":184,"send":0,"wait":396,"receive":163,"ssl":310},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251129-1/a26b8ec7f10fc072917f38c341593fa8.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251129-1/a26b8ec7f10fc072917f38c341593fa8.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 316189\r\nlast-modified: Sat, 29 Nov 2025 01:26:12 GMT\r\nvary: Accept-Encoding\r\netag: \"692a4bb4-4d31d\"\r\nexpires: Sat, 28 Mar 2026 17:40:34 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772877\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":316189,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3307, bps=194, compression=LZW, PhotometricInterpretation=CMYK, orientation=upper-left, width=4133], baseline, precision 8, 800x538, components 3","md5":"78f054c5f54d202e74d2fb23a3f98161","sha1":"bdc9b3d94ba59b367c094f9cd5245a173443da80","sha256":"f4411ffa04c356380de08a93e4920626de0e7235527759d80c28c3534ebb342f","sha512":"2880e4c1f9b56702064e0957e130969cfe86ad1036d987e66e84ae2e32c2196826c34e5c27d89332cbb6eaa03b024440443deb4ed1d6cb2efa16e872756f65e9","ssdeep":"6144:td6dUHdH8XSuoHkdn5WrK998B42NAyVhrc2:td6dw8XSfkdn2KI4JyDg2","tlshash":"e664235ae21a6c73c0b98a715a9cf31bf722b40a7bf11b957c7d2d39bbb4840544834d","first_seen":"2026-03-07T16:22:29.537023Z","last_seen":"2026-03-07T16:22:29.537023Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1382,"timings":{"blocked":498,"dns":0,"connect":0,"send":0,"wait":259,"receive":625,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:53.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 44406\r\ndate: Mon, 22 Dec 2025 05:59:10 GMT\r\nlast-modified: Sat, 08 Nov 2025 08:42:46 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.026\r\ntraceid: a3b5329d17663831508126739e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache36.l2de4[0,12,200-0,H], ens-cache23.l2de4[13,0], ens-cache14.se3[0,0,200-0,H], ens-cache20.se3[2,0]\r\naccess-control-allow-origin: *\r\nage: 6517363\r\nali-swift-global-savetime: 1766383150\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 18 Jan 2026 05:44:22 GMT\r\nx-swift-cachetime: 29204088\r\nback_uri: /imgextra/i2/2207246784654/O1CN010a6y4d1kFaOOgMqmk_!!2207246784654.gif_.avif\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005138505606e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":44406,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"7fe888844a25455b732401ff74cfd8ab","sha1":"8d19e04de42c10ba020a85c53ce0a89e68228df8","sha256":"f85ce364be6d1d2dd090b2fc02ab3e6dc3013b61a85576e4c0eb4ad8fa408e31","sha512":"a046e5c42fbd73895fe7f7add8d2511b9f5aa297d99ec108c8f47cd4546a16af813bfc54314c865b4c13a74c7be17429c341d1ecc327ee344074221732ba2d2e","ssdeep":"768:/6Qbzz7QUHPIskU5/Eg59QCK5Py43ZKFbVeI0D0gwKjewJ+Tsxfz0JWOyndv7mzv:ykQnskU9lXFK5P3ZKFbV10YRKjdfzOgW","tlshash":"3813013d7682d0410e2e367675f0c638fb9ad9dac96d34dbba795528644403c7c0939b","first_seen":"2025-11-09T02:30:37.980535Z","last_seen":"2026-04-04T15:25:57.457665Z","times_seen":7888,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251213-1/f40ba665e19d0d45375a4ff96ff853fc.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251213-1/f40ba665e19d0d45375a4ff96ff853fc.