{"report_id":"08b63c4d-48bc-4f37-a523-7c0f526bcaf2","version":6,"status":"done","tags":[],"date":"2026-01-06T14:02:33Z","url":{"schema":"http","addr":"tksn55.cyou","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.229.112.7","port":0,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"tksn55.cyou/#/index","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"title":"TK-SHOP","dom":{"size":145929,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (42817)","md5":"396b1fd96febdcdf89199306900e7dd6","sha1":"a523a5da45110e21865d491b421f6b8764873e55","sha256":"6b5b389ab77f8f212d28d6799e7768897e499f2cffbd96839954e443ce4d68db","sha512":"a0d8bd82ba16b64bfc5cd50d75a7321ed6912f053a8db0fb01d9be461696626d4da59eaf059b809f370f9efac9b11c5829420bd773ad614bee6c3cb35a5be207","ssdeep":"1536:P/SmaCKWje1eMMzVIxpOMZMiO/7/NEWylxkv3lD/ClA1KZ0SPIJsQTiYnOjDdDVK:imaroMYVCFOiYNEWyrWRhUQP/","tlshash":"57e3a671ca6a313b02274de8b0705b1fbae3831dda974a0167fc678d5febc94ea05485","dom_hash":"domhash4fba98a25e6c5eed2e24c65d096e1d61","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tksn55.cyou","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.229.112.7","port":0,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T14:02:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"tksn55.cyou","ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"domain_registered":"2026-01-05","domain_rank":0,"first_seen":"2026-01-06T14:02:38.845301Z","last_seen":"2026-01-06T14:02:38.845301Z","alert_count":712,"request_count":119,"received_data":6900216,"sent_data":50602,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"imgtest1.s3.amazonaws.com","ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2019-08-25T08:51:32Z","last_seen":"2026-01-02T22:47:08.14938Z","alert_count":0,"request_count":29,"received_data":2527786,"sent_data":13224,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"mall-test.s3.amazonaws.com","ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2024-08-11T22:28:16Z","last_seen":"2026-01-02T22:47:07.738553Z","alert_count":0,"request_count":37,"received_data":3522241,"sent_data":16822,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tksn55.cyou/js/app.a407259e.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"db1e23a239f8f86e20d093f1c15da10f","sha1":"e8151022672f2cacd69f64449176d762780b97a6","sha256":"1379475043629eed0d83634ab38608cc7dd68ccfa8df63a065504d5b64cc7635","sha512":"0cb2a3050a854f361655c27df0fb3f5fc72f098ff8bcb24995e61e9378b0403cc32803e6b4e4b84dbeee1f7ceda5ee3b631c3cde1e123d44fe5c9e346ff7c302","ssdeep":"24576:/WO7Tb8OVuhrWMU9JKPJttLz29HxNUCOE3Nkxp5R+4t69uE9s1B9Lfbzxg7BuiVH:+O7Tb8OVuhrWMU98PXtm9Hb59dWf+83w","tlshash":"a6658eef67da77fc08545646a04f397421981cbafb96f4e008edf61922e9e40c213f69","size":1449434,"data":"","first_seen":"2025-11-12T04:02:16.167779Z","last_seen":"2026-01-14T11:25:19.963413Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/vendors~app.8e05cb39.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd7a4100a9bd34f7c747bd49f96abfd2","sha1":"bf459966c599ba941291bec11c00954c2beacd00","sha256":"da0723cce3cbb085e0b6194faa6f56d6b616763910717952e7d43baf6da1d0a1","sha512":"c891cd1df4c5bb994eaef7f06df2bfe9ccb0fc788d43085343e23f3b0dfa7be2947f5e4c1b8c1b4dba664d22e435d82b2cabb418535332f86951e6ead151fc20","ssdeep":"49152:wYdFtD3TKKTiIdSzkQGbJU1/8Ra2UsVENocQKDBWh9ZBqUt0U1kQxA:BdzzW8QGFU1P2rIojKg9GY0D4A","tlshash":"bef5b35c364af340915ad0e7e43b3c49d26ae189a40b10d07f7187f31eb574ae7aee26","size":3584489,"data":"","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-01-28T12:30:45.109444Z","times_seen":239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-a19b6e94.079673fe.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcbb85b3450703136ce7785bf868c298","sha1":"b009c8a44c2dde5a7a93c9db4bc4f1a65aff1ef7","sha256":"b5f108e96a3b4d79d5b3fe20ccf76b40ad8bb5079465c1458cb47ac45afc9741","sha512":"a1003c66b3df5198bf2a70219ebd42d200a98ef7b7e746d9af7c4dac489256e9b22b9b4d6eac98fdf9ae00bc4caa4eda2996dbd38bfc629ce82fb2fb7ece5819","ssdeep":"384:GNsnfX898V8ftwCaMsH0NbdGoalA+QbHz/jvMsgWvzsyUqG8V:LM9zsHgbdGKT/AsEy/V","tlshash":"efe2f94ba4c26c7d899a6159241b1258f8323f86e042c8d6b63cfde4d1b9e34772f76c","size":33174,"data":"","first_seen":"2025-08-19T13:02:14.834267Z","last_seen":"2026-01-14T11:25:19.887905Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-971b8156.f79c8552.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"23e303e1d457ded5c19fb3400a22b026","sha1":"252ee41d519536f951e581e385b134c44d17d148","sha256":"817dd349f3cd067b90ec0a1357b16f6485467350f8e4c3c77dee13591d00ff16","sha512":"95ebd0fe0352e0da1b21d23d54c3313ef8a1597a7b583484a7613b8091017f3aa4734bf841435d29decfbfcb8c521a7b62801ed47f9c945e0230a590cfba3ff0","ssdeep":"192:NzCjfAcMsHRpMu7mWKD12R+YEX+WzU9MuMOO0L5xq/cictjAfNeNF/BPsGCS:sfNMsHRp3Q19X+WzU9MKdmmvPJ","tlshash":"e45285e6c470a4bd495a82b22055f1e0fb643a1cd106554efa7cec9b72dd424332e77e","size":13663,"data":"","first_seen":"2025-08-19T13:02:14.744046Z","last_seen":"2026-01-14T11:25:19.931574Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-c6fa1bbc.badabe5f.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-c6fa1bbc.badabe5f.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"6412-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:56 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1576\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6412,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6412), with no line terminators","md5":"0633ee4661855b6bbe621c11916c84cc","sha1":"4c0a2a81e69522697b1cbaa7338158639c4aa12c","sha256":"fac6b26cf761221c13291fbb469530d8d6caecfc22f09faa1a9e562bf15ad127","sha512":"b2441da78e3cf4a5c847805eac6921d852bd2f17db15b012485357a438eb0d41d84c853e8ca0784803fefd8a7315d0426b19bc78f310cb23ca2a9818fa232830","ssdeep":"96:+jWBPlmQKmYqqxrnY1vfqQrFvniDypkpNhD93JlyIqdUPY8:+jGPlmQKd1b8vfqQZiepkpNhh+IqdUg8","tlshash":"90d161b2b5b5426a7d3fe3b822d4e4ac75049551e8629be6fed4d028cbc2ff35410b08","first_seen":"2024-02-11T04:26:50Z","last_seen":"2026-06-06T14:40:04.50503Z","times_seen":5236,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2849664a.990ac09b.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2849664a.990ac09b.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"1167-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 525\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1167,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1159), with no line terminators","md5":"b15da3341464c474461de10ba86ff2ae","sha1":"059c1f2029f11758cbb041b8f5b4809e0bf5f7ef","sha256":"6b7a9cc33b19530c25417c00df2ede3cb7ba2bc2bb8ab9f561294340d20e3afd","sha512":"7e477932397b6b90c07d566f908e14f1d66b57f6281e3bfea429e8880693ee9ab64e9567098002b3ebbdf9518493723dd1397eed218a0627fbbf36d925b61e35","ssdeep":"","tlshash":"cd21211360a2784d586e6040210e2034f4f09ce64c0bece1a3b8c8f6d2b2d9a3a6f27d","first_seen":"2025-08-19T13:02:14.848686Z","last_seen":"2026-01-14T11:25:19.882672Z","times_seen":59,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2b19c21c.3cdbfe7a.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2b19c21c.3cdbfe7a.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"8037-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8037,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8013), with no line terminators","md5":"5d6937ecb56d67abf9effeb465229820","sha1":"0e272ef2837d408fd02803dfa0f19c8f2536b2c8","sha256":"c87812af9378d38e37213223f01ab1a728c21607884ca97a7869995b31035b78","sha512":"46687dd5f6b081f050f98eae51e2b39491d16e254db3969118517d72c6ef5b9a65e85241aa0176bb6eec2a0a3977d8250f8e24d41bd2c0d527e6bd00c5501b3e","ssdeep":"96:rfx+E6Ee08/8dv73tO2y5/Ifv6EEIRbWVu0aAfHZsALbYiG++T2GZG0/McEaeUU3:1w//w73UlIfySAVraEGgr1b7","tlshash":"11f10a4a90036868cf5e508160297e34f4b53ed1b912d8caf7bcccf89199aa5334e67d","first_seen":"2025-02-23T06:52:24.634721Z","last_seen":"2026-01-28T12:30:44.94728Z","times_seen":134,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/f638f5c6-610e-4035-8a7d-1b49bd18a6ea.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/f638f5c6-610e-4035-8a7d-1b49bd18a6ea.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: c8/7MmwYlZsRY4RXxkcjrT3k5Epwrvc8myzlhoeuMIvtes6O07z0ZMrFEAZuXdzUHmuXSPPYoAaaB8RdQiAEfdtbuHCSLoVj\r\nx-amz-request-id: QPDSKMBC7W3HAF3F\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"b367a1a2939abed5721ba1cf5fd272ac\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 43151\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":43151,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"b367a1a2939abed5721ba1cf5fd272ac","sha1":"14494a7fe1017a29f9fed7421f7d652257490203","sha256":"46d322495677c8a7c5394e265b4ff29491e138ca470aa1ca2d8abf364db9cd21","sha512":"2952940e26d548ef1b5caaff6ed0f6226a5fe3333be792544289621e428353943df8b2c80303329041e0b0308b6fd4961d0805110e5d74bf4bfd3808f3c71117","ssdeep":"768:GAnBvnXpOznCDoX5cNyXgGjFLhpx12yVa6+kZL/4FIpV8xoeKzHMkLFr3:GAnBvZOzCe5cNAgGjFNpb2R+4gixovLF","tlshash":"4b13bf87ad198f936454dbb87f530c396bcc1e1ce8463af910a52ed72f582094caf52a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.324197Z","times_seen":9475,"resource_available":false,"data":null}},"time_used":1684,"timings":{"blocked":774,"dns":0,"connect":0,"send":0,"wait":126,"receive":93,"ssl":691},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/b36d2777-fff7-4cec-b168-5b68c3d256b6.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/b36d2777-fff7-4cec-b168-5b68c3d256b6.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: l1nZr4g65quVDK4hvtItDp9iJRCtygGmphANDdPhIfKXDG6IALX36sgLQs9xTZvuuHaBxnrVKQ8bcNul2ksKOlX6LBdMsdib\r\nx-amz-request-id: QPDSF24RBWETGXBW\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:47:52 GMT\r\nETag: \"2cc7debe43917ab58c294485e5c478d5\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 235022\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":235022,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 981x1500, components 3","md5":"2cc7debe43917ab58c294485e5c478d5","sha1":"1dcb28255d99596d828673da4d474ff999c98905","sha256":"590d7d4cd7f3fa7833565c83bbae73b56e3fc935cfec091c542e28de866d7d5c","sha512":"71f23f15d8d9054cfce9632c25b2f60aa724b043c2a1d3d4e2032123ba89c99e6c404072d0b2baf3ea13240ff17cbb10942be64ebfd0c5499bdcd82f8eefe381","ssdeep":"6144:kPr1Ds5uJHQbwgOYbprdGn0CUmmqtHFCmH:21DDJHQsgR9pw0CUmFCmH","tlshash":"3134239d3608364dc7685bba017bba565e6cf58048cb7bfa197f3e07199311e61e2430","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.489925Z","times_seen":7586,"resource_available":false,"data":null}},"time_used":998,"timings":{"blocked":746,"dns":0,"connect":0,"send":0,"wait":137,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-50d79b30.0f594967.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-50d79b30.0f594967.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"2488-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 648\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2488,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2488), with no line terminators","md5":"4890366680b9e8d4c468a8489db5d4ac","sha1":"d23b2634a28b365388c81e06d4489149c75500a7","sha256":"0b9eaa9bf0012af1f82493c9cf550761f87f87c3a793be2c3c5484aa44cab4ba","sha512":"98d5ae88c2f3052aab4a1139d61329c29395cb24e33e9cb8313ecf136874191df1c32ee68db83dc7d28029a49c8a0c25cd49f02e27e4c6fdb368628d782af404","ssdeep":"","tlshash":"235158712490297457fefa2a9c8676ab3103fd93e61150cd7847871e8cdafd228e1768","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.501354Z","times_seen":2074,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-574f8736.062468f8.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-574f8736.062468f8.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"6662-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2407\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6560), with no line terminators","md5":"6827f8cbcee001e0b5387c9acd526284","sha1":"dff077126ee70906ddfc2eb89b479d0daacb9c0f","sha256":"04607b26777138d40de946359b4d4cb887950f6bf623de5230d697194637e1d2","sha512":"fa8f3dcf3984c613461c8d0748a1a381ae3c01b8b7955c6e149c56d2b75b3235e56f28dbef8ac6d8ccd7601e6cab0bcc8d9c4bdbe94683a4d06885bf3335c23a","ssdeep":"96:toVtr/FXo3c1tx+9eXygLnWpcqkIGm6ZriCvWRZr/JGbmA:KBo3go9otWj5KOHGf","tlshash":"3cd1c8156247f55d0d6786a0304a3520b0683f98640da49abbb4dff976e4c18337efbe","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-06-03T23:39:34.517282Z","times_seen":3400,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-63e99590.702f00e6.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-63e99590.702f00e6.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"28208-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28208,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28207), with no line terminators","md5":"c23b605637ce6bea71d84c52af1ab725","sha1":"6f8679b0c3e560d6fde90a3cd5f5e754fc87e11d","sha256":"5e2fb83cd78a00e0453089984c9e55c4e1ed1caadb39b375de761505cd092794","sha512":"75fa5ce222a972a0b4053229ccda15fa52307d1a2aa5654aed6b1558638ea6c6d985ca875119953032db8856eeaa4b3135adf1f8a2b5e645eb150f935e6f560f","ssdeep":"384:X+FRWYEE/RkdoyDs8GA+CxQBvCLTmAAYv60Lrd9oiX3l4qZHhI1/sr:ODhRSSDnrBKLn60L1XTBYW","tlshash":"8cc208dc34e1f0ad42e334e0009ba847b2775a2aa40c5c61e352d4d87876e9ed77bf69","first_seen":"2024-08-20T04:39:05.331754Z","last_seen":"2026-01-28T12:30:44.954239Z","times_seen":168,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 77\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"87f201052e0dc6c3b8a4a53b83bf44b5","sha1":"f6b152fa79c655449e9e938e4417a5676a2e06da","sha256":"fb522b0841e80aac3e1cb4fe0f613ae4bfd87fcbe1c03d0137e5c10fbdb86cf4","sha512":"8f854611a22d0fe5ab058bb7ae25c79e995dcc20396f0e64e68aea6662f71cd4144e3378ca1d648d4e3785d96bdb9522864359c14da34c69bbcbceb0bd412777","ssdeep":"","tlshash":"8aa00200146d582b0ca364896c6d39548a5e615348d09f246f99a66440de56d1004429","first_seen":"2023-12-01T19:12:11Z","last_seen":"2026-06-06T14:40:04.29656Z","times_seen":6120,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-11-01/b1365176-2126-4b52-893a-d823ba7fa752.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-11-01/b1365176-2126-4b52-893a-d823ba7fa752.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: FBI7y2gGDefauVkqnBzy1csONKlhy/Rf1xKbLEyvXamS0R0wEnhhMGsOTehhQ7GJrNVoqylayt2/PLrXCDfz1vD+RMFzoahq\r\nx-amz-request-id: QPDYQ9MV2YVZVXNR\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:36 GMT\r\nETag: \"57fc8f526d4275ea03d2bdbdc5576892\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 170933\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":170933,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"57fc8f526d4275ea03d2bdbdc5576892","sha1":"648d7e45b5f40cefb1d18bb9c726fa2194627313","sha256":"5b08dd67e7ff0eb29804f686a825a0607fcfad5e509780a30adfea265bc26d6d","sha512":"046bbf2c489dd817458bb078c2a21eee87949f983e0924087800414acb782c41e1e777873e9bf43ad90c456a764044b9a142646b88ca61a2589c90e0a31b860b","ssdeep":"3072:uZZZCa4TScGLIk8FhGOovWdjezklGcjjltrXy2zm423z7LOOCAr:u3knH9GOusjezklGGltri2zm3fLNr","tlshash":"a1f31238ed7ef755a4fad15f910cada0a0f877204832a5813e37d7d437c98a192eb249","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.309449Z","times_seen":2454,"resource_available":false,"data":null}},"time_used":1398,"timings":{"blocked":1243,"dns":0,"connect":0,"send":0,"wait":123,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B0842PRXT6/61tbbK8RkHL._AC_SL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B0842PRXT6/61tbbK8RkHL._AC_SL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: grMW5wZTnv7RgVvsDKOYmTCXShS5IQfaTJ7ksQ/KmP38ycTs+sl9pP72zj0nE7o8pELbJioPklw=\r\nx-amz-request-id: QPDYJHTRBW0F76PE\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 02:59:56 GMT\r\nETag: \"63e2fd337fbf2929ce3fe246e90ba31a\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 2fb50a8c3ba54fbd84dc3342532f989e76ca7540832b7c4931d8ca33db55213c\r\nx-amz-meta-s3b-last-modified: 20231026T124629Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 75594\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":75594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x687, components 3","md5":"63e2fd337fbf2929ce3fe246e90ba31a","sha1":"bf2750fce56ef9ad51e4a5d8a50abdc336c058c3","sha256":"2fb50a8c3ba54fbd84dc3342532f989e76ca7540832b7c4931d8ca33db55213c","sha512":"64a18a9024eba918294bf2bc6d7ba454fe08f1f1ce6dccf2b30f08dc6d2b0a81eb96f47bfbf99e0a74c50180b9c4b0ed4d657a38da176ba2106c81b49b808e01","ssdeep":"1536:Ub+La/D2TkPb7Jg4T9L9KLKTs2ZWvPA8UJIIZcbV2JUwgrDx1Gxz0:FW20Sgsys2YI87jMJUt1+o","tlshash":"867302b3fbb063b5d52498b121054e29bf939a38f8c09ab3a962873734e4ecc58c5595","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.329784Z","times_seen":2210,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":459,"dns":0,"connect":0,"send":0,"wait":112,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right1.57c427fc.