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15333\r\nlast-modified: Sat, 13 Dec 2025 02:32:17 GMT\r\nvary: Accept-Encoding\r\netag: \"693cd031-3be5\"\r\nexpires: Sat, 28 Mar 2026 17:56:10 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 771941\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15333,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 320x179, components 3","md5":"3ffdd6a134364b5d5e0bf3a5779bea14","sha1":"e4402c6ee74dde48aa7507dc93dba3644d3e84f0","sha256":"937acc4bcb66871f7229728ef715427717ff93844e65ba0125a9fc37bdf6ec35","sha512":"52da0e49c0301bcedfe7535575556dcde504275470b4659cc7cde7a4c9bcc5b41f89d9637c3ffd41dc2b949d8a93fe6b0b8e9b5078fb3d68e0eb6e99800abdbe","ssdeep":"192:GKwwbpCODVNp2uQ4TFBEhrYxEcXxH6j331l9ejK5OHj7t+WNpE96IQcTF4+OY+TI:lww9ZZP5nQ7cYWjpDphNaMd/Kzl","tlshash":"3162c0498d4702a9c71bade39625603a8f425c3986f3bcb04571ef867fefc768a05d21","first_seen":"2026-01-15T07:02:30.467559Z","last_seen":"2026-03-07T16:22:29.539204Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1413,"timings":{"blocked":508,"dns":0,"connect":0,"send":0,"wait":612,"receive":293,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavzy.org/upload/vod/20251016-1/3fd61ba06acd08b63fb574296c71b3d9.jpg","fqdn":"img1.souavzy.org","domain":"souavzy.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.572Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251016-1/3fd61ba06acd08b63fb574296c71b3d9.jpg HTTP/1.1\r\nHost: img1.souavzy.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/O1CN01vSQFbP1rGgfuXaTU7_!!2216598935604-1-fleamarket.gif","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.180","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/O1CN01vSQFbP1rGgfuXaTU7_!!2216598935604-1-fleamarket.gif HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/gif\r\ncontent-length: 303863\r\ndate: Tue, 24 Feb 2026 09:21:40 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.002\r\ntraceid: 9b66a79b17719248998917462e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: gif2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache28.l2de4[0,0,200-0,H], ens-cache25.l2de4[1,0], ens-cache14.se3[0,0,200-0,H], ens-cache20.se3[3,0]\r\naccess-control-allow-origin: *\r\nage: 975613\r\nali-swift-global-savetime: 1771924900\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 24 Feb 2026 09:43:52 GMT\r\nx-swift-cachetime: 31534668\r\nback_uri: /imgextra/i2/O1CN01vSQFbP1rGgfuXaTU7_!!2216598935604-1-fleamarket.gif_.avif\r\nvary: Accept\r\ns-rt: 3\r\ntiming-allow-origin: *\r\neagleid: 9b66d7a817729005134825425e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":303863,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"de72cd3f9bb03e02f5ed7c191fc47e25","sha1":"1f1da79e3ea10cc974149b4fd61236d7aaf0cbba","sha256":"88bc662ac1dc810b16d8c81e024975ec22af3497c510036158f5799da1b4b874","sha512":"be2488a9b17fc4ac4ca2e24177ed9bd673b6514929df0344fa626af305073862d30fa0bfcb290f4b09984e51dd7790dc6af53ace8b9e68a936771f982b7d3da7","ssdeep":"6144:0yBudqBvMzajcmhzfOmZIJ6MLkrN78j6Z8BdaAR50OsE8uZr:1B4qBvRjcmhCSI8ZS6CR50OsEhB","tlshash":"0254232e919b11304cd6a6383d7e66f700f6dc7509a143125dfba6cda4979bc2ce8ca1","first_seen":"2026-02-24T09:59:59.817588Z","last_seen":"2026-03-15T07:53:53.563962Z","times_seen":1005,"resource_available":false,"data":null}},"time_used":1105,"timings":{"blocked":-1,"dns":1009,"connect":7,"send":0,"wait":14,"receive":38,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.ah7907.com/bt960120a.gif","fqdn":"img1.ah7907.com","domain":"ah7907.com","tld":"com"},"ip":{"addr":"36.151.194.102","port":443,"asn":56046,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img1.ah7907.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 06 Nov 2025 07:27:15 GMT","end":"Sun, 06 Dec 2026 07:27:14 GMT"},"fingerprint":{"sha1":"EE:18:15:48:CE:4E:22:9F:18:59:AB:6E:5E:C0:0D:4E:AF:C2:86:22","sha256":"65:F5:69:07:04:80:B4:E3:E7:D0:C5:50:2E:02:11:1C:02:89:6E:83:40:00:DD:00:37:08:E9:9C:1C:A3:4D:59"}}},"request":{"raw":"GET /bt960120a.gif HTTP/1.1\r\nHost: img1.ah7907.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: NgxFence\r\ndate: Sat, 07 Mar 2026 16:21:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://img.alicdn.com/imgextra/i4/2207246784654/O1CN014PyHeq1kFaOP6Xhwn_!!2207246784654.gif\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":292628,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":987,"timings":{"blocked":20,"dns":225,"connect":209,"send":0,"wait":219,"receive":0,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/index.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/index.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 30680\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30680,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"da3dcf2f0408a92ea44345534a517325","sha1":"6acac7595ab4a1dbc9b6dfe06a78e27ae43c27f7","sha256":"6374e3c53ae848a72abda741a9f1c63b77c4c733149d5a72da79a70eb2353073","sha512":"527b1e492d23c5fc023647241e929c148fb015b413c534dffb498e646c9e036eebd1ad8873da220d080533825c93db2fffcb22f554deb1ee9a11e888cf01ccab","ssdeep":"192:1pJUmxqHK6wVTbVMjCVLrrTVRPALQsPS8VpNUIS+xWyeBeWfoWyORbMHQrdBvfzD:2e1VTbVMj8KQ9VduKJp2Nh6JDmoVw8F","tlshash":"fcd2981e8a002054667de2359b580276d8d3f23bf68740f6b6fdd252df3e198a970e78","first_seen":"2025-08-25T06:56:27.746997Z","last_seen":"2026-04-04T04:00:03.884901Z","times_seen":275,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/img/arrow.png","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/img/arrow.png HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: image/png\r\ncontent-length: 370\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 15, 8-bit/color RGBA, non-interlaced","md5":"708eafccda80b8e1d1ebcca802491f41","sha1":"c97f830520c483fe4579236b011741dc2cc3097e","sha256":"e96c75888ff783edce69f1d7dd8484e88712166577fa2e7b6bb1c1644f674f24","sha512":"b51f4adf8278bcd3b5b6346cdc45dfd5b0bc703ca7a02a85dde4d94c73971797231e1c87490059b7decf12a97a890bae55fd6e9b9cb95b57fb5e790b38af7358","ssdeep":"","tlshash":"ebe0c0f73650e76ddd0d093528530004ece5d1be392d36ac9fa5e02945ed589cec1b42","first_seen":"2023-05-10T14:39:56Z","last_seen":"2026-04-04T04:00:03.83374Z","times_seen":287,"resource_available":false,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":629,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xing.sex8sex833.com/20251029/91rhtFQJ/1.jpg","fqdn":"xing.sex8sex833.com","domain":"sex8sex833.com","tld":"com"},"ip":{"addr":"216.180.227.218","port":443,"asn":47191,"as":"blue tech technology Co., Limited","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xing.sex8sex833.