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right1.57c427fc.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:15 GMT\r\netag: W/\"4805-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:15 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4805,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"57c427fca0d84bc0a092d9034deed77f","sha1":"e47ba5c89f052526d7eda2aad1a86336b3319aa8","sha256":"913d611036152ecabefb26e4ef79c198a2779ea1e5fca384f6a6b159d0babca6","sha512":"df3edf66df0741f19114843d93cea243ad98efb17a75f4a9d07f7ad80b006b110010eb0feb96f84f6ae57d9e5408096812fc528468f6a7b42c1ead3e8595d171","ssdeep":"96:WhC4SzAFMLFwDLyk6KPTLPwrAO824idlifhcL1qYIwEfRHNRXb9z:EJFMJiOklLLGvG83ELRXF","tlshash":"e3a18e4f67b66c5febba8bbc04184f942512dc1159321f7905a05c195d2fcfad9603d1","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-05-30T03:35:54.915489Z","times_seen":4638,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/f204d4bc-b984-45d8-b4c0-c64cd323a50b.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/f204d4bc-b984-45d8-b4c0-c64cd323a50b.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: CAjFYHSGFfX/krcHZsW0/593kuVLM//RJR6ZWTMo/jSvkFXYGfw6onNCMQH6llLjb0AA5xFHozGXKToqytddC80TCYdZA2kG\r\nx-amz-request-id: QPDQCCT0ASS9ZXZH\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:48:42 GMT\r\nETag: \"eb5830f9537ac75127130551276084ef\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96209\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":96209,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x1500, components 3","md5":"eb5830f9537ac75127130551276084ef","sha1":"79cd82c86181ee69f0202b0817623ed0ddcd9753","sha256":"4c513da923d6affb6789d80dc2193fdec698edf2269ee75adcca490a8104b007","sha512":"267cc959d96d988a6ad817851bd3e5407e41bc18c4a8e8a46179bd78795059e6712136967e43df45ed73723bf5aaa0bbd1163bbf848ef613acb19d2705fbd3a1","ssdeep":"1536:vukkjh8CymhA1P3GeueP0JoPu2cJ6fMjnBMauEQohjoK/9kOLSDCkp:vdkdTIP3wvF9UOMau4OOLSBp","tlshash":"f493120be0874b5ef89f06b843592a17a6fb51dc294b0891f3b68dd08652a50dccf2e7","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.497506Z","times_seen":7047,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":113,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-39fb98b5.8dbf3dd6.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-39fb98b5.8dbf3dd6.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"7084-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7084,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7084), with no line terminators","md5":"0471f7d4229c51672e63f05b4fbb3f36","sha1":"89cc6f253e24fc1efd45b16c235212e5fb0ba72e","sha256":"d22f36a5f8ab1cac5caa44af2382d69262d5d5cf4d4b206eec8ddfa5184b8623","sha512":"b5090770f539ce82b9cd2bca9010611789c973b42ada52663797e7e268c2cd565d10adb5f242f3d802637caef6fb0dca0469f8c3269e38771e80644678ce9982","ssdeep":"96:cWUXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfk:cXz5sbKYxgCtCowY2duLGm7AtmIfkXH","tlshash":"9fe119f7a036e129ba7ba2b930b065e97410e902ecd787e9b244762cc8c35931b5674d","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-30T03:35:54.954321Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-597b172c.b488a9b3.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-597b172c.b488a9b3.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"455-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 455\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":455,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (455), with no line terminators","md5":"349139296c5738f2fbacd031343b6bff","sha1":"db2e6346f94985d180c7081db376465748e60841","sha256":"d7ce0fa60daadd138b9d842897feceaba382258f85832df2680ce83f43f0cf4d","sha512":"066cef44f8abb789338e33e9adfa7983344be69f276be860abeac2f458d3993eb3e6180547d19487e037f186631c9477d0cbe3c907371d9facfea31cbbf86fd0","ssdeep":"","tlshash":"ddf05c562b1a61baf8f3c02f20420aeb7117cb4f531bc07957a2e631c947a8b6f71460","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.480411Z","times_seen":2110,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-b4023030.d99d2f55.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-b4023030.d99d2f55.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"59838-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22428,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (22428), with no line terminators","md5":"7af2a7b5df56f08c09ac7a9af590c6e5","sha1":"1fed2fd70aa450aee6b842b25415f458553ccea7","sha256":"d33d0e06a9f726eec1df1d9a99d8dd57f37b1619795643f4427f5e114c039b47","sha512":"faf4d6ca82523713f99489d423a99261c5646c84540a32e2e2ccf3bab9c563ee3137c316e3779a65989483917602a2c33084ca3fe1c0e51ddacf4cd33fb3dfe2","ssdeep":"384:fYeJaH67t9VS/KD+QTh0QJ1d30yPGjHWq7zlflPMkqvZNa4RjdyMeduN8Au6JXSv:fYUaHA9VYY+kj16yPWHWEtlPMkEa+jQZ","tlshash":"8ba2bfb720aa14c23f6fd7372307f80e5e7981c5947a91c202bcf755d13f964a19a0d8","first_seen":"2026-01-06T05:25:57.644254Z","last_seen":"2026-01-06T18:57:39.274972Z","times_seen":4,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/fd370537-bc59-4d31-a9c8-e7bbfebb9c9f.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/fd370537-bc59-4d31-a9c8-e7bbfebb9c9f.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: tRDIlz47Z5SJ7Sjw4m05l8ABcgyjYCBBq1LetqJP6GnwM7dat94J3PaqTy8xzDcsM02fueLVOqJpgwNFssYxjQIhoZkG9IvO\r\nx-amz-request-id: QPDXNEC2ZC6FN881\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"87706f749b341f09c0d4f313a08fc43e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 29992\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":29992,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"87706f749b341f09c0d4f313a08fc43e","sha1":"1509845938ec37024267488237d11e718cde9f13","sha256":"b7fe2721d939005c3d167ba39f1512ee5ba880a08fe370ab93dab990ff0a914f","sha512":"862ad1c48221a29e8fbeeef1be46b06d77617afd44de9e63598e0f746aa0277ef3c79366454df627aa6c12f465440d729d9157ba768922c90a574439df2d195c","ssdeep":"768:Gv6RenUljXtCiU+uKMHNDBp56HJJg0+Fz7P:GVnUlJFiuJ6FfP","tlshash":"67d2ad27aa50afd7b448d7a2ff030d862fda522c41d439de81d76b436b18b77480d1ad","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.347007Z","times_seen":9858,"resource_available":false,"data":null}},"time_used":836,"timings":{"blocked":720,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/5a905e1d-1756-453e-bc49-baabb5267acb.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/5a905e1d-1756-453e-bc49-baabb5267acb.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: nVzCPIRyaHJYj0oGotY0QBpsZ4TxEt9hlkT6mnmb5c05TWYzJzzT32qYa9mdcxcHEm6FHClAvqU=\r\nx-amz-request-id: VPYFDCG88AGAVTRY\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:42 GMT\r\nETag: \"d65489337eec1ccd7aa3b7d4e85cce6f\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 47706\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":47706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"d65489337eec1ccd7aa3b7d4e85cce6f","sha1":"363ebd6574ea0eef5bd9fa6ea4245988329dbe21","sha256":"9e10a358d6e01dd67c6fb8668c84cf319256fd3e31e95a65fcce29f090c43baa","sha512":"b4854060269a85c9f2f15c2f8c31144f09d1b29b3d68849886ad40ea128e8e3f86ef2546b42e19afe271bf97b66ddb135c3c52027f73ad7dfae5f87786160a23","ssdeep":"768:19SyEOYqddNLA4oD7z2lkXynB4d2ABlYO2yENr38m1BwZX5plmQQctt9QUMRyqQ6:uyfRddNLpNlWyud9lPiAm1+ZhmBA2U6","tlshash":"a32301427fa5aa8bd238af3157c3e749b86f8289d2a61d01f175ac128d41712fd6cad0","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.602933Z","times_seen":7694,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":247,"dns":1,"connect":93,"send":0,"wait":122,"receive":94,"ssl":153},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-3805cfd3.85ee17e2.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-3805cfd3.85ee17e2.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"410-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 410\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":410,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (410), with no line terminators","md5":"fc805b781c89c799b666c4fbc4aeb200","sha1":"fd06224fae1c2c2bde5a18ae89ad003e03d5fef3","sha256":"a69b97003c8dfe86e112829516ab7dd637a12b08508d6cb9049741ea93868576","sha512":"2c06b84040f5df4f5486d754fa36dc5acfd67741c94e929f9c94994c1e7e71898c1fb336dc6be4e8568c2bd0c449b0e34e8f392cee6452d08874382a90856bf6","ssdeep":"","tlshash":"09e0a942010a1e2b2563f42ad0820707b665fb37eb42d2409ee00a080f9b30a38383e6","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.364867Z","times_seen":6986,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-4ad33d1e.e67f7f3e.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-4ad33d1e.e67f7f3e.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"3807-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 921\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3807), with no line terminators","md5":"d5c5cf21c0ac8cf32937fd5577eba50b","sha1":"49b8872bf19a1f9c7f9e78b19497e8b89ca2ccfb","sha256":"4531f24949afa7812c1f59876406ea88233df11ccaa72f9a7f559e55416dcc6d","sha512":"bd7965d44b3c3d8fe1e112a9097b029319ea0eb7bd67e9a52912b44344edf8f28493123a0ac5bfdca0181a551d03990a1ce84044abd3abace820f386e04ba5f8","ssdeep":"","tlshash":"04710e60ba22231f6a72f6fa55c0a1dc370aa21be19345dfdd49c40ec6df3a79174b60","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-06-06T14:40:04.519006Z","times_seen":1117,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-ce9a332e.ff6f7da2.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-ce9a332e.ff6f7da2.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"16198-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:56 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16198), with no line terminators","md5":"75983192dce0b51dec90da3b3fa32d0d","sha1":"3af0ef3661a45772a908035cb9ba9993fe802bea","sha256":"5f7232798bb2b19d1a1f24809955f50507a9e26f87e4de4d0af6babe518e3a65","sha512":"447e300d3c34082f8a828824acbeb6dbd53a9f4464832a6fbe41bcf95b34b6cd358f4a5fc983c65a1e69043c8e77d72e74fdb0041a83409fb54aea6323fa5cde","ssdeep":"384:Ox25s8CkC2caIMX5s8CkC2caIIsncjUdG:Ox25sVGU25sVGUIsncv","tlshash":"86720bf1f530a13eb897647931849ecf7844f909e1f696a6ee84b62dd0c65a3273834c","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-05T08:23:29.891509Z","times_seen":3235,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-3fd6aeb4.9bd37778.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-3fd6aeb4.9bd37778.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"1970-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 917\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1970,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1970), with no line terminators","md5":"762b84b872d67e253b3472fedba3ec2a","sha1":"10c609e9039392cf2201877e19d57f62c6de5f0e","sha256":"ba9f8ca53fb511a5d0324da5cc31f4ba729ae362514c75fa3883400078b175cf","sha512":"1cd7c350f7d4e058aa61ba61ba48afa5a2647149dde30c9b490f9c9dcb4f00304ecd4a2394f957a6686643f4f6342decfa4e3eae991372638ab13f12f36c7969","ssdeep":"","tlshash":"bc4185df54a7fcad9adbb002112a103570623ec244468ca57bf4ce6085d0d545f2e68f","first_seen":"2025-02-23T06:52:24.64518Z","last_seen":"2026-03-07T04:45:22.07928Z","times_seen":183,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-59b3c64c.54f26a2f.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-59b3c64c.54f26a2f.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"15254-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15254,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15224), with no line terminators","md5":"f8f61ca869ccc43a2f1158ba25a25b4f","sha1":"a8d280a3322060e0be4d9902c87a1185335fe138","sha256":"008a0329fd38f787c6a7f5c3bebd2c27e590d641caad9bce03e77902ec03cc1e","sha512":"31c5b1e2dc779fb03a03dbb97127d27006ad517e827c0c32a342c2f043c7accc781c1efffc37fbb86bc5792143d41699f6b7f44f3294328a697519d5b78cf560","ssdeep":"384:bXG2CRkgwJ3INfAKA5kzqXbFk56MoswFR4:bXG2CReIOk5sR4","tlshash":"866219126185b44e9b7641b2316621a171653ac6d40df0abb378edfe32d9c18372fb2f","first_seen":"2025-08-19T13:02:14.827097Z","last_seen":"2026-01-14T03:40:42.912039Z","times_seen":58,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/sellerGoods!recommend_new.action?type=2\u0026pageSize=24\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=2\u0026pageSize=24\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88804,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"5254e145b76d8d3ff857e13fdbc15f6e","sha1":"6d1c59be2e07c2ee4265fdbd6eafcea49859b010","sha256":"ff96b25d631824fd9e21dbd4cad15f519f6ebfa63fe79beb6ec9a20206ec3eb9","sha512":"bddf725b96f0a0f2372472ec81d61d8a8ee906b05ca0489af1493a6a886e48a9ea7489380f688a6077ee21094c604fb53394f46c59c9a2df61fce1020026e9c3","ssdeep":"1536:4DY5XumtOVhyVNG1gxUSZMuwIrZqabpqPHeS/:48Bu4OVcVg1gxUSZxwaZqabpOHeS/","tlshash":"9793f852c7a8926a1e68019844237baea4fdc217ef738f84ed2cde34ae58cf5765504c","first_seen":"2026-01-06T14:01:50.228955Z","last_seen":"2026-01-07T05:50:18.967367Z","times_seen":7,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2e9b19e4.6cf1885b.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2e9b19e4.6cf1885b.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"31879-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31879,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31879), with no line terminators","md5":"5f5853e0a371f0aced8b1f8e9afddb99","sha1":"da096e0f422eb98c12b217aa5c05affabb56d4bb","sha256":"1b4f83895b19a2bb52d96c508faa799061c39e4b3d11fd72354aaa05c99b3dce","sha512":"2acf5427d125d9e5f416054581a9a02105c279ccd432362c849814efcf7d89e2dc97dc38dd8b2b6b035dafe8a738a09c938b23b97aa4bbceef4188182471b390","ssdeep":"768:QuoD5rMaR8Hkzhc0IxQWt0SXuqe4EjeZ2VE2+5z:QukCXQWtFXejeIn+5z","tlshash":"61e22a4f60b5adb8888e2051701962797475ab95f00588d8bbbcceac449cfb4732f77d","first_seen":"2025-08-19T13:02:14.900873Z","last_seen":"2026-01-14T03:40:42.857585Z","times_seen":58,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/vendors~app.8e05cb39.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:10.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/vendors~app.8e05cb39.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"3584489-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:02 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3584489,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14507)","md5":"1755742dc6c51466c1638c324fc826b8","sha1":"d508e81696b4699e59f852e6c76e46563dd38ddd","sha256":"a584d3e3d46add18297a901accdf8bfb53a3fa139c0ce8b1693b4f0a539fd003","sha512":"707db22734890e1cf48763598baa42c2f1d0237e6a991997e40fd492abb74601ae95462d691c70c4898143b3ac91c8d8ae1b3146de88167def4b3b1658f22b8d","ssdeep":"12288:wYdFcGiB1v4ph3AoKIAZdYTornId5rQpauLhrt7kD5ovz1Jy:wYdFtGv+3TKVYTorId5sfbkD5WK","tlshash":"df3519cd7285b42253a371b4407f250bb33a2959680e8458f665e8da7c7da4e633bf3c","first_seen":"2025-07-28T05:37:43.67378Z","last_seen":"2026-01-28T12:30:44.968033Z","times_seen":96,"resource_available":false,"data":null}},"time_used":938,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":938,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-a19b6e94.079673fe.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-a19b6e94.079673fe.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"33174-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33174,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33138), with no line terminators","md5":"dcbb85b3450703136ce7785bf868c298","sha1":"b009c8a44c2dde5a7a93c9db4bc4f1a65aff1ef7","sha256":"b5f108e96a3b4d79d5b3fe20ccf76b40ad8bb5079465c1458cb47ac45afc9741","sha512":"a1003c66b3df5198bf2a70219ebd42d200a98ef7b7e746d9af7c4dac489256e9b22b9b4d6eac98fdf9ae00bc4caa4eda2996dbd38bfc629ce82fb2fb7ece5819","ssdeep":"384:GNsnfX898V8ftwCaMsH0NbdGoalA+QbHz/jvMsgWvzsyUqG8V:LM9zsHgbdGKT/AsEy/V","tlshash":"efe2f94ba4c26c7d899a6159241b1258f8323f86e042c8d6b63cfde4d1b9e34772f76c","first_seen":"2025-08-19T13:02:14.834267Z","last_seen":"2026-01-14T11:25:19.887905Z","times_seen":59,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=1\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=1\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 345\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":865,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c07fd72af1d0908a3b2c004e6739a811","sha1":"0a9865f6f4288d96c44bd456e7061cce4691c88f","sha256":"62b7ab3a9e1d0a68c6a71f88c472f58d08ccb60038ae86a7f678026473bda5d0","sha512":"49d2dbc2446f3020f2f3d7d9a8abd76b4123b9ce16b7ce382dfa6d665e1e2d9aa75cf8b1d98db531befebc354c1ddabaf79d7b8eaf96b9b3dfebb4df2e0315e5","ssdeep":"","tlshash":"9f11cc031f9cd45409987b828cdeb584d27ca61b5de58e0ad89ede0c6a24f7c242d352","first_seen":"2024-09-28T07:38:00.800666Z","last_seen":"2026-05-16T01:41:49.233217Z","times_seen":919,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/category!recommend.action?\u0026pageSize=50\u0026pageNum=1\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/category!recommend.action?\u0026pageSize=50\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 2761\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7436,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"15cf2e2194845cb845a6242d1e92a1c8","sha1":"3eea283cc3f62a05e4bfcfc24fa737ad46e1fa9d","sha256":"b56a175a0b0bcfb7fafd6177cf1e50f94237c84b2f9c5bc94e03587ce0e66436","sha512":"dbd39c888cc697617d38c7a8a87216a9c3933d598ac3a5d13e54cad47952e0b5b9301eb5902dc15b7cb683b66b3bdf4fad0c046f0d5ccd432416b3428cc3aa81","ssdeep":"192:5VyjdzoHaIDsGJTN1o1xzvxVRbQKgDCU70NUbcxhYuI3PnU7xG60gkAxpHPUL4CU:5VmF4DBm1hvPQmU7YTxhKU7s60RAszUN","tlshash":"dde174a9ffe83c6d4b8486d1168725cfe4a0e03b9fd70ec604fdde448aa676a057c164","first_seen":"2025-04-07T11:50:05.984955Z","last_seen":"2026-05-18T15:37:21.058156Z","times_seen":200,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B0BMQ8WCNF/91fTDjI24bL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B0BMQ8WCNF/91fTDjI24bL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: pI/y7ArM1YG32TvT/jBbdECEA7+cllcA1mis4nMGRoyF+Hkg+2ilnAJ2Oxkai5B3AMTfa1P/gbM=\r\nx-amz-request-id: QPDNGN9C0BXPC9XR\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Tue, 21 May 2024 22:38:25 GMT\r\nETag: \"d97df150aeb10281fef09028e4d07108\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 720fe80f1335b908e06827689e13021992f6c937ea3d4677e68ba28730e529c2\r\nx-amz-meta-s3b-last-modified: 20230414T110922Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 414495\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":414495,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1229, components 3","md5":"d97df150aeb10281fef09028e4d07108","sha1":"a7606a2e5b733d842b2af8379dfdbd82c216311b","sha256":"720fe80f1335b908e06827689e13021992f6c937ea3d4677e68ba28730e529c2","sha512":"878e28a4eb570611bf54e4287cb7ff3cf5a039ec4459d4364bb632410fc0e182941f7120f2a9b6852732a68d31748fcebf9a948e656b87eed226b8f9cb4d284a","ssdeep":"12288:S5A9jNzghSx78Ew0WXf/sJStZ50HN2kYH6aXvFhI9:S5+0ynWXnsJYzo2kYTXvTY","tlshash":"db94238d1f8ec82ce01f6db3bc6134d0112d2fd97659dad5dae56f46005e2a49ccf2a8","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.394107Z","times_seen":2390,"resource_available":false,"data":null}},"time_used":685,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":121,"receive":104,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right4.6d5f23ff.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right4.6d5f23ff.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:16 GMT\r\netag: W/\"4704-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:16 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4704,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"6d5f23ff9ecb9724c07b2cd1541269f9","sha1":"5e750c426346b1fc8fb169ce8539ac98a13614b1","sha256":"52e08b3d2f52fb6b3ae31c2df98abd68fcc703e02f2fc21b68743f5f0f254d1c","sha512":"4a3cdf202ec25973c245ca77c96782ec1b6b9402dd6fe9d654dd3696b2929a1f0d2d3ad76d63a40998685fe0debf4ac2b66c742307b7f8a8040e386e64c72eb2","ssdeep":"96:Wh+tAiYHAua4Aqt9u4F3DRBfO18AB/x0qaZIPdwR3ODcpOfxukRbnCRTVMfn:E+tEgBvEwgRyHSIPmR3OD485hn66","tlshash":"43a16e9acffa688fff121f7ab124246975810e026a01aaf344014d7a7927c318743596","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.869006Z","times_seen":4712,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-fe46833a.000e763e.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-fe46833a.000e763e.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"4387-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2406\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4387,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4387), with no line terminators","md5":"fd7b06dacc8ccbe4430d63ca341d373c","sha1":"c248ffbe4f994ed4955f10bd69d39322a2311d1c","sha256":"0d7bced3f7f766d55a6def9e8a42042284e449b247b753e759f5e93f2504e8aa","sha512":"38eea48ef4bc382bb57c7ff72ed672407308a9309001d8784f246010cb76bc2c6cae32bb8f9c6a462538fef2a87fcca68f5e03f91b63e4080f6e4d8371e1324b","ssdeep":"96:J3nACr3IIIIIIIIIIIIIIIpG2Q1Vum9Ix4tvyE7mtNoXE6DEsCtK:+WIIIIIIIIIIIIIIItW9IxOhmtaXvDF","tlshash":"fe918806e9f2d371fa2b1a3f684572102d304fc893aac4456be57efb218447e077b684","first_seen":"2024-07-21T11:22:39Z","last_seen":"2026-05-17T06:37:32.726206Z","times_seen":1249,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 77\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"87f201052e0dc6c3b8a4a53b83bf44b5","sha1":"f6b152fa79c655449e9e938e4417a5676a2e06da","sha256":"fb522b0841e80aac3e1cb4fe0f613ae4bfd87fcbe1c03d0137e5c10fbdb86cf4","sha512":"8f854611a22d0fe5ab058bb7ae25c79e995dcc20396f0e64e68aea6662f71cd4144e3378ca1d648d4e3785d96bdb9522864359c14da34c69bbcbceb0bd412777","ssdeep":"","tlshash":"8aa00200146d582b0ca364896c6d39548a5e615348d09f246f99a66440de56d1004429","first_seen":"2023-12-01T19:12:11Z","last_seen":"2026-06-06T14:40:04.29656Z","times_seen":6120,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-11/c5a63bc0-28ed-4a64-9e72-b58af5897c43.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-11/c5a63bc0-28ed-4a64-9e72-b58af5897c43.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: bu+mneCdo5lciC5FwweKp+JF9DcmVcKCVVueR/sEbGRyPplU2BlzNEcVsupmj0vjbS+K5kMnAT8tUkQV+NSjIAJlmq9NjY/a\r\nx-amz-request-id: QPDY05SMFBS8MB35\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:10 GMT\r\nETag: \"d85cdd88cbe7726f1f354bedbb0e0705\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 113686\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":113686,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1258x1333, components 3","md5":"d85cdd88cbe7726f1f354bedbb0e0705","sha1":"99a01bf50cfb668fd087bf30fb597e44f542c8ad","sha256":"0dd206e3bf18b10a0aef408e1f7576894ea0e4b5a37098b3c13df3ca89622975","sha512":"15a88ef4e0751ba42bd64868162e830d7f7b37661438640dd9104ba9589f2595c531d4124d6f0bff37db1b0e44871eb91cc1f28dfd1f27975858bdb5bbb8d92f","ssdeep":"3072:6NE2h6L9TpBzUbO91POsKx/vQzh9wG3+V9BXEJ:6Nitd1PuxnQd9wsQ92J","tlshash":"43b312cadb8f23d1ed8b8179d60146b2735f27ea167863fa0b616d763a352c110cf458","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.513907Z","times_seen":7618,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":743,"dns":0,"connect":0,"send":0,"wait":111,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-356c00b0.a46b34bf.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-356c00b0.a46b34bf.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"6372-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2973\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6372,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6372), with no line terminators","md5":"786ae01301166ec66d3273a6534cdb39","sha1":"dfe9e880e9f2dd9e86d5afc9697cff84269a3985","sha256":"482be8cb87659ae3634a07f3873cd639b3e6fdb311344f984b53eaeebef035b7","sha512":"ba2f97d0615e004fc4835cab4a721227f698f0820a2e346c2f5408fdc1a9a88aa91f34a7f3e6063c307fd0e364c14dd969af1a96d6166a7308ccd25d831c35bf","ssdeep":"96:N6Mt/NsTVUWfrMSXH6ftqgIldI9OwnZrvVJBCpn2Vn4N/UJjlVsc3YC:NVsOGrMSXH61qgCI9pn5VWj43","tlshash":"3ed11a0bf05278bc895b6294311b2338b7702bd0a040486af73cddbc66d9d68232b77c","first_seen":"2024-07-21T11:22:37Z","last_seen":"2026-05-08T14:37:46.502572Z","times_seen":999,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/e06b455c-8412-4866-b1b3-653027bd1c10.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/e06b455c-8412-4866-b1b3-653027bd1c10.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Kc93+UtCVrSrTQoZY4lIsh4wuTPmuKS5Trc3v9ZUsKHd2+fCwMihPezUM1pZRKviqwkq4ansf2k=\r\nx-amz-request-id: QPDZVJC7YTTWNDD7\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:54:36 GMT\r\nETag: \"c204487a7d3a52dd08d0cb8bd82d4383\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 116417\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":116417,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"c204487a7d3a52dd08d0cb8bd82d4383","sha1":"0d1d0939727c3ce06382233272c124b3e0d023e8","sha256":"522ae93f5824674a9d56c6bd1e7973d5b98b171fbf00cd8e36369a842d416b6e","sha512":"c22785e439d2531161a142ac57571ad5d611562164b20454af4dd5e655c0e36b33d7e3331f77d5d9a7261a70ca92b3f1d5f34bd11eda38aebb5b0af30b1716b4","ssdeep":"1536:Vs2stZYxtS5hzAjXqCSe9lMKHKoyqBxglgPqUN0OWw2axsLUUNIBorXcQxs8ASz1:q2ssmhWXqCSclqoJvOTw2fLTN0EX08VT","tlshash":"8db312936325991bc7ed04734ab352bc6f719903775c5324bb01a42e59399c8ecccb5e","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.478207Z","times_seen":7442,"resource_available":false,"data":null}},"time_used":895,"timings":{"blocked":772,"dns":0,"connect":0,"send":0,"wait":120,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/83ac7d5d-fa38-4678-af79-63b4066ea171.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/83ac7d5d-fa38-4678-af79-63b4066ea171.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: OBy/F85s6AwOsQO+ItGpx3Xn8B+k0NjiuIcAcEzMVEoyPR2JhTcuE2Ea1sI5hRatlNyyYZcEfiM=\r\nx-amz-request-id: QPDWRMN9STSNX0BX\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:51:12 GMT\r\nETag: \"7fac67ccc5152addd1ee354754ded6f8\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 138263\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":138263,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1448, components 3","md5":"7fac67ccc5152addd1ee354754ded6f8","sha1":"76a721dd33cbe5db8b2b88cec77411504ecac3a8","sha256":"793dc1d79d43111b0d0f51a97639335a2e3b9e183fccf7f9977d4ee211f0abab","sha512":"5838f6f3db5cf29c41bea30d3ffa90a3fcb6621bf31b7ced36bfe2a5e7e9b73c1e3ea4704eb410a18d7ff851d63732f9946f8b5731599ec4ca99842cc5b0b944","ssdeep":"3072:/P49i9HHzuA3rNAKsr+2cStuOt/IaQnNuq01y8e6eJwfNNJaJT:/aixukN6Clst/IFNzP0NNJWT","tlshash":"c7d312fd4380ccd9e222a971610f53ace81735f209889d815b6df9a6f6512b4ffc9a12","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.536767Z","times_seen":7551,"resource_available":false,"data":null}},"time_used":883,"timings":{"blocked":766,"dns":0,"connect":0,"send":0,"wait":113,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-2ef5db62.c782d047.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-2ef5db62.c782d047.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"3290-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 896\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3290,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3290), with no line terminators","md5":"2f06748ac3f1235c97a4cb396a1e7a1b","sha1":"4823ff6c0a91a3656eedf994b38bc678ca1b1343","sha256":"7e82833d28b3db83afa9c628fa630038a05c4abcc4f9aff9ce93c2d1e6550f26","sha512":"9a67e6934ef4a0b1f1745f24cb28648c8cc3e7afa73e59a0542aa7dda86a65e4bf320e3ed8ec5494eeff62c4d11fa7adac854c5bd451394374ffa48a841c61da","ssdeep":"","tlshash":"1c61337122295a2e65b7f0ae61c015dc760ca336e792cbffdea1810a8dc93f35130b55","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.318125Z","times_seen":987,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-3581ccc6.f09689d1.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-3581ccc6.f09689d1.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"3625-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 873\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3625), with no line terminators","md5":"f1780f9d45f7658d040c38d25eb705a1","sha1":"b819f324b3d0a8530037bb5474799ad57939ea91","sha256":"67041091f6905c2a4d162ea27c32382a85a0519e0b6c9dd7e3fe9e3a2393597c","sha512":"a7f6365c1ed56e22baa5c02f6e0d5336e10db1e34ebf13d65c0b62ef517c8a7b81498c8e2f5a8be34d1df3a8119fa643a2c8b569d04233da739edad49bdea906","ssdeep":"","tlshash":"d4718a117b2922f8e867805e2b56944d3710f10ba26ec8f7eea0d435cee29123b7459a","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.365877Z","times_seen":1778,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-a9f88638.585206f9.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-a9f88638.585206f9.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:24:37 GMT\r\netag: W/\"7108-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:24:37 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7108,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7108), with no line terminators","md5":"a92df02183518f1335484a856a1bc3df","sha1":"86ecce3175020b4bc9dc98eaa7126ba5ad9e2e5b","sha256":"80bd4f236b99085bb88c4c1fb2767dc81df964cddb44e30ad9ee96038dc5f9cb","sha512":"052562933ff5a39c23cf2fbc2ead1c6b3c1b24b787ed4488f6ad1582e74996e56deb666c0ac4c7bd4db9562284ad4606ced305e8a3de936d414015d4b2954b20","ssdeep":"96:GXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfSWd:Iz5sbKYxgCtCowY2duLGm7AtmIfSt5Xe","tlshash":"ebe11af6a036e129b67bd2b971b065e97410d912ecc783e9b644762cccc3293275274d","first_seen":"2024-03-15T18:45:48Z","last_seen":"2026-05-30T03:35:54.819696Z","times_seen":1201,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-43f51806.c5826dc0.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-43f51806.c5826dc0.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"28948-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28948,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28498), with no line terminators","md5":"28e89d2a90a144b018c9a51690383c53","sha1":"d36a9463c956c179abf10f23f9d29603fbdf213a","sha256":"74250cc23bb98dfacf2b446610147edd521d306d0a2020522032c8f1fd89c853","sha512":"99cfc55756a2d1ddef7c41d4c87537ff8bef8ba96d435c2bca0d802ff90a3e3217114bf3aeb29b2a085153fca97024338a3921c06eaad4929b873765c9d349f5","ssdeep":"192:6hjymzEERrGqMCdglAy5j2h1OyIvP4eR1X2mKNASDnyHB3VbXgPnD3TpLmV4b4LI:65ym4ERslT52uRvFR1GNw3VrgPnk4LFR","tlshash":"efd2d84e71a17c8e030b4261745f2651a21a6129740ea0dbb7bdccfdfa9cd241832ffa","first_seen":"2025-11-12T04:02:15.990132Z","last_seen":"2026-01-14T03:40:42.860395Z","times_seen":56,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/b07acf47-c478-464b-b17a-ba9226a7e00e.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/b07acf47-c478-464b-b17a-ba9226a7e00e.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: bdGg7FBUXGy3EOERr4VsW5VMpHc56qqsCG8XPdGa8LN+wyPamuSCK7JGXnxaFHUOvcbkRhu5ep5sC4vFRGvJC9VQsDTMbHoj\r\nx-amz-request-id: QPDRCV84149XSTQX\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"3cadf1789eb8f8d80a12e5ad0e19ea67\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 26582\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":26582,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"3cadf1789eb8f8d80a12e5ad0e19ea67","sha1":"90a7bb2b2bf9588a95f5895d19564e8e0d7a1b01","sha256":"4a1e05ded030983d325fa2a293dffeb39ce70d4948634927f6752dfc6d2f1dbe","sha512":"9236112d6c6dad19ae6b463f258f73caf2470a6f375251a68b7a2f36df53573861a75fe032c86ce6494978e164f514ffcc85e2b20fd04896b014b9a038397a06","ssdeep":"384:G0IuovjpguMrZYtx3ebUIAN+sXub/t4fgq0i9Iun1k2ij4i71P68:G5uoLubd4Ub0AM24ecIGBiHc8","tlshash":"cfc2bf834a448f837859d3ab7f631c408fce49ad85d5b8df11e74243bba673a008e96d","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.517269Z","times_seen":9827,"resource_available":false,"data":null}},"time_used":1119,"timings":{"blocked":1009,"dns":0,"connect":0,"send":0,"wait":108,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/d8d17705-42b6-4aa5-ae9c-82d7e8cc7bdd.