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 26 Sep 2025 13:37:39 GMT","end":"Sat, 26 Sep 2026 13:37:38 GMT"},"fingerprint":{"sha1":"28:B4:22:5C:4D:3B:2D:75:D1:AA:11:BA:8B:68:D2:F4:0C:24:56:3C","sha256":"6F:10:DA:E6:82:FD:27:6D:3B:9D:3C:45:0E:7C:3D:E5:97:73:D9:BB:0B:4F:75:19:4F:20:88:F9:00:89:42:D6"}}},"request":{"raw":"GET /20251029/91rhtFQJ/1.jpg HTTP/1.1\r\nHost: xing.sex8sex833.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sat, 07 Mar 2026 16:22:49 GMT\r\nContent-Length: 404\r\nContent-Type: text/html; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2613,"timings":{"blocked":406,"dns":15,"connect":153,"send":0,"wait":1153,"receive":0,"ssl":882},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fourhoi.com/juc-190-uncensored-leak/cover-n.jpg","fqdn":"fourhoi.com","domain":"fourhoi.com","tld":"com"},"ip":{"addr":"172.66.169.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fourhoi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 23:39:25 GMT","end":"Thu, 28 May 2026 00:39:22 GMT"},"fingerprint":{"sha1":"7E:95:F9:B8:83:9B:28:3D:EC:20:85:2F:A2:9D:71:10:39:46:3E:06","sha256":"BF:01:28:6B:9D:E6:01:AD:41:5C:2F:24:37:2A:65:78:64:E5:3D:5D:91:9C:96:9B:23:EF:12:62:D6:E5:C1:DD"}}},"request":{"raw":"GET /juc-190-uncensored-leak/cover-n.jpg HTTP/1.1\r\nHost: fourhoi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:50 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 158609\r\nserver: cloudflare\r\nvary: accept-encoding\r\nx-oss-request-id: 6981504701FB55363140E597\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\netag: \"7BD9C5B3CB1E536C88432B3E90741AB6\"\r\nlast-modified: Wed, 26 Nov 2025 10:45:11 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17754722180381287024\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\ncontent-md5: e9nFs8seU2yIQys+kHQatg==\r\nx-oss-server-time: 23\r\nvia: ens-cache3.l2de4[29,29,200-0,M], ens-cache24.l2de4[31,0], ens-cache7.se3[0,0,200-0,H], ens-cache24.se3[2,0]\r\nage: 1572315\r\nali-swift-global-savetime: 1770082375\r\nx-cache: HIT TCP_HIT dirn:12:539726777\r\nx-swift-savetime: Tue, 03 Feb 2026 01:32:55 GMT\r\nx-swift-cachetime: 93312000\r\ntiming-allow-origin: *\r\neagleid: 9b66d7ac17713281956942034e\r\ncf-polished: webp_bigger\r\npriority: u=1;i=?0,cf-chb=(261;u=3;i=?0 9882;u=5;i=?0 91087;u=6;i=?0)\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-bgj: h2pri,imgq:100\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\ncf-ray: 9d8aef80bfe4349b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":158609,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x536, components 3","md5":"f7b5b76b1a786551358d64820105705a","sha1":"ee99ad51e386f67c9428b2bb19bba9f0ada20c79","sha256":"5925925f9698b3d4ae88e5818a64079b3f68d58b697b5df8980703c67def41b6","sha512":"eccedc26ef7d299244fefdb3e7d9c22149858232de7be9b984e950e89172dcc0d0db65362786fd552871d0ce4b48fcddb4c389d32dc7d66c5a4f565af25931d4","ssdeep":"3072:SMgpKZr0qElKmfGQbCRoIe5uYuEgTcziVF4s7V92/Cr07e1e8hOT:SJMZrhEllNOc5LgTc2/7VA7e1e8hOT","tlshash":"67f31200cd6ec167ddfab74ba04daebc6f0540125dd9f0d1aad88f25a780984379af78","first_seen":"2026-01-30T02:51:36.663401Z","last_seen":"2026-03-07T16:22:29.54547Z","times_seen":2,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":-1,"dns":212,"connect":34,"send":0,"wait":39,"receive":50,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/cn/home/web/template/106vip47_wtpl/css/reset.css","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /cn/home/web/template/106vip47_wtpl/css/reset.css HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html\r\nCookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/css\r\ncontent-length: 1779\r\nlast-modified: Wed, 31 Aug 2022 08:25:59 GMT\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1779,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"49cbca676ac9d04effdf66e54cd6ce96","sha1":"6bcff68e325d8f8b0b2a4ab620cb2b94a1f7cb48","sha256":"ef58ab6f95596225739814afbf03cbf698edf778b9f5ac7e37fd9282f627d44f","sha512":"59ed87f082cf89ee32998c1e011238c726eaa252818eb9d00e5957ca49f5c85aa11a8c3382fc247a16a2f6a4e30901459d5acc9f0307b108f3fa6a5a8e04c3b4","ssdeep":"","tlshash":"4331625b42226390c433ce781f77651ced0391239e834199399e9050dffbb0f81a1ba9","first_seen":"2025-08-25T06:56:27.695724Z","last_seen":"2026-04-04T04:00:03.86578Z","times_seen":279,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251128-1/22684483b7f592f8d9c8409e9add3f78.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251128-1/22684483b7f592f8d9c8409e9add3f78.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 123027\r\nlast-modified: Fri, 28 Nov 2025 01:55:15 GMT\r\nvary: Accept-Encoding\r\netag: \"69290103-1e093\"\r\nexpires: Sat, 28 Mar 2026 17:59:14 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 771757\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":123027,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", baseline, precision 8, 800x538, components 3","md5":"0d9c28892aade950fe1270ff3fbeeda8","sha1":"f282087c3ae557cbc4425c428827c84a44acb59f","sha256":"28d54cfc39b47750176d8978d3ac873808183ab8fd0870625f51ad896e531ba1","sha512":"1769928ec7b81aac15a43a1feded07f3d2319ad9c60eeaab5d77396c51efe980172d304e3dc9d27a1ae26cfbf0c5be88fe006972cb2221993b47ddbfa045ccb4","ssdeep":"3072:lpwK9t6NCt4DT0TS9lZCfxVs4ySTlVYQJKJfNzCaYw/dg1O9F0EsI:gG84gTv3wfPYEKJ1GaS1oYI","tlshash":"39c31241f132909f240de8d929bbf6ba101d52e1b67ddaff1c5537bc28b6f291161212","first_seen":"2026-03-07T16:22:29.54877Z","last_seen":"2026-03-07T16:22:29.54877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1058,"timings":{"blocked":490,"dns":0,"connect":0,"send":0,"wait":259,"receive":309,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg1.com:3519/upload/vod/20251116-1/dc054e837bab7dc005d6574815f17071.jpg","fqdn":"sbzytpimg1.com","domain":"sbzytpimg1.com","tld":"com"},"ip":{"addr":"23.140.204.25","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251116-1/dc054e837bab7dc005d6574815f17071.jpg HTTP/1.1\r\nHost: sbzytpimg1.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 148675\r\nlast-modified: Sun, 16 Nov 2025 04:07:49 GMT\r\nvary: Accept-Encoding\r\netag: \"69194e15-244c3\"\r\nexpires: Sat, 28 Mar 2026 17:35:24 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 773187\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":148675,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3","md5":"875fc71788e502a9361768ed01d54b99","sha1":"afb3324b75845964186bc73c10c64353f8ed014a","sha256":"6bed491c3300440266e0c92401f2e1b19366183b87ea38fc9680b2caab1d6464","sha512":"a8832b89438ca501468092225d13dbd8ae5ea73bdab6e559f60a75f0b0f794ba961bd5998477fd04e69da8ea8335a69c0c1c111cd311c4cfbeb34b9f09a17aff","ssdeep":"3072:cyP5F4IEpZELzDAlU5LKskUbHXyYmTp/vDHN0swRq+r959oR:cyPbZqU5+sLHXfmTp/vUvB/oR","tlshash":"b1e3239edc418440f1bda0b3368db1bb21ec9c80f562865de1b2d5cc8c9ab813589bb7","first_seen":"2025-05-17T06:18:39.3208Z","last_seen":"2026-03-07T16:22:29.551286Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1247,"timings":{"blocked":-1,"dns":218,"connect":155,"send":0,"wait":158,"receive":84,"ssl":623},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pg888.12img707989.com:5658/8888/pg507/pg120.gif","fqdn":"pg888.12img707989.com","domain":"12img707989.com","tld":"com"},"ip":{"addr":"205.198.65.15","port":5658,"asn":138997,"as":"Eons Data Communications Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pg888.12img707989.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Feb 2026 04:24:03 GMT","end":"Sun, 17 May 2026 04:24:02 GMT"},"fingerprint":{"sha1":"A2:78:04:63:2B:CA:BE:C2:FB:3F:31:EE:5D:22:4F:D0:20:B7:2D:A4","sha256":"D3:2A:FB:29:36:10:8B:B7:D5:60:5A:68:5E:02:82:D8:14:1F:89:6A:00:EA:73:6D:19:85:46:E9:F3:1A:D2:F1"}}},"request":{"raw":"GET /8888/pg507/pg120.gif HTTP/1.1\r\nHost: pg888.12img707989.com:5658\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:54 GMT\r\ncontent-type: image/gif\r\ncontent-length: 732135\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Mon, 05 May 2025 10:11:05 GMT\r\netag: \"68188eb9-b2be7\"\r\nexpires: Mon, 06 Apr 2026 05:15:40 GMT\r\ncache-control: max-age=2592000\r\nserver: nginx\r\nx-cache-status: HIT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1728000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":732135,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 960 x 120","md5":"d812f0151d7042065067e76fe039facc","sha1":"a48f9c692fa3916903db45819d4050f52d747a33","sha256":"849c1d8c67e9a3151b4a14d3b70e23e4abc3649dcac2e397587afedc70dcf25e","sha512":"a082dff74f4a12e121b6f185ba58d228399af7fa6f50df9d8a891c42d01724d7381842985926980c2e35d1f4b352ff7b425000682f6bdbb0038153d9893ff43f","ssdeep":"12288:RzuTwzuTwzuTwzuTFs9yJuVwrVwrVwrVwrV5eGrQSoSoSoSKDu4OVDu4OVDu4OVQ:RuTeuTeuTeuTFw1WrWrWrWrjeGkSoSoV","tlshash":"43f42339d14794a6938b0a7b9f1411a46305de26a7f220398327f987bc46793ffdb80d","first_seen":"2025-11-21T00:36:15.392801Z","last_seen":"2026-04-04T15:25:57.438535Z","times_seen":7865,"resource_available":false,"data":null}},"time_used":3233,"timings":{"blocked":11,"dns":891,"connect":265,"send":0,"wait":265,"receive":1527,"ssl":274},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2026tu.myxuanxuan.com/mt2026-8qssd0z7qb","fqdn":"2026tu.myxuanxuan.com","domain":"myxuanxuan.com","tld":"com"},"ip":{"addr":"101.33.21.239","port":443,"asn":139341,"as":"ACE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:52.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2026tu.myxuanxuan.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 18 Jan 2026 00:00:00 GMT","end":"Mon, 18 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"89:A5:51:BC:5F:09:A7:47:86:8A:45:EC:EE:78:46:C6:17:A3:08:CD","sha256":"02:BE:A0:16:7A:20:13:EB:60:A2:1D:D0:AF:87:4C:A4:41:0C:07:C7:1A:35:F8:CA:F3:EC:E7:F0:21:5F:15:C7"}}},"request":{"raw":"GET /mt2026-8qssd0z7qb HTTP/1.1\r\nHost: 2026tu.myxuanxuan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 16:21:42 GMT\r\ncontent-type: text/html\r\nlocation: https://img.alicdn.com/imgextra/i3/2215209493335/O1CN010JTbhN1aVU01WrBDj_!!2215209493335-1-chatting.gif\r\ncontent-length: 