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/d8d17705-42b6-4aa5-ae9c-82d7e8cc7bdd.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: PkHcZdh9xBfOS6ftRfiFHXW3nPrTHF318YuDHd/gOImEx/K26vCKlnJsQZUQFM6pHO0+VsLVooy7O4K4SCjXvY2S9cRy0LOi\r\nx-amz-request-id: QPDYNKGWG72V5XPH\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"1e463b0bfc58cbe93de38ad62f2ac7ee\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 21173\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":21173,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"1e463b0bfc58cbe93de38ad62f2ac7ee","sha1":"ae83334518cc12da8587ae98f78a5dd7de9b7a98","sha256":"de1fc345b3fe2ed5fbac321243e8814cd39a37a5554fa0d6b665284da90a6e28","sha512":"e29d51e79e7609dd12e1477a117b2af83259505557ba520681172019687275acc73b92129559a74a03b0f5fdd649c169f5301acbab3c599515ff1a89c1cc4afc","ssdeep":"384:ADUu/oKRfXu/25fNvZ4ZpZKbPzjApEZWZ7CJTa/kKfwu:96b9fNvZDfAEWjvou","tlshash":"0d92d01ded906352d745e472b7e7daae1d0c09d8a31c98286af1cc0b98363193f774c6","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.507733Z","times_seen":9401,"resource_available":false,"data":null}},"time_used":1348,"timings":{"blocked":1211,"dns":0,"connect":0,"send":0,"wait":135,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/sellerGoods!recommend_new.action?type=0\u0026pageSize=24\u0026pageNum=1\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=0\u0026pageSize=24\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97646,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d5061069e901cd47913e4696e712e570","sha1":"99aa3f0f68f79d326a7a4d5e903dfb20c361848e","sha256":"dab77c804aadaff93bf26607a3d8dea0274b2ec13db459cfff7e624eb22b68ff","sha512":"02caa43a4cfd30793cf25540d49c7097a713b560744a4754017d46182a76bbb8b573863d747aa44e11fe4fd919d06ddd907cd383be348f3b358bda1323ab8d0f","ssdeep":"1536:fQxL0TDU3wnLguUPPzKV4+kDPtoBn6xUjmCyASaxwYPjS+WzRM:fY4To3qcu4Pzo4+kDPtoBn6xUjmCPSaJ","tlshash":"9993f953c79841350b6801e544573b6ea4f98207af738f95ab3cde383eac4f67a6609c","first_seen":"2026-01-06T14:01:50.186396Z","last_seen":"2026-01-06T14:04:13.351145Z","times_seen":3,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":367,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-356c00b0.3a3fd33a.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-356c00b0.3a3fd33a.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"5717-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3818\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5717,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5717), with no line terminators","md5":"e79c00cb7ca8983a851123ba2995282b","sha1":"d6439cbac31440161232b30bde84f72dace6f3f3","sha256":"1f395dbf216fac976c28ad9a5d7310f5fa0a4a58d6465be836fe493c7d9cda06","sha512":"96f881d710f575d2d4f87a2610d16c2b87fb5874dc4afda800ba5f175e57498e791ff40889a3e3bb4998df8738bab4f65f3f790ba6fe077954a434d181ee9d17","ssdeep":"96:GXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfsXR:Iz5sbKYxgCtCowY2duLGm7AtmIfsXR","tlshash":"3ac14c7be839f03eb52615b9317819ceb814d806e1cd8775f748772cc4c30932b2925a","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-05T08:23:29.909974Z","times_seen":3235,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/f6acb799-6e3d-40d7-9dea-f88b73ddc661.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/f6acb799-6e3d-40d7-9dea-f88b73ddc661.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: TpAGX4VuBdnEOxU7hDqc3RhKqtsXK9OHJGA8Bw3ZUmc1hmcifE/ignhW6fMzORWDeBG8iz+a5hE=\r\nx-amz-request-id: QPDM1AGQHBXEC3Q3\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:55:24 GMT\r\nETag: \"188e058e6f7fbe9ad0a5f77351993576\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 58343\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":58343,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 887x658, components 3","md5":"188e058e6f7fbe9ad0a5f77351993576","sha1":"5aa78ff88b30cbd54edb475d4275fc0d4218497f","sha256":"0c05def09a06513f1f4642a32933517dae2a570113bee37d42eb032886be835d","sha512":"bdf8a4a595692fbe4e7852b784846f1a76a87e36bde4e0a4d20eb190020965784572ee99ea2df88e46b3f22048cc6b2a04fd179d1796a7ab3b4911a699a230a8","ssdeep":"768:1708n17R4+OZnvTjYIoH3etV6CFmPxPoLsRkmVNIHEGjLF8asgzZ0vc/aT39Carl:d07BTjYfXet3mZPoLgknF8BgkB5rDZ","tlshash":"3643f260337882f3f1bbb8386b8d3a1a5b55b4975382cdef11126db2ab07a51745438f","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-06T14:40:04.351187Z","times_seen":2419,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp13/B072P17XY7/71XaaByITlL._AC_UL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp13/B072P17XY7/71XaaByITlL._AC_UL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: MBgX9dNBDw5Ql9ZLzhwae9XFhQ9fMYSEyWSlX1ygf+nBBhCdepFJyeWM8a0jFsaDBRaZjQiiIN4=\r\nx-amz-request-id: QPDHTTVXBGQ6W18T\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 11:55:37 GMT\r\nETag: \"c07031c87ba3f296b2a29ebb53a76efd\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 0f0b3c3fd5b39cff700214dbb4d052faa05dd997f97c50e949ff2ff957d9a07a\r\nx-amz-meta-s3b-last-modified: 20230429T135853Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 50291\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":50291,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 546x1500, components 3","md5":"c07031c87ba3f296b2a29ebb53a76efd","sha1":"8797c19f69bbb48e4c42bd372747c9f72a59424f","sha256":"0f0b3c3fd5b39cff700214dbb4d052faa05dd997f97c50e949ff2ff957d9a07a","sha512":"65595c1eba2b03cf51675d61a3973bcf1237d19c85cefa96919172f3a54a7ed6dbd32877ccf384acc924349de486e770d07272aa2bf59eacbfdf8afa1d589ad0","ssdeep":"1536:+XiOB0fBqBhRvoS/ImRQ6o/Ka3yaegiBC:+SuvBTt7Jo/KW6C","tlshash":"0a330122c3c962f4f8011fbd0d03a1bb54991908570a9b3b376a6ab2c7641496fc7f6f","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.341579Z","times_seen":2385,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-b4023030.b4f6766c.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-b4023030.b4f6766c.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"6183-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:56 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1911\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6183,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6183), with no line terminators","md5":"46cb2b9940c77d775cb0305a0fdcb373","sha1":"97473a667cd34ab33b5378c02df05091f0c5ea4f","sha256":"369fa1811e220d2e03fdacfb9edbfcb14cfb31b1ced51cf483eaf5e4d50a17ce","sha512":"adb6f0e0eb49a9113e5e92aad710d69a4c485e2afd4695304bf19aa7753f374b5daeef0f01a7808425ffed1716f384b5d9870f54bf41a1359fe23adde9b500c2","ssdeep":"96:V735Bnp0eZAhzD/wFmwxM3Q7BkyJtFoJUx9Bfiea2dFyq:Vzaw+0Bfiea2dFR","tlshash":"74d141132a676560fcbae01e7a547b8e3e5cf643d08606bcf89a7e35c4c7873b518141","first_seen":"2024-06-01T14:29:20Z","last_seen":"2026-06-05T08:23:29.892204Z","times_seen":1846,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-39fb98b5.c41e129c.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-39fb98b5.c41e129c.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"11736-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11736,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11736), with no line terminators","md5":"328f2de1d42497418d4a0d7343dcfc0f","sha1":"5a985e5624c51fc2fdad07ee3d745bfccf805dc6","sha256":"2cec2a17088a01df5e574e2b2155f7197080c85cf663e8bb49fc5e8740a16d90","sha512":"b94f35313cb7efc1b67ebf8be4a0e208b206d30d5e2b99c8d523b445b035bdb264eff5d5ba4ac803ee915b57e2fa3582c51c40588fbff27b9bc101821034a4a6","ssdeep":"192:j33sODCMSXc6xJ6gCA95PR90HXEWFs5d24uU/EGuSVj+4ceHm:jnsAKXjxOMkUOEBcGT5+4ceG","tlshash":"ca32e74eb0aae6bc889b00213106637475767bd5f00849d9b7fcdce85949ea4272b73e","first_seen":"2025-08-19T13:02:14.764237Z","last_seen":"2026-01-14T03:40:42.771452Z","times_seen":58,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/78b9c29f-800a-499a-a640-a12d95b6cc7c.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/78b9c29f-800a-499a-a640-a12d95b6cc7c.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: AzgMNVQ3FuNO/3E01sgTVtRVBLw36WDSLXD5poC31FQXuP0Q6MbABh5Bn+jhOtrrkz2OBhFW4yitBC3CmGUQpLMEdM5sz4pf\r\nx-amz-request-id: QPDG31R5F37VV8BM\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:47:07 GMT\r\nETag: \"013fe4aba3bf16f7e54fc87414f2fcc9\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 48075\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":48075,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 857x1050, components 3","md5":"013fe4aba3bf16f7e54fc87414f2fcc9","sha1":"78d37fb3e926e07ff603a0e1d2246523301dbf9c","sha256":"0ea676e6317e0aa668ec454888b2f5a28b97008372616a9b73246ea783643b4c","sha512":"aa8e69c89fad117f57c1d46dedba44e56721d6d8fb70b89b67e51e1ccdb5a8f3398c3ec85fe0d5f69827c0624bd1918b92b21e99f65801e1397232e705f3e881","ssdeep":"768:1cS2+ioGBA89RGlxoPquyl4Y2RKMmjbTai8u6JZfHRAQTGyGsp7+i/27pUi:45tBA8uH2RfmjbTTH6JZfHR79pzuei","tlshash":"8223f12856424859d5a1c1ba507e4def23c2b132bfc692c770cbf2481bea7a9f254e61","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.596531Z","times_seen":7380,"resource_available":false,"data":null}},"time_used":921,"timings":{"blocked":801,"dns":0,"connect":0,"send":0,"wait":118,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B0BBN3YQNK/71JmApgdVAL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B0BBN3YQNK/71JmApgdVAL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: +E9N4jlFNMCoyUzo3zJ2mpcVcMFN6/oU4Hh7MfhhZ/WWRBLtwdGjKTebTnqTc3ROc1CFhbJ/HIo=\r\nx-amz-request-id: QPDY3J7X70S1AP0X\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 08:38:38 GMT\r\nETag: \"0f4cce1cc723e9f925010640e9160383\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 9169e20d3f597bd917dcf828b53045e7c31ce2687d137880cdf7aaee623271e5\r\nx-amz-meta-s3b-last-modified: 20230915T060118Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 107843\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":107843,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1082x1500, components 3","md5":"0f4cce1cc723e9f925010640e9160383","sha1":"26061d213f8afae16359eae39d295f69758aa915","sha256":"9169e20d3f597bd917dcf828b53045e7c31ce2687d137880cdf7aaee623271e5","sha512":"985da409670855669c845a9f36826cdcf2d6f2762cedfe49f907d6e77fa4e728da769069143411ad59dd98428f8082e391d9c473b50d3efef73adf76c82d1e05","ssdeep":"1536:U2R6KEPTEqfuefyBue/Ja4VCT1AXZyWGOsvv+9TPany3/2pzM1UoR/R0cNRz4mTE:vME5BuqAN4Zlcw/UUx/RRNSmT8rb","tlshash":"53b312f92c292e8bf94ad2fd28f213024245e5b8050f35f84ca45615c6cfebc9f62936","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.521689Z","times_seen":2351,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":117,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-2e9b19e4.8da1d826.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-2e9b19e4.8da1d826.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"11988-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11988,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11988), with no line terminators","md5":"24239fc2953d2a22d7cd5c5632dcd4a6","sha1":"f33b1a460541a32ed04732f26cc49d070b656e2a","sha256":"d31737889dd96d092a914e02a996629ee1097ba471cf1b3bda901d48dcc6a855","sha512":"40de2fde9884d94a6d6196f6b6e39cba8f36a05f289451d7b20e1a6fc82b32cd8ca02c47207a67b77769ee3d72c59ed7250232661a7269b26a92006ec8f56b68","ssdeep":"192:Iz5sbKYxgCtCowY2duLGm7AtmIfOxoi7k2Xer4p412QRAelWklFbaiWsAXU:i5s8CkC2caIIWxoi7kGerMscKYtsIU","tlshash":"a1320a72a072a33da927f1a574a8a8e83440d526dd9383edf654713cccc62e32672f5d","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.792083Z","times_seen":829,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-574f8736.7da50378.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-574f8736.7da50378.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"971-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 971\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":971,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (971), with no line terminators","md5":"364b94b45eaf72b8e38bf5dc4b2348f9","sha1":"869691808bc786803fba4730ffaecb8c2c95a975","sha256":"2da93f714bc866a0e4f302d78c7e5d14d291c27551b29d27969cb57089a191d4","sha512":"a33a5504a3284c5c20c32c7385f61833fada6b1d13e575231c0153a9fdf87d61b7a62caf829e6a22187ec6c8699b87ed13dec945c814e12be7034015716509a0","ssdeep":"","tlshash":"ca119bf151081435b867f26475d055fe316ef343a233446daea4b3a6ce93a9b12212ce","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.434707Z","times_seen":7560,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-080bb2e0.3542e009.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-080bb2e0.3542e009.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:24:38 GMT\r\netag: W/\"17001-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:24:38 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17001,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16997), with no line terminators","md5":"e0e10a9f01c9a3f1e2cfa4bb1f5a8a46","sha1":"71637aa88775f131cea1aedd9aea6ef486065d77","sha256":"ca05e32d8086171f169787dffa6035fc152319723db7b5ec49712408fba78f62","sha512":"07ca4785198937a92a1ffa26aacef9495ae2a1ed66320b8795af3bbf349b088e3b53f38d5dd542e84199b6f3374a47bdfbbc03b567b9dea04db21704ba31922b","ssdeep":"384:ng9hQXOAjyDfpQ0RyCw6IJGzg0E5EQyqUUhDBusDJB7WmjX:nwhQXOz20RyCwPJGzg0wEQyqUUhDBusR","tlshash":"6e72094b9094bc4dab2797e6308f30e1b101a669381559ebf2adcdf7634cd203a1b779","first_seen":"2025-11-12T04:02:16.107432Z","last_seen":"2026-01-14T11:25:19.849048Z","times_seen":57,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-971b8156.f79c8552.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-971b8156.f79c8552.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"13663-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13663,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13655), with no line terminators","md5":"23e303e1d457ded5c19fb3400a22b026","sha1":"252ee41d519536f951e581e385b134c44d17d148","sha256":"817dd349f3cd067b90ec0a1357b16f6485467350f8e4c3c77dee13591d00ff16","sha512":"95ebd0fe0352e0da1b21d23d54c3313ef8a1597a7b583484a7613b8091017f3aa4734bf841435d29decfbfcb8c521a7b62801ed47f9c945e0230a590cfba3ff0","ssdeep":"192:NzCjfAcMsHRpMu7mWKD12R+YEX+WzU9MuMOO0L5xq/cictjAfNeNF/BPsGCS:sfNMsHRp3Q19X+WzU9MKdmmvPJ","tlshash":"e45285e6c470a4bd495a82b22055f1e0fb643a1cd106554efa7cec9b72dd424332e77e","first_seen":"2025-08-19T13:02:14.744046Z","last_seen":"2026-01-14T11:25:19.931574Z","times_seen":60,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/d26d36b6-6435-4071-a1ed-647cf4e9214b.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/d26d36b6-6435-4071-a1ed-647cf4e9214b.