138\r\nx-nws-log-uuid: 2388721992504440969\r\nx-cache-lookup: Cache Miss\r\nstrict-transport-security: max-age=1;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":643569,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":2687,"timings":{"blocked":43,"dns":1870,"connect":155,"send":0,"wait":370,"receive":1,"ssl":248},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mdutpianzxusifas.com/20260124/CzXlTnw4/1.jpg","fqdn":"mdutpianzxusifas.com","domain":"mdutpianzxusifas.com","tld":"com"},"ip":{"addr":"45.204.71.19","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mdutpianzxusifas.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Fri, 23 Jan 2026 04:22:04 GMT","end":"Mon, 22 Feb 2027 04:22:03 GMT"},"fingerprint":{"sha1":"0C:0F:B5:39:4E:9F:14:52:C6:13:ED:51:DA:BC:60:F9:A9:02:07:52","sha256":"47:E6:A6:2C:F3:49:DF:7D:BF:1F:21:4F:B2:5B:90:3E:54:BD:B2:CA:05:AF:04:F5:37:FE:F4:FD:FC:93:D9:8E"}}},"request":{"raw":"GET /20260124/CzXlTnw4/1.jpg HTTP/1.1\r\nHost: mdutpianzxusifas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 07 Mar 2026 16:21:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 145926\r\nlast-modified: Sat, 24 Jan 2026 04:34:37 GMT\r\netag: \"69744bdd-23a06\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=15768000\r\ncache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":145926,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x720, components 3","md5":"af03c2050bb6db9f8f632298a720e894","sha1":"d886d91c7921c4620ac5bf969ab915b79f13975a","sha256":"780573280e428eaad2e4fd44be3c92b58d31878e1fcc8dfd076bc02fa46e717c","sha512":"9164683d100cac943a31e4a40173eab76ba4a9b37ff13cf4ef970d70c184e9aa44b664a0ca56fee8177b27f6321e170518050ed7b13cf94a14ee565b9990beb0","ssdeep":"3072:3+fPtK3/CTug9pL5+SVkBnc+ScgTdi6f+Xlgp2nWr8ZblLb:iloa9p1+/FUi6f+X+TObV","tlshash":"c1e30271305346b8f8a8556321a697c09f691efa4fc68f97711dc3136ae84ba37ce04e","first_seen":"2026-01-29T08:00:15.925365Z","last_seen":"2026-03-07T16:22:29.55421Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2147,"timings":{"blocked":-1,"dns":208,"connect":174,"send":0,"wait":308,"receive":341,"ssl":1103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","fqdn":"ajt.ywbd9.monster","domain":"ywbd9.monster","tld":"monster"},"ip":{"addr":"154.26.178.150","port":443,"asn":906,"as":"DMIT","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T16:21:49.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ywbd9.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 05:52:07 GMT","end":"Sun, 24 May 2026 05:52:06 GMT"},"fingerprint":{"sha1":"ED:33:B9:02:A2:14:E4:17:0D:06:B1:63:AF:FC:C9:0F:46:FC:60:69","sha256":"08:85:25:C2:C2:DF:80:60:EC:7E:B3:31:1D:01:48:46:01:A8:1B:0D:06:A8:59:FE:AB:76:41:31:3D:72:8F:8F"}}},"request":{"raw":"GET /s/%E7%88%B6%E4%BA%B2.html HTTP/1.1\r\nHost: ajt.ywbd9.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: https://www.xzylm.com\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: Deny\r\nset-cookie: PHPSESSID=89mahpt2i8mbsd0412r4d7vl1n; path=/\r\ncache-control: public, max-age=3600\r\ncontent-encoding: gzip\r\nvia: http/1.1 traffic_server (https://www.xzylm.com [cMsSf ])\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":74835,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (46506), with no line terminators","md5":"d680288f58f3e1f8ce5d0c40f0c6091c","sha1":"04e56f7347599324e6d217300f73cf0099f11d47","sha256":"b548ac7daffb253785848d22e69f57fe3eaca34507df49de42586cb017d129b2","sha512":"0e8b61bd6123150babf82e482fa5d2bfd8f46a642db2d89ba6ebff8c80a1bd91ee1fc97f035cc92c63e2aec595f19f8f58fbedba4a911e835f37c00b6b661da4","ssdeep":"1536:27Tw9nVV6YCap2f3tM39V0G1J8MyrtWO4:+TUG3u39V0gJ8MyrcO4","tlshash":"c773c67202892a2b670b45cca7747b1db1960b5fced38c01a3f9a7d2e745ffa890544b","first_seen":"2026-03-07T16:22:29.556399Z","last_seen":"2026-03-07T16:22:29.556399Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1058,"timings":{"blocked":373,"dns":54,"connect":154,"send":0,"wait":312,"receive":0,"ssl":163},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-07","alert":"Sinkholed","trigger":"ajt.ywbd9.monster","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sbzytpimg3.com:3519/upload/vod/20251231-1/1a5fd864b9860f580ec8d6919c4fa390.jpg","fqdn":"sbzytpimg3.com","domain":"sbzytpimg3.com","tld":"com"},"ip":{"addr":"23.140.204.1","port":3519,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lsbzytp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 06:45:41 GMT","end":"Tue, 07 Apr 2026 06:45:40 GMT"},"fingerprint":{"sha1":"24:EE:DC:F7:EE:6C:8B:F2:D7:A7:47:AF:3D:3B:39:9D:47:5D:53:36","sha256":"54:03:9D:34:96:92:AA:2F:D0:AD:0C:8A:AC:C6:19:4F:10:08:DB:A2:A2:42:2C:8D:46:1C:C8:08:3A:FE:3E:E9"}}},"request":{"raw":"GET /upload/vod/20251231-1/1a5fd864b9860f580ec8d6919c4fa390.jpg HTTP/1.1\r\nHost: sbzytpimg3.com:3519\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 07 Mar 2026 16:21:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 499383\r\nlast-modified: Wed, 31 Dec 2025 02:54:59 GMT\r\nvary: Accept-Encoding\r\netag: \"69549083-79eb7\"\r\nexpires: Sat, 28 Mar 2026 17:50:28 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 772283\r\ncache-status: HIT\r\nserver: HyperCDN\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":499383,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3","md5":"211859b50c3845456d8a44b4cb9086bf","sha1":"2de13d8e2741ea0e81d6bb85d27f4cbd19a39c03","sha256":"75a37b9b13e3b7ebe43e8ab301305864a73a2fd148a07bb9304338efb98b59eb","sha512":"d00511393c193d1c7c796de74d393383de0f501cfe0537fbff4ecea029446683ab5a8e639b1b5426b996a1adfe08fdb8a63f71b3f1238c222fa0506338a5ad34","ssdeep":"12288:80mop1yJKKxI/0+WbDxFpDl7bOeX7GxbLneg:8T6tBHWbPpDl7T2R","tlshash":"c9b42310e1e8826ae5f023a50381e2fde459f312668fedde5971b58ddb01918d8f8b9c","first_seen":"2025-08-22T10:55:25.037868Z","last_seen":"2026-03-07T16:22:29.557936Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1909,"timings":{"blocked":-1,"dns":108,"connect":182,"send":0,"wait":496,"receive":694,"ssl":385},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.souavimg.com/upload/vod/20251128-1/79792b4ef691da23202ad847bf886dc6.jpg","fqdn":"img1.souavimg.com","domain":"souavimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ajt.ywbd9.monster/s/%E7%88%B6%E4%BA%B2.html","date":"2026-03-07T16:21:50.511Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20251128-1/79792b4ef691da23202ad847bf886dc6.jpg HTTP/1.1\r\nHost: img1.souavimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ajt.ywbd9.monster/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}