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: PDTuUi4wLpUf1XC84ydnGmKE3wffgA0D5+GufMOUbilRFfC+4jBf3CsmCy3OpZkzcrVWMQYBqehVCQcwEd5RjW3rNCLqlZHZ\r\nx-amz-request-id: VPY1ZWEK0DK8K6A2\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"60e10d77ebe5877fc1c9385748e2cf72\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 180465\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":180465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"60e10d77ebe5877fc1c9385748e2cf72","sha1":"77082da3f7af090dbcf9ac692bf2ba4e0d699aec","sha256":"f1343ddaa389f3aca6568d15637793f510925e7f88d13a6ff93591a326a66c48","sha512":"1a4999d20713081b41425f1f82ed3e7b5003e8f7024b18986a6f1e759e0cc797f7a0003c2d0e208d14261df253681ebe2795836541ff4ebb82b8763fbe5ce182","ssdeep":"3072:TrvxlqyFWPMUAy9v42Jxd3BDRnD748ezoCrW4rlfBoKamBYuWhNJwhi1nkx:Tr5AxXZvDJH3bnn7etB5fxzYhJb1nu","tlshash":"ca041269530c763929af82bccfdac921eff0210d0a74d75911cbf8e90a7a0bb91f2515","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.514674Z","times_seen":9593,"resource_available":false,"data":null}},"time_used":1238,"timings":{"blocked":411,"dns":0,"connect":94,"send":0,"wait":120,"receive":283,"ssl":327},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B08HD6SMMY/61Hmfj-ZbBL._AC_SL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B08HD6SMMY/61Hmfj-ZbBL._AC_SL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: uou9jJKieStb1RV69nzPpnUPzqDGOWqIJqkarS/SOHGzc5mo2kdfrYkfAw00uD5Gm1IvagRhkKI=\r\nx-amz-request-id: QPDXSY1FJ12KDHMP\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Tue, 21 May 2024 20:59:39 GMT\r\nETag: \"a1734188bf728af1d2bc1d1208e0f770\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 8474ec05ed643c5a71ab1b8e419f23ac2093beaf3a310b98d9b70713795d4c4d\r\nx-amz-meta-s3b-last-modified: 20230412T102755Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 98499\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":98499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3","md5":"a1734188bf728af1d2bc1d1208e0f770","sha1":"029eb0c3d5fc7fb25561834526d3d84e90b79997","sha256":"8474ec05ed643c5a71ab1b8e419f23ac2093beaf3a310b98d9b70713795d4c4d","sha512":"1c39aff75617b9d9084fa5f236d558f2628b634588aa3c0d9e3c3ef441e44fc1f6a4949e7f93499d2239e239f075c03a310487538a4462113c9b569dd7637ced","ssdeep":"1536:YciMX0EafziFkAOm13oJcfUeCjvmaFekNsjfl/q7s+QkAVb4QQCwtp:8EaSkAz2yfUNvckNs7o7shd41CU","tlshash":"e4a30268871a5e8bd0a44178355adc417f20b2e9971f217b01f39ffa89b0693f221e5d","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-03T23:39:34.590138Z","times_seen":7274,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":673,"dns":0,"connect":0,"send":0,"wait":118,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/ba21b1de-1bd6-41cf-993d-cbf59051931d.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/ba21b1de-1bd6-41cf-993d-cbf59051931d.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: OXOtw/E9SYKYLRVNKq5cDzZWxwRgIGWc2XshC73qB482qMod0zvnxfJ0YRQx1WejapikODdyCl8=\r\nx-amz-request-id: QPDGVAN0AE06F63Q\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:12 GMT\r\nETag: \"bb218f576009cd83b9417c5a229c3203\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 47710\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":47710,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1468x1500, components 3","md5":"bb218f576009cd83b9417c5a229c3203","sha1":"77dff04586788827f80934d71f78f4c88f8356df","sha256":"d0855f819cdc09557f7e383dfbc5e6165e09a50668d15dfd0210949bbdaaa17f","sha512":"7f485bcdf0998dc22d4c9737db92c707975451d3f002fd09c92f23261204700dc22f93182ebb67e07f99d78358027eaf008a78bf02935f590589defab99e918a","ssdeep":"768:1gD/OoEUQEXCRL2xwGC5fTS16JO8Rb5fu5BPqETeaHdQ1DIzwOhLTKh:yEUl+SGGCJTSYJHb4BxTeanxhTa","tlshash":"0923f1d3174348cbff782937b4a153a3677ba5ae219594b3a70078275a423386ec42d7","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.644447Z","times_seen":7154,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-91f4e7e8.054674a3.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-91f4e7e8.054674a3.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"4173-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1077\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4173), with no line terminators","md5":"d26838e6fc6c5713d841649b06a47e9c","sha1":"7681e0887d8b3957920c84e07fe95a1f8a22bca7","sha256":"5d0e36aa6715f146ee4979217b130ba8e86c334c02758895220835a2366d5a01","sha512":"d01fe57c48c7685b7f14f29a50d61418040c66ed4c756276c25108e74dde577d4c79841b9d3690f94799cb30a1ea691dba49e71870b97018d2d57291026f90d3","ssdeep":"48:jMxKHcoeYHjMBgquTy/ra6oYkAryBxzYpUfRmua+IzvtTm5rx2/6iYrxXfZsfZyK:CKHco56gNTwm+yNfZsfZyZZK+8p5","tlshash":"cd81ee91712c94266c73e07b309e455e6e54ef63c012a3589c56bf3e8c932e32e707c9","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-05T08:23:29.931375Z","times_seen":5300,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-24e95abb.e536fc83.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-24e95abb.e536fc83.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"830-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 830\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":830,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (830), with no line terminators","md5":"fe8a919ba710b88c27be2a80cb1fce74","sha1":"ef7bdc5ea44742d40a0b67d268b4d6d5f939eb20","sha256":"c90ecd0bc9ca74176159703f5a00b82bb0b3b8e9381baf84aa98aa1fc6362700","sha512":"dce714b3e6ddd878da269a4088b61fcefd33a6dd3eea3d91df380dada97c8b7313085fd0e0c57fc53ccdccf3505c034325f4719507c10599cfff76937b74122b","ssdeep":"","tlshash":"55016b5c79e1b44b0a4a78f5812f55d6616b24bd19eeb813eaf090d45f30cad113aecc","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-03T23:39:34.477324Z","times_seen":3897,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-c6fa1bbc.db83b6c6.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-c6fa1bbc.db83b6c6.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"32709-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32709,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32698), with no line terminators","md5":"cac0dc3757d4b6da5144ed6c1e895d5d","sha1":"056a734d4362ab2be50b8e2711e9b1f45af6bbb1","sha256":"93736dc68b832f6d78debdee33a1e5d845816f7d0fdc0d798335e28cc3876053","sha512":"7243486c6784df02da8bbc4efc030835f7892af2c6dd612b3fea54da1948e7cd3dc395471fd9ccfa27431e605b4abd73ad9cd588614bde47acf093a0b26f0beb","ssdeep":"384:prAXzwWQeAU0RNYpFIecsq2b6nekyrpRLAgy6KRiqZM/9G11:/7D/nE4gy6Z4j1","tlshash":"aee21b539129f41a5ebb6153315a1492a2681ae868089c57f2fccdf633ecc342b1fb7d","first_seen":"2025-02-23T06:52:24.659294Z","last_seen":"2026-01-28T12:30:44.986974Z","times_seen":153,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/a8ed7145-c86e-4506-8da2-b8b27f610db4.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/a8ed7145-c86e-4506-8da2-b8b27f610db4.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: fJbxmpkcvtcfjGG8f01DZs2fOmOcdRXRdvELAfaABNMVNlGG1T3QjCDovlA/0VULA8YgHMJOIJ1cedz3tMSme/tmN9njNiJ0\r\nx-amz-request-id: QPDYMXBF3B350BGZ\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"d88ae54a30fed8843621233e2c13698c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 20191\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":20191,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"d88ae54a30fed8843621233e2c13698c","sha1":"9fa542e8677ab97712a7fdc7e1250e36536ec3a5","sha256":"dbe475f26aed9df934e9dca6ef2115b5d0968f312174dfecb9da3ddd3c9640bf","sha512":"606629525b62e056825a3dfbd8ca45e0f84740cad1cfa79ee8dc3e7a34658e951b3aa72bc8bdf276c294912a38d839dd6c2f864791c9038dc395b7d12d08385f","ssdeep":"384:EUsqD+1BG8DGQZl9Y4PyXpFmx82oEu1W3454xOKeq0ooJRImy+90lh:5V2G8RZHP9oEt3454heq0dRI1flh","tlshash":"fa92d1e1ad0a233de68685f6b7f6e2b304f412919bd19d3b53730c858d88261de396c4","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.34819Z","times_seen":9788,"resource_available":false,"data":null}},"time_used":1249,"timings":{"blocked":1129,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B07XGP7HTW/81fwoaIeEOL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B07XGP7HTW/81fwoaIeEOL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ORFAUmnQ3x2VloHIis3Fof29ZtxAZG9YksH9dqsoxzXL/qI74vJ6pbEY/CTjEvxJSJjQRKRzXjg=\r\nx-amz-request-id: VPY1MYGV5BK1BRN7\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 02:33:56 GMT\r\nETag: \"ddcaef2c6aac08fffa6008f8116d4863\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 805c8fc4de4d9c9903f475acad7422ecf82ac2ccf5bf0a442a1686d1f3fa2026\r\nx-amz-meta-s3b-last-modified: 20231026T130616Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 237068\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":237068,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 910x1500, components 3","md5":"ddcaef2c6aac08fffa6008f8116d4863","sha1":"5dfd62507f633aa81445a44811bb63809316c059","sha256":"805c8fc4de4d9c9903f475acad7422ecf82ac2ccf5bf0a442a1686d1f3fa2026","sha512":"95bef3e1700d32e6085d333d6564db07c4e9d6ca15f68db74153bfd184d8742022929332333565410ac220335e3cc373033aaedecbd28c5f7e9ac7fccc528d7e","ssdeep":"6144:p+zpCBaXboUhv83vTJMuOeo4q0l/l0yBsiaDkKhPbqTswCTh:p+pXboUhv8oe3lBBZcWoxh","tlshash":"933423f5eea10b8adb466b3489c02f21507e42e18d4dacb643f2e76245dd0d8d3ad672","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.317144Z","times_seen":2305,"resource_available":false,"data":null}},"time_used":926,"timings":{"blocked":261,"dns":3,"connect":97,"send":0,"wait":119,"receive":285,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/50277ee1-dc11-4e3b-948e-f2f37f4858da.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/50277ee1-dc11-4e3b-948e-f2f37f4858da.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 0Co2O7eIctptY0+GWQvcQCYuFxGvP91TwgSmiBahwr4s0eo9K49DngGvUI3QDk1hHMqb07Wff9A=\r\nx-amz-request-id: QPDZCMK175KMQNQX\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:21 GMT\r\nETag: \"cf0c2ebda19a43267a2348c11f0e9b1a\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 104771\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":104771,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1166, components 3","md5":"cf0c2ebda19a43267a2348c11f0e9b1a","sha1":"f530278c1954d58bd91d7fd632ec98745670d158","sha256":"f38fad678825212dd76b489f41c44d65f661ffa87f0391f2a1f12823ffa01adb","sha512":"d22c73c72f3979b6d42c25bf33b4dc242900c7923bf2a5fffe6eb262a1c94ec32958594df688404505b92ae99ee8213518bdf76f2a6b4b63c96515899aa48014","ssdeep":"1536:4hPJiIGQfVd8Vw5LuDqpota4IsA1zT05E/igYy8aiPVymyKvgLgwwdmFwXlqfMKi:4hPpVWiLuDqIAkzy8aiPVy0vQ4R","tlshash":"c3a301c3611e5ca3c9381877233286328fb7e7c7c15da49cb458aa29c1e97bd3db9095","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-31T17:27:36.66319Z","times_seen":7021,"resource_available":false,"data":null}},"time_used":964,"timings":{"blocked":845,"dns":0,"connect":0,"send":0,"wait":116,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/newOnlinechat!unread.action?lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /wap/api/newOnlinechat!unread.action?lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 52\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"472e9a7530675f76d965067fcba6278d","sha1":"e1fdae764ba06c37792e7b2a2549c88cf3350b09","sha256":"26de7e215697f7b90d77581633fd7fe0b379ba230d1a9c1a0b502ed862b3f5bd","sha512":"7f765b18a1b6f5818daf3905ed24ae9f4283248ac7a41bfcca65dd1be696c9a741d510629b6134940784b3cb832fe3be7fa76881cb2d01f226e1246a70039e7a","ssdeep":"","tlshash":"47800000280e2c0b08032088a88c3a0080ae22a308c0cb308e8cab3080ae2b22000830","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.385417Z","times_seen":8677,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/60a1fbda-8b7a-4e10-8330-6b90300f8177.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/60a1fbda-8b7a-4e10-8330-6b90300f8177.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: MmoKzj6Ckuj4daoh0c3cJfR1pRFq+6g+cn96qqb+3Ux4jOQg1XfqGmcCabk8aGXG3f4rziSaKlk=\r\nx-amz-request-id: VPY5QH8YYH43P6JG\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:55 GMT\r\nETag: \"6c940aad2dc2544cd2897468bb9fd97e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 68214\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":68214,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1402, components 3","md5":"6c940aad2dc2544cd2897468bb9fd97e","sha1":"f72f714028b0db42c1ceadeb3bc0778347189736","sha256":"830c5b0169830cac824ae8d0298c5072a7c9c3e1ee9842303d5999480581c0c7","sha512":"e72e299e873c5e0388d40d8d18826cf5ebe692ba77e5b690e971d83a9b09a19bfb971c15f340e0aa723d50348c1dec3fd3ba62e25d0d4391192a3021244ea183","ssdeep":"1536:0o2PzgSD6MwWin41mI5QZahL+96BlxtYjTa0Kb0of:WD6BV4xuaI92YjTZKQof","tlshash":"80630291e1b0c897e821c7ba60407063f565cfa9f550dacbf36a49a4b2a1f450f2ddd1","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.580458Z","times_seen":7514,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":214,"dns":0,"connect":0,"send":0,"wait":121,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right6.b8bac159.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right6.b8bac159.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:16 GMT\r\netag: W/\"5087-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:16 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5087,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"b8bac1593a48bc443848bb3a683a551d","sha1":"308b1b03b09b9865605a8210d0829847ae0d27e0","sha256":"10a746b60bfa7ffee5b3cb5d7b628ef08774e826d869a9418ae618da09219b61","sha512":"b4728b8792aab88c835d7058e7ae673c20e2d421d0e23d57b7b3b5fc69b00dde745ba47586721c3f5d05fa36f914aca9b483570011e03ed6e90b9772de3cbdce","ssdeep":"96:WhxxYqBhBnFMEKYhu/hCbjftpvzaHZx+RxXP+1VHaWccmRAi5Hx:EPdn2E2+nba5uZ+1VHatNl","tlshash":"6ca15c81f553fa1bdb8293b099a43f100f217c332be267bea602581c1847ef21479b96","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-03T23:39:34.542414Z","times_seen":4713,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/908e2a95-723f-40aa-ac29-581a9ee153f5.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/908e2a95-723f-40aa-ac29-581a9ee153f5.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: JLqJ+igM3wdUQEYpVF1NcgVUtm+aBP4wpIXsp89iK1T0k8He2keen718OaqxxN5s+rgk1qaPoF4=\r\nx-amz-request-id: QPDVJE4YPPPCS5QK\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:51:40 GMT\r\nETag: \"c5a47705795cdbc1e8729597ae3590c0\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 116736\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":116736,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x890, components 3","md5":"c5a47705795cdbc1e8729597ae3590c0","sha1":"dc331981dd3aeb0e2ef49a5339b9de6fc874a6b1","sha256":"2c4fb62978884f281072fa2aac50acd32f422cd139a6e8c703c644263f3cfefe","sha512":"64b217eb462365a15e408992e9f6cafc4da3aeff8be47a4a0d9cf1eec22ae84b8c49db9e0bde58eeb4c3218d3503147fa72fb222e07dd10f09e08108934f491c","ssdeep":"3072:5e2yg9EXZZEXO06Ae3UYn/HFkdOQRC+p/o:ZyeEXmO06AuUYnNkkQRC+p/o","tlshash":"82b313ed627148c6e96c04b5587ec05c8a31138bb6d8af6f30fe1d221bcda512edf549","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.523462Z","times_seen":2369,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-aa8d1574.a82e5f3e.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-aa8d1574.a82e5f3e.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"18238-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18238,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18206), with no line terminators","md5":"c7177ece148ca72df9af3ad03610cf29","sha1":"3f2ef295d2d6defcf1178ae41b9b1ebeb81cc8f7","sha256":"77cb1285c0228c8fea0fce794b09d82514ff9c2c8cf40a57fa2738b8db3b12aa","sha512":"6cd04b03bbeb15b2c279c7b7ef2244aa51aea0ce47e940da6466e6668e2606237539186672f0ff46e23be7d722da68871c1184530ac523ca4978f3ea65403cdc","ssdeep":"192:I/OwDwYwBvp9Xmj+YtcjE3Y7nrU95+M5/JaL97fGUlni+3I5qTRiA6sJH8z3Jn5z:IWU3wF/mipjWeIa5XioIYRiA6sJH811","tlshash":"9982b69ba651b45f0e6772a1309b2403a15862a43c0c9d56f27dc9f633bcc782b17b7e","first_seen":"2025-02-23T06:52:24.658545Z","last_seen":"2026-01-28T12:30:44.868328Z","times_seen":140,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp910/B08GDC6BXT/51nqa1O5NVL._AC_UL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp910/B08GDC6BXT/51nqa1O5NVL._AC_UL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: HjPhR+9Eccjf+s5RqedBAh4hi+RpYcN9nKesqE6FrIy9Se/KG2W2VqJKVTqpKLCrkO0Dx82DcVA=\r\nx-amz-request-id: QPDV156MRR9Y0Z8A\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 13:50:55 GMT\r\nETag: \"cb24f33cb4ff359a439a0d73bb6d2752\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 35067\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":35067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 650x1000, components 3","md5":"cb24f33cb4ff359a439a0d73bb6d2752","sha1":"c2cd25233de083ef231ecb1e99144800c46e6d02","sha256":"e0c66d00c9f5ac611d2f61f078eb40db018df1c3af4046bca89a51d4d4088a86","sha512":"d0ae7b1278b28519a69abd0b69d83bf426d16ef8e87f2008c2c3eeb5ec0c32dcd725f968a87a6285abeff6e855ecf59a4cf4891eb12abb14a2f62dc74fb90ef6","ssdeep":"768:1K+IIdonHnMKYMvOjEXpdfUbHHOXMG5NUnLlRFdHLebFEPslsnQrqXU2:IPI2sBM22obHHFacR+ZxsnQEb","tlshash":"97f201b39248d715c8684bfe18bf1ae7fa8c90e00daf594245300c52be5ff902a1b5f9","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.37868Z","times_seen":2239,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":123,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-55a26a12.7840c12a.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-55a26a12.7840c12a.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1392-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 402\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1392), with no line terminators","md5":"eddc635fcf3cb8f345a6c8bbcc9b6036","sha1":"7a3f2d798cb53dffe7cf6c52e071c865d5523bf9","sha256":"e77e73c25992fab28ae631f7d15520056b9106d43b95f0e07d73c49f5b89d984","sha512":"43c604de6411e0e4f6bc49e2bbd34338ebbb33d4b57be4b8f6707e35c5f31ec387c53308175d54075b64d61c6f10261c1b2ed4b4bda60af37255c2887cd02fdf","ssdeep":"","tlshash":"dc21f4f86136523660f3b437286142e67aa8faef51e1a10d6e8a504c9467f025f33c46","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.483586Z","times_seen":1365,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2d216070.e19266b9.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2d216070.e19266b9.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"371-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 371\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":371,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (371), with no line terminators","md5":"ce40f2a4193b5a30d49a76661a6d491c","sha1":"f5e483725aa903c2bf3fe7e985998b406958f839","sha256":"ecd84f0f9a121543ac8a9c2f6aa7d4b3c31b885f21bb43632635321634c792cb","sha512":"526f58b1ea3a88bec71d67882310989b8f4e6534b2018c8fc699239a2da7ccccd94c14b79e136e85e9f0b8118b542b4d00a8cc1cf969ef5c3e552a80048b72dd","ssdeep":"","tlshash":"10e0c0782063bebd536c30cf237f5993c45b1c090ed754e51ed0d49a623651f4224b99","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-06-03T23:39:34.646954Z","times_seen":3778,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-3581ccc6.9c655566.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-3581ccc6.9c655566.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"8118-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2435\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8118,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8118), with no line terminators","md5":"5ca19bc48618123c240ac22047e734d9","sha1":"569e684aaa39467c575015306934d286b61ded44","sha256":"e16328152b72df4c64f34891df3bc922535596e5f27b26e7fffc375e358c687a","sha512":"f25ab7a8332b635176c44bffbbaf71860a63052ba85b9e790c959c83b14800fc992624d2285dccbd91a2646d8c05950530e415662b6e46b18f88a6d833fccb98","ssdeep":"192:z/AYIgJfN6wJ7HxEHUmQP2Rp62AkQB5L6b:BIgJfN6i7HTZ6","tlshash":"7cf18541700ba59dc89ed01271299a31f0b51fa49811d4cfe77dccb8a5c8c64bb5fbb9","first_seen":"2025-02-23T06:52:24.640835Z","last_seen":"2026-03-07T04:45:22.205642Z","times_seen":155,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-09-27/de5825e3-c72f-4186-9503-2b6b89af399a.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-09-27/de5825e3-c72f-4186-9503-2b6b89af399a.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: GYmJnmk3k8dgr7pO3etvbJygxWNJMzZFax4/7mrsikb1IZpRH+GqNeY2ZYXaO+fR6wtzw2z21d5qQqNzwNWvurOZYQGA7JkT\r\nx-amz-request-id: QPDXT4BRJJCRDHWM\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"fe338c9b5d010848cb21a1db76fadf7e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 227074\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":227074,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"fe338c9b5d010848cb21a1db76fadf7e","sha1":"45eb4551bb82a4993dbc63c4bbc236b89b52fe61","sha256":"eac06e949524de896c14555b703c2a7c6e63c573083b7544a336f8c027fdde81","sha512":"e12280cde3ef9eb88c6ce4af8447dd342bfda378d30776541085a725f5624aef98c048e18e724f704b821de16afd3ff424fc4ad6649908c6885410f616111936","ssdeep":"6144:vIwTgSDMGq8hLz6R+CxH/SNXquhJbgcqnHNo3mznP8:gfSQGq8hO5/EDhZa23mD8","tlshash":"582422ae161261137fd59cb23cd193ac335797989d8dc1deeec305603eb802794eb886","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-05T23:30:49.794243Z","times_seen":5112,"resource_available":false,"data":null}},"time_used":1317,"timings":{"blocked":1008,"dns":0,"connect":0,"send":0,"wait":116,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/bfa34439-cd8b-4b7c-b849-8cd85c7b6a33.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/bfa34439-cd8b-4b7c-b849-8cd85c7b6a33.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Fapj2VAoQcSfMyeNH+cy5OzVYf36BMYOHr2fcpWHEfNzVRtInL+dw2r102fEKAa6+ix4nMpXZGD0iFumip1mgWAMY/rOoulQ\r\nx-amz-request-id: VPYBDJHJCAJ9HNTB\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"46155632d481869cb9c3e853c7832bea\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 39527\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":39527,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"46155632d481869cb9c3e853c7832bea","sha1":"988a2fdc538ca57eadd8730f028800f736e1ee86","sha256":"1e4dba5d9d5fae2a3aafe91ae59ff2f9f938229ee17b6af825d3d7ae78a93913","sha512":"6a93dfe70a2ee1089d7a1137043494795f98bab7533792b6e736c25439b4c871437a83103e1f02c58b32e7af94aa20e67db51929d945869cff4485b6840c2255","ssdeep":"768:G2faHY+HPhvSyz/eZculI+Pl9UTnIbrimLDGEFK6hbrysiU1JL4:GogPUGkymLDGExSsiE4","tlshash":"af03d0472804ef4b762ce2727e9b1f681f819b4ca8c672cc4a530dafaf657b9491c41c","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.377189Z","times_seen":9887,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":574,"dns":0,"connect":0,"send":0,"wait":133,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B082Q6RMD4/51LNp4aSxDL._AC_SL1340_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B082Q6RMD4/51LNp4aSxDL._AC_SL1340_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: kjrj+bLswt+RdodonaT/VimEqgD/rzls1caYSUq1bDsSAa2DVI+lRvqrNwnScMH+vRiUfcTEwWI=\r\nx-amz-request-id: VPY07E8HVXWPBRKQ\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 02:54:04 GMT\r\nETag: \"8827b56e1c75a8cfd6be59a5b6d760eb\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: f63ce9701ef5941dd9ce6ac432a09e5636f1e0685ede2c4aebb39f96638eec8c\r\nx-amz-meta-s3b-last-modified: 20231026T124940Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 32549\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":32549,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 431x1340, components 3","md5":"8827b56e1c75a8cfd6be59a5b6d760eb","sha1":"24f3ff786d1c9fe9e787bd9d1977b90aa1d9c3f1","sha256":"f63ce9701ef5941dd9ce6ac432a09e5636f1e0685ede2c4aebb39f96638eec8c","sha512":"233fbb69169772f8a86abc5ea61ae787e1d9b003148430041b7d3e38adf1257e53f1bbb07f31f7893dbda96679864f8d78d9587298deb69013ec2612f7a02d49","ssdeep":"768:dx2GWbs6oBwPJj88PBuMQmJOcjEiKyquTxPOKIjktU:Oe6zPJQ84vcjEinTxGKIjSU","tlshash":"7fe2f10582cbd7d1ed521c7225fb3336df24eb0ea5fad05d3b202b86951ba652683c51","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.522869Z","times_seen":2370,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":251,"dns":1,"connect":97,"send":0,"wait":122,"receive":94,"ssl":154},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-971b8156.c3acef98.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-971b8156.c3acef98.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"6834-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1736\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"f7b1de25905c81c373dba149d03c31f9","sha1":"862e37406535632dfb53a15f6a89c16efb3c94df","sha256":"e75dbd8d3fa49fec96c2b893018aed78a616974cb812b015636553d832881751","sha512":"5a2f0034e39196a38ce44b9d9cc46301069bf252b4f092c46db65bcd45a55ed05a6b53bc8241f14a5f5390b530394bcfb0ffea60b21c9262d0b669e07fd1707d","ssdeep":"96:Zsivfdy8lOFD1vq80WV/LPxDmvo6SOwUu50NJj9MC2:Zz33lSD1v30I/LPxDWrhxuuz+","tlshash":"56e10ff2f231112f7426953be18389e8bc86b10dd3ffc656ff84b514daa9182063518e","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-06-06T14:40:04.448067Z","times_seen":1977,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/shoplogo.7611aec5.svg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/shoplogo.7611aec5.svg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Tue, 06 Jan 2026 13:15:03 GMT\r\netag: W/\"6216-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:03 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6216,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7611aec583fe148049dd07eb9aa3efde","sha1":"718358f4667ba56d9fc8d5a4978fb94e3b8b8096","sha256":"5c6ffaeddadc82819405bdb24c0e0099754bb3c972a05bfbea1927cef86165ae","sha512":"27691eda900aed6bb8ba4b3cfd042bbcdd706aec8f2fdeb3045a62d472c6aab440011d48141057fbe22d356ca7208693684296d03a29908d19a7773321805b22","ssdeep":"96:1KfV2oVMWKfsow7nZlPC12dxU6OjYP8+mEQunTJ0oPFoVODwhkIh8BbKw99P09Oh:1oXVJTTP3P0WBDwOzBbf0Mh","tlshash":"31d17eb1d6109e44f3a488adb2bfe5d39f123d8e81195828b6a8238cd7cc7653a4d13c","first_seen":"2025-08-19T13:02:14.891923Z","last_seen":"2026-01-14T11:25:19.888667Z","times_seen":60,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/a7892ec6-7c9a-4017-92d9-5d88ec058706.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/a7892ec6-7c9a-4017-92d9-5d88ec058706.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: hsYDkM9SIqUXeRrUx2NR+jR5TbNEsqckoSQ9SSdzY9I0wKonifV9ipsK5sulPERx1iilZU/7W2I=\r\nx-amz-request-id: VPYE5A135EX95B21\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:52:31 GMT\r\nETag: \"4733341abffafac1a80a87d73b929a0e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 46462\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":46462,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x816, components 3","md5":"4733341abffafac1a80a87d73b929a0e","sha1":"2ed57cdd64866e32ea7315eab53f957943fe7535","sha256":"488b95a8657fe774d74f2c2b03f858888868a277580ae75cd4c45796bccd447c","sha512":"e1db1ff22f5f486ba861cbf7e2e6cd4c701fb2610f9049bae3e4112f7e359d8073e7ada5c955122817689e00b314a5bbd465b325c264c277ce73c2ee61a67c48","ssdeep":"768:1Z94x5KIpQt3/N64yyRimzuVWddwpQairYmoxTWHoJvtBy9ZsdVj9hLvRH/pVexD:n943DuRLyWisu75iRYTLRQsdVj/LJH/G","tlshash":"032301f73328b9a2cbda05741372f6a03265f93716fcb6024450fa70b16c552f598b6e","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.553203Z","times_seen":7565,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":210,"dns":0,"connect":0,"send":0,"wait":120,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right5.1ea7fcc6.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right5.1ea7fcc6.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:16 GMT\r\netag: W/\"5524-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:16 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"1ea7fcc6e9b3100bffbe6b7f028ff17f","sha1":"61c58566bbc59e3f7eee8fd0ca827c00da52a17c","sha256":"a3b706331a70ffa493547d558a58857bfa2dcbe54f11b19745a8c0ec4692e045","sha512":"7c129d8b0f97c5c3645a966ea129cf352e53997c2caeb88d975a6774bb157808dec36999b766942663622fce8ce7ea387d4a2a5f4385cb68481e554b4dee4d05","ssdeep":"96:WhJUFeNHgld/rdM2oX1pfs1BBfcVq3CxmaiVFMbo9qJC1dwH2J34Rm1cum8lwoRY:E5NH+BqBl1kBBfc1xmnQ7U1dwH64AyuA","tlshash":"d6b17e19e62eb807cb2aadfb2d5c259661011ab47f1c0bf245b121ddbd42cb1af15314","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.939379Z","times_seen":4689,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/47934c11-34a0-4990-9c8e-834a82f5b701.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/47934c11-34a0-4990-9c8e-834a82f5b701.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: rv7tcKMqC99n82OXvMmPLUunZOUrawB4HH1ZbgzkWUIQLxtUI+cL7YNjCyf59vxNsStoy4DTlZk=\r\nx-amz-request-id: QPDZQ948YB8KGY5D\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:02 GMT\r\nETag: \"8c00ff5e70d17f3ad0a9b1b85f0ca0d1\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 41631\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":41631,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 647x1500, components 3","md5":"8c00ff5e70d17f3ad0a9b1b85f0ca0d1","sha1":"821b82e6b725f4a90aa36d51efc1a362e33b53cf","sha256":"41d72946e6b8fde800f2bb6b1ce9f6be2b286f437f1abdd23595a144bd5d1427","sha512":"7bbf0279cc137f96fd2c7a6976af80334de90ceda385bdd26da2215dc52f96f5fee9a68428c5883c7a2bf21755b6c01597c8aa9e40e971de13d550c31027793e","ssdeep":"768:1qE70EERqK41pSmdbAENaZKhNwJ/qdLbSY11ip73BTkEyF06n:770FNGQcbrMZGgCdVip73wB","tlshash":"f813f11b3b62a61ed1dbad36d45b72018ce0fb1b33c1848f6e62346135c6fd40b97695","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.502548Z","times_seen":2305,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-6699a1ea.cd704402.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-6699a1ea.cd704402.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1252-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 494\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1252), with no line terminators","md5":"b50aad23d365ccde72e78b8313b4e7c2","sha1":"82e1ed3080ed69d8b4384e17044cdcf837769a03","sha256":"e36128c4817614792876d24a43ab454dd8cdd52f66965bb00f14406da9011f3c","sha512":"3929980e42defe71e881ffa97bf69c5d70251a4adf0eaabc203dc87188f3d9da61887ecf8f793b9c6a2861a6b24484417bd3adc1cd46a41cf2a0f14082f92dd7","ssdeep":"","tlshash":"3f21ee67b51163ada3bb689413b29c8c7414c840f5ebebfae906411dc7c72973691388","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.522312Z","times_seen":7301,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-ce9a332e.9e98bc33.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-ce9a332e.9e98bc33.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"21116-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21058), with no line terminators","md5":"762d6c835647341eb09e725b671f6fb7","sha1":"9056a983b4b8a1466510967934f5bab66ce84ff1","sha256":"406e926494ce59530d7c5ab98577488252afaef1e9bed0969a2e3e5ba31ab059","sha512":"d28a846a98fe6a864de4ada90eebd3bd90410c24a3840c86053cb8c5b3bd3dba068a4f41fd4662ee10a5cec75a6c48006c5df7a4ef3275fb0f5b88dd1c7b709a","ssdeep":"384:oPSsASXLk8mMDXbyuetIAwXs3iX775b/2MnnAbk7wK6Ec:O7kXMD3eOrdb/2MnAbk7wKo","tlshash":"e092ea86e072a8ac895b6250351eb3b4b6712b94a040c45afa3cddbc21d9d64333ff7c","first_seen":"2025-11-12T04:02:16.112227Z","last_seen":"2026-01-14T03:40:42.895163Z","times_seen":56,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/index!download-url.action?lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/index!download-url.action?lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 77\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b37252614b5f5bdef892843c318b4485","sha1":"ac5f104553d20193c06e7fce2d9ac48646969cd3","sha256":"a89a72b8105e8895b59307a6d311ff2970f9bda7f022edc5e59ddb0f7062bfa3","sha512":"fa4250d1a3ba602f34424a1e7f6cae1c9078574731a97f7d5ff233b2f283df9b7b534e0b667276ca5267eb84892f4bfcf537139e83d6a58350f2f915cdd987ec","ssdeep":"","tlshash":"85a002921b8b2986860712cc648c3504609f527759c0db519d48eb708c7a2b52800520","first_seen":"2024-05-20T20:42:30Z","last_seen":"2026-05-23T01:24:03.464378Z","times_seen":2130,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/2df406e9-dc70-492e-a7d5-4db89889fe58.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/2df406e9-dc70-492e-a7d5-4db89889fe58.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: sxCb0h7cowBtbT8ZgekIv8PFaQxyOQCdsvFac5c8L/IqDEQTP/NCanKAz3xN5glb1KFSdiK9Ky5/KDqZG2VnVafHhA0bFIxg\r\nx-amz-request-id: QPDJ7XVD51VV1FW5\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"882acb8a590986400f716b14ce87dbd7\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 27557\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":27557,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"882acb8a590986400f716b14ce87dbd7","sha1":"69d9585cebff24ca05746278353d9723ac581960","sha256":"1c488a620a2342179fea9b5325ea4b5e0e450de64f3bc3383c67e3040242d1e0","sha512":"21cc314fbc6d011adc782475102dcc061e67ed01e1162a9046700b1375b1841701831af77286cc0fead58c997eeba79f5e1d141cdb124ed7881fbe71315c65a6","ssdeep":"768:GG5AJy9ToRwVbgiqHgdBAe9u4p58OsHIE7W6lWG:GGis9sRwVbgiBdieWHTlWG","tlshash":"40c27c039c854ad3b575c391ff468f6d3b8aaf08fc5672e710e11eda37a01424c9da6a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.326285Z","times_seen":9985,"resource_available":false,"data":null}},"time_used":839,"timings":{"blocked":706,"dns":0,"connect":0,"send":0,"wait":132,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/b8a68172-576a-4457-b9aa-10c98bb46782.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/b8a68172-576a-4457-b9aa-10c98bb46782.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: EvWwf/QNJDZQNAtlhvBO7QrdAFMCkErqZBiX9SyEQZtC5JeZM2pDn2nY+7DtmCAKkRU8XRhkLik=\r\nx-amz-request-id: VPYDT4MDM0F1AQRK\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:09 GMT\r\nETag: \"963cb56e987f75139a4206e2853821e6\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 234396\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":234396,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x1440, components 3","md5":"963cb56e987f75139a4206e2853821e6","sha1":"ce71e1769f7261cd7b9a24961ad20fb7a59020af","sha256":"ca1da66523d750de307c04335a1c1c6a4a5984b6e18740d6a9b5d05328a83eb3","sha512":"32b60068394c931060c1753e698783852cf5287a33a02520531964297d9f7c9b2a075a104400d58371a38b39e90f79349952df52f99ce456d4a43da248fba813","ssdeep":"6144:hEAd94lqhbTQUovlU065PNq7FHQpTmsx/:hpd94lEE/Nc5w7Fwt1","tlshash":"de3423f953a91d48d25c2b303153934d7ebd68f3ebe22b319440240b0efd590f55a5ba","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.432118Z","times_seen":2431,"resource_available":false,"data":null}},"time_used":581,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":123,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/d9a4f743-88c7-49d5-8f27-acd79169d134.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/d9a4f743-88c7-49d5-8f27-acd79169d134.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 0b16Lxq6/FSq0aCxeGTbvHNFyvkWXPKcm+ZfBBGrIkV3Om7QPSj+ZwvAdEVarZv9XihQDUhwUus=\r\nx-amz-request-id: QPDNY0CY7T74QS0P\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:54:21 GMT\r\nETag: \"5eb7c18e0164431bc4ebd5432142d478\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 62006\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":62006,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 992x798, components 3","md5":"5eb7c18e0164431bc4ebd5432142d478","sha1":"0e7463b4754fba04259090a3e6c70865b6acde18","sha256":"c8e8e1655371e5817147fb849721d215226bb8f03e99bee89e9b3217f91187ba","sha512":"0dfacb79d468692bb1e777bfc2311eb6ae4f4de8d4f1d4f273a6e918a7538cc7f7450c577a7978b281b8c7c8a8f1cd224675df0ed5af052e11f82ec4acbc3af5","ssdeep":"1536:VBqvv4Wcx0q5rQdsUVr80gBJB0t+QZb2sG1/:wv4Ws0gUyUVrRgBJo+QRGR","tlshash":"0c53128569a9b165db633ab88e06708efc0f2ca6eef70074210dd3d93074af1bd4a45c","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.340656Z","times_seen":2411,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2d3b15cc.f13885bd.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2d3b15cc.f13885bd.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"14187-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14187,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14187), with no line terminators","md5":"b49264e1dda6ced4e73ee5afc57a3043","sha1":"04ef80897f98f47e247fcce0690919efe6d5a239","sha256":"511a9b1937dbed400e7e8b317fa089b4c6ce764a2084beec95f5331fb8fd8342","sha512":"140f07eb8615e3fc59b4fcdebfa4d593d1f57dd26fe80c53fbd73731084636225c51f612a1b0f4de5fbd6894f6ea989dac147b41a51af9cfeff64938c6196fe0","ssdeep":"192:ZTgC5cnE518R/LIT4JvVsODCMSXc61qgCI9pn5VV2OEj1+4ceTr:nIjLIT09sAKXj68F25R+4ce/","tlshash":"5352e74e70bdedf889aa6052301622b871751bd1f4054cd8b3bccde84489ea8632f77d","first_seen":"2025-08-19T13:02:14.812139Z","last_seen":"2026-01-14T11:25:19.928521Z","times_seen":59,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-3805cfd3.15791ca3.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-3805cfd3.15791ca3.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"11281-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11281,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11251), with no line terminators","md5":"b60ec4fb7b5bac2cb00f7288b31569b4","sha1":"f49310c061c82ede3cc721906b5a2e7d216a74ed","sha256":"9d7dc2e689ea7a7721ba0db98e81d56bd40503caaf01a5dd66cd4ab7e8431fef","sha512":"4eb09e0d36e433ccc883c85944cf078fcbda82e0030f25eef4aadbbda4ee904a936d5c0491050a304f7912f1efd0f6be0f10fd3b1723c497e29cb652b8100de7","ssdeep":"192:ulxthRrXBronDsE/VnwkvHEvPXwVs5qtwyO/3aQ5QQY3tO/sC4V/5sum5X6TisE9:udX6Ds8VweEv/lD/h5Qf3tO/sC4V/+hp","tlshash":"1032d68c3591bc890e27b0f5b0af7456b0558e91640d1942eff488ba3eb7c6e571332b","first_seen":"2025-02-23T06:52:24.641592Z","last_seen":"2026-01-28T12:30:44.985295Z","times_seen":140,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-78328792.2dae36a6.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-78328792.2dae36a6.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"11740-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11740,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11710), with no line terminators","md5":"3bb65c23bdba556ec7f3cf02f0689a7b","sha1":"acf5340a2972c3e20c1df242df2cbb43f508d541","sha256":"58ae85245f0317b9821df88fdc5d75839e2f739f9fad996c1d321021574c145a","sha512":"0c59548f3790ae7214c05fbf6a1dd828c277fed5e4a94b5cd1dce5f7a62cee36b5cdc67aeb1d8e051c2cd09803d841a78108c7a52eac7ee66b04ffe0d9eb019e","ssdeep":"192:6lxthRrXBronDsE/VnwkJ3i2gv419Ii15QtwyO/3a3O56QY3tO/sC4X/5dum5X6w:6dX6Ds8Vwcgvg9Iat/156f3tO/sC4X/f","tlshash":"8532e78c3591bcd90a23b0f5b0ab7456b0968e96540d0542ebf488fa3dbbc6e570372b","first_seen":"2025-02-23T06:52:24.655015Z","last_seen":"2026-01-28T12:30:44.958275Z","times_seen":140,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/app.ec0f329e.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:10.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/app.ec0f329e.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"236420-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236420,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"eed6f41ca324fd3d5df5d5f6e6f8492d","sha1":"c4b308b2e8a443f8af4ca5800a782cb654f7f065","sha256":"f732fc03af0c9cbc7675c820381b77bd2180b10d9fd8a2022d8920ddb0b0eefc","sha512":"324bb1c57bd5932b16d86fea43f60381e84f7465b4181d2e861ab0816fc9ef6ad69aebf8f21b544a4adcb4bd1768ec827fee04daeafdd4958cea6ecce472f66c","ssdeep":"1536:7gXC6l3028Y7SrW3YeWXA1u9w4HCe/l4RdgW9cMEcWAp7KO6iZkJgYu8e0r8kvXc:kdFJWTPL4Q+05q2pe","tlshash":"ab34b610db17217b222be66d75c0ba886f28c323d9725b7bfd95741ccae64891163e0f","first_seen":"2025-08-19T13:02:14.806513Z","last_seen":"2026-01-14T11:25:19.930815Z","times_seen":64,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/matashop2.svg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /matashop2.svg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-language: en\r\ncontent-type: text/html;charset=utf-8\r\ndate: Tue, 06 Jan 2026 14:02:13 GMT\r\nserver: nginx\r\nx-cache: BYPASS, Status: 404\r\ncontent-length: 764\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":764,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (760), with no line terminators","md5":"69f9eeff8ff8c26a8602efe25136b391","sha1":"0e1a331738a6ce2fcbbe986377e29b4683f4a5c1","sha256":"51e65909d5d59a35b8e5d260ac636f7f405fdf4b146193057fc11aea164adf39","sha512":"e0ce38446201ee40cdf9f0cae8c07a682c42c071b7658a09ef75dee06df6b5ed5bdfd065bf649f3211ce0fd98510eb1c273325ce273de8db650b1e3b3e82a7f0","ssdeep":"","tlshash":"8901203ec20a1117fcb6487b36913ea8395d8c8392720734e8548af4d2865f8a76178d","first_seen":"2024-05-04T04:46:04Z","last_seen":"2026-06-06T14:40:04.492197Z","times_seen":2273,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/1fe3d3fd-05fc-4b1d-a8fc-364e9d33fcc4.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/1fe3d3fd-05fc-4b1d-a8fc-364e9d33fcc4.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: imwmqeRQnIiwx3d2O+UsECSTVC0zLBLDaSVjpTnz84nF40w2Gv5frd4rueg/5oIth9WpAeI9mFY=\r\nx-amz-request-id: QPDHEG5A5NAXN6AJ\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:47:35 GMT\r\nETag: \"ccff69006dcd3e1ecc8e139bfe9c5a9c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 12326\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":12326,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1060x507, components 3","md5":"ccff69006dcd3e1ecc8e139bfe9c5a9c","sha1":"723f319128c6d63041259ce5725aaf670ef7f890","sha256":"d3e206d3a678978521738381d06e6fdd5e0371d55a6429cbf8f526c66cde11aa","sha512":"67a316dfe938235480a09e76e0bc23d4555ac73edafa80ad8ba860e9f4dbaf96cbbad1c4d5df1316ed77be2e41e943f336e9e1815bd2f7c834e6d64fd87358e8","ssdeep":"384:1K1hYtA+jmAI17ZItgLQWG1y5p/RDp8Wq:1tDjG9LXGstDaWq","tlshash":"e142ae55ed8640e4c938bff4463b42245a1aee3cafb0b1d60b964ca7ea126401f4ddbd","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.492043Z","times_seen":7690,"resource_available":false,"data":null}},"time_used":892,"timings":{"blocked":772,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B07DWPTLJR/514KL6gAvYL._AC_SL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B07DWPTLJR/514KL6gAvYL._AC_SL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: bmdICcJcpBHw+h5sVkl0Aj30Bv9QBiJZnarlz6VskpwrNlAyGJVnjJPgb9hJI0P1yJSbqaVq/8c=\r\nx-amz-request-id: QPDWE49WPPFMN0V6\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Tue, 21 May 2024 18:47:46 GMT\r\nETag: \"333bc9f8102abd9920062f747fd1aece\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 45252b2a7e6e7d31e4b51f95f215232c8cc5de8eb6d719a60ee4aa70022d8f70\r\nx-amz-meta-s3b-last-modified: 20230415T142418Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 30129\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":30129,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 888x970, components 3","md5":"333bc9f8102abd9920062f747fd1aece","sha1":"e9e549efd4c0bff166582969196d4c48963d64c5","sha256":"45252b2a7e6e7d31e4b51f95f215232c8cc5de8eb6d719a60ee4aa70022d8f70","sha512":"c5b4682553f9430c4d889d864ea2c426e13264803531b8fe3781edadf67ef75dcb4b92a5f7b1e3f828cd768945dafb8746d7b0ca1fcaeefceb40a0fb2e16b600","ssdeep":"768:1rqMSN/4n00wwRelfNwPFdMOHhXhEM773zrWjYV0+aF16JO3j:sMSa0rwR6lwPFzhXhEgnrbVzaFkJ4j","tlshash":"fcd2e1b57b17c379e8b3217b8749638f9ed9cdb52126025f1149b9343c61d644cad8cc","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.467374Z","times_seen":7233,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":672,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right3.9c862538.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right3.9c862538.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:16 GMT\r\netag: W/\"5499-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:16 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"9c86253815081c0c34036ff07d755cb5","sha1":"c76c8077affbb0a17ef370150dfb718db290a455","sha256":"29f7b8a55109e9ad235762ef2edf7523357ac563202f2ef931aa3099685c9e8a","sha512":"cd0ee09be0e8c939646c3e72e32a70a37017bb27f5bf23e3167776e8aaf81c0ff3868ecc1eb12df37341088e1aeba54cc1605c88aaf44a89000a8eb5b53b65a5","ssdeep":"96:Wh4J1bDl2qrFHk8A3CrwfOIngvJlMde582vqxe2CjEploBUs3:ESxPFHk8A39QhDQVoBX","tlshash":"04b18e9fb6cb7d90f776043be0c61d5522d67b0615e0a7fc8098aa4f98bbc714d10879","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-05-30T03:35:54.906512Z","times_seen":4690,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-4a688b54.8fe95911.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-4a688b54.8fe95911.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1118-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 490\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1118,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1118), with no line terminators","md5":"51469bb71eb3ad53d091813383d59f9f","sha1":"2dc9da09668fefdab35ccfe6c6a3ec5485ceea3d","sha256":"d9daa1e1faf153cb40d02fe3294adfbf28aeb622797e00cf94c101ccfcf0e073","sha512":"aba105e77a63de395ba92e7d7557d7b7ae209f72dfd735132a2b4d234f8ac75e09d4acbeee7b2cd6e25307285d4d3a4988e9b8b8758761b595c96d20994bfffa","ssdeep":"","tlshash":"d221cef1906510385aabe6b430f0a9b9705df145ea63199c5d6533ad49d378f02e02ce","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.435641Z","times_seen":5604,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-3bb28e34.fde28ff8.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-3bb28e34.fde28ff8.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"9694-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3866\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9694,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9544), with no line terminators","md5":"24da600d80d56e3e5ac601248f03cd7a","sha1":"f953011137ca530838a5a35cd2f3050628e7e34f","sha256":"a5c3267a0bbc542dac027e493405b16c2d8d2f7e210ce046c0eb8cd3386f327a","sha512":"a4256fadd411d0a95fca97acd0ec161b7dbf9d1389532fae6365cd73f22190407cbfab7b88385f76b36b3a8acc4362a861353614cf97efb51320ca5011afbc71","ssdeep":"192:PqpEERr5tC55V5kFGZFScdvr7MZE7CnbLn:PquER0DtZQctroOC/","tlshash":"2a12e949ba51f8de0b6360da706fb056f29112257c0d15e2f2b5c8f739a9d1d232372a","first_seen":"2025-02-23T06:52:24.644497Z","last_seen":"2026-01-28T12:30:44.9251Z","times_seen":158,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/sellerGoods!recommend_new.action?type=1\u0026pageSize=24\u0026pageNum=1\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=1\u0026pageSize=24\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86477,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"84579c084352e8f308c6b7539f8fc9f8","sha1":"40ed7fa00191ab6501c01416567a4540a46507b6","sha256":"133a46a4036cdd357aee5992ce4c69913395218688b4e97cf9bb154456d30082","sha512":"dd5d25fa67aeb7a92b255d29e3f495feb782dc1e1826e7227f223dcb613d19c66fa8a01d333e6178208370b1a779a11dde1e8523414b245199bcc62cdef82d2d","ssdeep":"1536:EOrPhSngNPIJuwkPbXhJfEjNnrUSZMHTDJyg/9QvwK3CYYZc:EOrwngNPIJuwkzXhJfEjdrUSZ+TNyw9M","tlshash":"e4830a52c79892790f68019544623baba4fd8217ef738f94ee2cdf346bac8f6761504c","first_seen":"2026-01-06T05:09:07.370308Z","last_seen":"2026-01-06T14:04:13.366904Z","times_seen":7,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/97f3899d-51d4-4cd2-9720-0af99206dabb.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/97f3899d-51d4-4cd2-9720-0af99206dabb.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: IrfSF4ng3X3brKFvCqoUj7R1I5eoD+bLIYF3Onn6ZtgRqaoaJUnguKruI6FVGBYWk65H7Y1jP77+i3Dcduy5wltgXYC8+PYg\r\nx-amz-request-id: QPDJNZ052RSETF0N\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"74ce2539c3d1d018eb92f94dd3b9bd23\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 40407\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":40407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"74ce2539c3d1d018eb92f94dd3b9bd23","sha1":"1ed07808d60d8ff4965899591136f4f1ccc880e3","sha256":"5a3f2be7dd8069790a3bb5098aa704996a51c1c689459abf286b29a0a99a3d26","sha512":"2b962643ae9c9c3aec2caae066500f422473d23eab84cd3dbf14dab1b1bcd25fa0cbf8914f6a540b724b78fef89f4c952873cc2de3e733886f9fe03a57aa3fec","ssdeep":"768:G26vbkDR8P2NFi0uyoJ6TlcoZVJixSS/+Q1irAGMk8P2x9rzcXyz:G2kQM8Fi1yZTlZVMxSmwXM5gcCz","tlshash":"a203e027dd508ec7b10dd3fc7faa7db8839d5a01a58473de20f51c96332584a4e6b458","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.369715Z","times_seen":9825,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":714,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/f70eeeb1-a83c-4724-bd3e-7c6dc72637c1.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/f70eeeb1-a83c-4724-bd3e-7c6dc72637c1.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 5suh8g5MQDh2Kvm8w11HTWRxhbl551NJKFqHgNDjHyHXrvbmDhcLgInzZIxAmo7S7lsmOkhB9Wc=\r\nx-amz-request-id: QPDRWMRYS8CCVXFD\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:55:25 GMT\r\nETag: \"c37d660217f7d4c257006d2042c09e5e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 53094\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":53094,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1326x1393, components 3","md5":"c37d660217f7d4c257006d2042c09e5e","sha1":"ea529657eb74db371f9a05e1c3d720cfd06c11ac","sha256":"ffe20fabb47fca3b0a55a877370f03f6168625efb804473ba88443d0e0513a38","sha512":"e7dea1d699abd674bf433eb4a6896fa8965b448b59361912ed8d587cfe4064471572162570a9080ecf0c20c21161b10507e386fc543116bd3a58e99b788f7a21","ssdeep":"1536:UYC4y9UKjX6lny922L7cDHc93ykbqdhVSbnm:U+kNwy9xfwcskyVInm","tlshash":"f933f18383a0e8d1f1cf6370402c9726e5cae52193f7c3939a1ece057575f997e52494","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-06-03T23:39:34.640323Z","times_seen":7663,"resource_available":false,"data":null}},"time_used":895,"timings":{"blocked":763,"dns":0,"connect":0,"send":0,"wait":130,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/09f4347f-2277-4985-9f28-668a55470136.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/09f4347f-2277-4985-9f28-668a55470136.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: CzW3F7IlxQ+7CpjPF3TKjTl3UIqCR3MD45JGYNyB8Lai6yJdm036E4X+29DsBhTOtLGGIPceZ14=\r\nx-amz-request-id: VPY8SZMSG5MBG2EG\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:46:46 GMT\r\nETag: \"6c0d8870785f0488d0b7142263a15170\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 117525\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117525,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1417x1500, components 3","md5":"6c0d8870785f0488d0b7142263a15170","sha1":"aba57b51e93b5fd1a624f84850eadbaa1c110bad","sha256":"3a90f757acc9d4e5d3088beb21be69f9542bd7e056d6a936d4b920ed7286b665","sha512":"04e4da2f923f15b3c32d6329c9e2f1cbe4ce58f8f09fd03823529da74504d1fedf8317083b1ed370ae9917cb5fade27933d50d4506c1b1e22f373e6d421c7551","ssdeep":"3072:FpBFO7JLZw6p1LoD9WiupE9nfmQXdxt+jm9p033qF:FpBFO7brLoD9WiUEFmELtZp06","tlshash":"f0b312f876a8e373cb7a3e3801d9e95e9c62d16e653ed4524c79144d30100f6c9ce9ae","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.377911Z","times_seen":2399,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":262,"dns":0,"connect":0,"send":0,"wait":114,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-a9f88638.ed8f2f80.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-a9f88638.ed8f2f80.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"10859-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10859), with no line terminators","md5":"4576ba94cb5bb372bde2a8d3805ab577","sha1":"b8ebee11661c562a71aed4b8e13af4de80d96711","sha256":"e86e616a75a0aa6fa76e336e26f657e2448108344358cbdcefb8c8bdb798dc1e","sha512":"0038585406aa7067006baeff76d9d4137c883f1fe31ed43871a592b25c39a5beb9e490b3491fc5dea2603540a763a59a358313d8fc8ffac5de1b178e34ee1bc5","ssdeep":"192:8/sOYPMSXr6HqgCI9pn5VsseOyVj+4ceGyEufSau:Ks7NX2k8Xez5+4ceGafY","tlshash":"8b22e70ab066e9b88d9b41123116a27471765fd1f44444eef7bccca85689e78332b37e","first_seen":"2025-08-19T13:02:14.851561Z","last_seen":"2026-01-14T03:40:42.820717Z","times_seen":58,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/40488675-237a-40d9-b2d3-e5d53b0e6455.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/40488675-237a-40d9-b2d3-e5d53b0e6455.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: vRxCq8cqa7Dh5QijzSDlM5EanATtxW9Wmvs9HQFf3p3AzIYkbsdyO07hCnSsB25iQ2JiYUJWGYZgP1VQQdJylAd+o4GPeP7L\r\nx-amz-request-id: QPDMESDD3441M390\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"a5941f987a0fe015714bc8b8cde4baff\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 44216\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":44216,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"a5941f987a0fe015714bc8b8cde4baff","sha1":"88c88146f9813942943df5777e08d4486db3040a","sha256":"41da4ebe3b85b5ca006db2a633baa60593618feeb72f3db99e110d74e1cbd918","sha512":"937d3c4add07ef443e201c34e73eef5cf558a781c5112a81719a989e4ff4c2cc29f2bf35739cec929988409694a4518fe862820b2fb6c18d71b4195954700628","ssdeep":"768:GTRG9BPKCHP1oTrfNz7uVdkyQ5CmHjrYaBsDTtk9GbLf+H:GT8QgP1oTzB0dkyQ5Cm7Bs/u9+CH","tlshash":"52139d478e489f835014d3fd3e079e6d6b891b0c59893aef19b31eab3f216521c8e54e","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.325591Z","times_seen":9841,"resource_available":false,"data":null}},"time_used":1897,"timings":{"blocked":837,"dns":0,"connect":95,"send":0,"wait":122,"receive":95,"ssl":746},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/06f91542-f535-445e-b3aa-04e3fb05fe8a.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/06f91542-f535-445e-b3aa-04e3fb05fe8a.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: t0/72FUYPxxRteSNOKOqrdVBJrGx7/N2EUwoDShW8fJyYM249da3sNdNS3jP/g0CPtC3JupLWTzd9P+79pyFtwb87tYLP1nO\r\nx-amz-request-id: QPDN20ZEVHTX1ZFS\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:17 GMT\r\nETag: \"1b8714109ac1c300a6848b18f4b10531\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 27057\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":27057,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"1b8714109ac1c300a6848b18f4b10531","sha1":"1c40a9917624327dcad395e8d0a9a204e24d73d0","sha256":"952d26075b0ffa3fd64c6add8791e566a5d7010f52382b468a3f1672c5496320","sha512":"4a5388c14a734141ce576fb7e988c90418774f74d2641dfda2714951ce30264714baaa6338374f69d053de8e232efa6e658ff156ac04412adcfa3d6c41a3b94c","ssdeep":"768:G7DH6SIfn5ChIqflgQY2z+CR8hUywK3cD:GRIRCm3QY2z+nCywKE","tlshash":"2ac29d5348089fc7b13ac361bf031e6daf96bf09d495beeb10920ac7bb34655ac4d128","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.507252Z","times_seen":9648,"resource_available":false,"data":null}},"time_used":1211,"timings":{"blocked":1074,"dns":0,"connect":0,"send":0,"wait":135,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B083TRDV5R/51n3W0JxmfL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B083TRDV5R/51n3W0JxmfL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: jvXBRo1wbwRQUJ+3dNVo+IV32COWEFPRrdLkV1BW5QdzRzstSzRGakeDJGWedJ8mpVT5JxwqkxQ=\r\nx-amz-request-id: QPDN66C0K7CCC6B2\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Tue, 21 May 2024 20:30:08 GMT\r\nETag: \"024f3ba30a6e5258147db3fc66755883\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 25549193484395a6960481470b9eb8284a667b3fa147a766f9e725717aba24f3\r\nx-amz-meta-s3b-last-modified: 20230415T142456Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 60364\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":60364,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 914x1500, components 3","md5":"024f3ba30a6e5258147db3fc66755883","sha1":"37d404ba13429e44bcba4d4a9a49aba6215e93b9","sha256":"25549193484395a6960481470b9eb8284a667b3fa147a766f9e725717aba24f3","sha512":"b02ed30d00443ac85d31bb467ee41c6efd3d395fd164a84b37ad5d9f4837a2415b2f9d04935d31665231dc776ee72aed285a73d16b0260957b5ef19d3928c905","ssdeep":"768:1R7PirN6neLXjYLRvqhOJdGEN9J+RhC0VRAs7BROG/bQXj9sNNIyMtSp7JN0/hcz:jrQtL4shcdG6JUC0P7rBbUSN6ggY+8","tlshash":"c643f29707a7489ac8f4343a5e12e1d4dd58ee5b259b6fca78f06f4d33060c326b0297","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-31T17:27:36.631912Z","times_seen":7461,"resource_available":false,"data":null}},"time_used":971,"timings":{"blocked":853,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/093d9f58-2c6d-425a-b3c9-1898b0aca760.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/093d9f58-2c6d-425a-b3c9-1898b0aca760.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: tpDjrXDayDyd+KYtmpicI669rF5BO6lT+fc3K4WKRemkNbcIzPTpHqgqsbGbdKZgZoqf8a6lPmM=\r\nx-amz-request-id: VPYDH6178CCXEXVG\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:46:44 GMT\r\nETag: \"cfcc313a94dfb8530acb5ecfe5dc53af\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 132447\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":132447,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"cfcc313a94dfb8530acb5ecfe5dc53af","sha1":"4ce68057416501691588568831526f3f621377e1","sha256":"616cefa8fa49014d34e31d96d913620bf5252ad75654db3924f71a05834202c6","sha512":"fc051b5d6e2a87267ee275655fb446499cd4f41eca27a43c7e3666fedcb37364e65086055b0668434a8e8f0c9ca176c4f9570de51dedeb85e37304804be91846","ssdeep":"3072:ErQx7WJnVeTJWMRXz15rKYLbYeZu4G+gqg44O0wZfeN7yC:KQOnVMgeyH+Q4WWfeN7F","tlshash":"28d312c06b111bcbe5c83fb5227a928237e772399493fd323981d26e59d1c78a237d42","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.33961Z","times_seen":2337,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":271,"dns":0,"connect":0,"send":0,"wait":138,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-1ab1e7a6.5c221ebf.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-1ab1e7a6.5c221ebf.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"17039-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:57 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16771), with no line terminators","md5":"7867436e142b9e16523bc2bd5932fd21","sha1":"55855daba4907abfaad310493502686e225d7b84","sha256":"5115a2b2b2a4bbf455b4fdd09b40865c845d1fa139590e302f7748ed1c59718c","sha512":"22d155eacf404633088d948e6e8c49be05ee73171c01fc24f5f43cdae32edfb87f104e07e1b4f6511f04d9a7989a55f818abffb6e7754708a7780081acf4823e","ssdeep":"192:Xyhib/QzOluFKrF7rJrPeNNEf2YHHZXbV5K4bxH+Mm15K4bxH+MmP14SNK7+Q4:ihdzOAkrFoNNyZzK4bUrK4bUThNKiQ4","tlshash":"2872b58a22b5385e4256218230f7258021722ba6640d45ebf17dedfbb7dcc147d17bbb","first_seen":"2025-11-12T04:02:16.017181Z","last_seen":"2026-01-14T11:25:19.954235Z","times_seen":57,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-0492056c.0f4ddcd1.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-0492056c.0f4ddcd1.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"6113-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3696\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6113,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6113), with no line terminators","md5":"9788f5c1eb6e47bac79ab36acc495817","sha1":"32907ce10bd8edfa4ffb56ee347d853b9a5faf7e","sha256":"e2807614374572930715fe74e5222b8fd8193aa83529b9e7fd7477057b0223af","sha512":"c1b35b2041203f68190891e96b7e6d4e95b817976b8c327208c713336d95abb284895bd5d912cbe45de3a373337e216fd071b1b11e789f5745e2939a34b79227","ssdeep":"96:VTdRiowyLNQRLCQz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGV1:VTdoJaQwQz5sbKYxgCtCowY2duLGm7Aj","tlshash":"44c11c763414a83996fef56998763acbf006f813d00991edb740a76cc8e3bc62db4359","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-30T03:35:54.900478Z","times_seen":999,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T14:02:08.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Tue, 06 Jan 2026 14:02:10 GMT\r\netag: W/\"7289-1756837222000\"\r\nlast-modified: Tue, 02 Sep 2025 18:20:22 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 2008\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7289,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5351)","md5":"434440d362422d131075f669fad3fe6c","sha1":"d4003daaed02ddcc6e35106e40d49576640689c4","sha256":"c4629785104d6f2a58d9b9f149421f5e34f2f0ddd5b5c9c6a89e14a6b3235d89","sha512":"bfaebfd5bd65769bb08c002448a9d046daa164fb16613cc982a5b1a29adc60b87043a0d0a1f68ae364dd2fe04d4bc2087508a1e36d81b17c058d34cbfd488e79","ssdeep":"96:dCckG7+f82tAHhvDYEp2NVNtpAU2PQuO/eBJQUf7ox:dCcufJt2vDYbNVNtpAU2PQuuebDox","tlshash":"dbe1ddb9de40608ff9f0de879d29eb2ae9cb8c771130e050e219944fc968fd4516b947","first_seen":"2025-10-06T03:51:01.373998Z","last_seen":"2026-01-14T14:41:34.097515Z","times_seen":62,"resource_available":false,"data":null}},"time_used":3595,"timings":{"blocked":1669,"dns":163,"connect":1250,"send":0,"wait":257,"receive":0,"ssl":251},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-2849664a.b30d78dd.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-2849664a.b30d78dd.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"340-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 340\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":340,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (340), with no line terminators","md5":"7de78efe8bf09e10f280567a395d6b1b","sha1":"a84403256fb9c265c757c632def2bf3681d921e3","sha256":"3c64df4c1120ae8af09b2670ec78de64165c17cfe281e9fd19d9a55277f38b77","sha512":"575e2e01d3b715fc66a4de91cbe6cde658c2d3953445a92f711f396196fe921f1ff198fa691271c8670688cac8b445a52076248bc01382ffdd4b6956c1137eb5","ssdeep":"","tlshash":"f6e020708b561089952be1438b034cda2af9e663d16395855fa3d03dd46704f2e2a785","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-06-06T14:40:04.395716Z","times_seen":7633,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d80b2606-3bc7-47a2-bee9-d040619a34a6.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/d80b2606-3bc7-47a2-bee9-d040619a34a6.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 11+pMN+zTTFZQ4UkR40bJ7b4/1twV9JO3T1CpEi56H0bj4f3NjV+56fcp2Qs2xvBkoTIU5VBhpmTeoSTUArCvhaL4lxtDntP\r\nx-amz-request-id: VPY7NZ235TKQSCND\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"ad3bb72e6cf979df37c56cc70e70710c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 46207\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":46207,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"ad3bb72e6cf979df37c56cc70e70710c","sha1":"f0bff01c9d923ad55250ef7de41afae41cbe3f90","sha256":"50294b071e29cc9e8afdac176dd2fbc62f4c36265d5f494d96a7ab2908c1a643","sha512":"1fc3e1b07a86c34fb8c9720f8ff8c2a584cfb6dfe7b4e34d53f2f0555e558fe95f5a62bad4a6874a64e081cddae0defe530870d76dcf1551ca45ee570b582ce8","ssdeep":"768:GOSu2YQp+gujkfsasYaYtu/tgiE/c1tcDkV2FynHs5d4RX3S6cqUrolLoDzT6S51:GOt2YQVujkfTJaYg/wU1SYSJ4JcrsLo/","tlshash":"4f23e09b86804fdbf03acbc53f272d985b41fa0944d0b4fbd1e986af1f65622285c48c","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-06-06T14:40:04.514115Z","times_seen":9823,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":355,"dns":0,"connect":0,"send":0,"wait":135,"receive":111,"ssl":264},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d29f0843-33ad-4b3f-8a90-b56fc21b0e77.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/d29f0843-33ad-4b3f-8a90-b56fc21b0e77.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ZRLxFh8qWqLCqRXvZPE5glK9yJ0PGggYzOr+VW8vGNPToQEzrAPTI7YHHNcnSSoXTipKFHquwyvLi2E6FvLcH2cvdlwe/JX6\r\nx-amz-request-id: QPDMR3SC031ZRHGC\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"6a85f34af56b3c034d5137d4ec807895\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 49034\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":49034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"6a85f34af56b3c034d5137d4ec807895","sha1":"75fd4cec7f44e8b8f20655dfdb165720d7223bd6","sha256":"67488643bc9d3ae11bd5cababff694c1f7a131c289d81eb79e25576f78dd4fa8","sha512":"d827fa0cf605ede5b060c72333d4552c1a930b0d8eec8052ba78949ea5e54a58bf0addbef05e024159a196589abbadef866f8c4d5f3c34722ebe1d9757563f9c","ssdeep":"768:G6O88eZQudaEcS6tJCXfvmmxmxwc3ndr/8wP/x49gE3bjt1Txv7ZJ:G6OYAESJCnm2IF3t/8wB49giPdFJ","tlshash":"5523e18725805ee3352fe3f6ff065ae80f088f64d1263edb21e54f98b312a238595428","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-06-06T14:40:04.515648Z","times_seen":9968,"resource_available":false,"data":null}},"time_used":940,"timings":{"blocked":822,"dns":0,"connect":0,"send":0,"wait":114,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/e1158c3f-a786-4374-aab7-3f4dac76589d.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/e1158c3f-a786-4374-aab7-3f4dac76589d.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: sVZfvNTeLeJLiI2QfSqLjvLSldQpBoaWv6NstM8hu4mpGxyyqZ4YZVEHGWKtx1IFKuibe9j5w4aT24xEutPDIAEGyFqR6anY\r\nx-amz-request-id: QPDGREQ4JN1HT6DM\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"dbb5460537325e381060d6a696bdabba\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 66319\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":66319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"dbb5460537325e381060d6a696bdabba","sha1":"852c6ea174a0fcdd7e7351b5bc5c1ddc309d87a1","sha256":"3ff029feb7f2d1b0a7bffa8d5060030474f569524abd014585f373a17fc09695","sha512":"404f949ebbad69f94ae8b173c2c1d8807599df69c51675e3b0e06bc0953f94f95a51914abd77bf684dc3c5ff42249defe6152bf148f4aa8c1515fb8d29879374","ssdeep":"1536:Gi+tPxNX6ucnz4Zw7vPYpNuirA5gmQGo1CISuKbKNiI:F+tHKucnz4Zw7vPYxUpPHIS7KNh","tlshash":"cc53d0a31a450fd35629e3e67f0799284fc65b8d94e039ee11d358e37ba13b3680e11e","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.308172Z","times_seen":9841,"resource_available":false,"data":null}},"time_used":1330,"timings":{"blocked":1116,"dns":0,"connect":0,"send":0,"wait":120,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/02a275d6-f6e2-4a03-863b-4f4a8e5553a2.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/02a275d6-f6e2-4a03-863b-4f4a8e5553a2.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: b3b3VYq84AkyDHoxvQ0CWWSo9xQtw2Ch2vpUqMTxx/iBxc/ov8WD/8lTZHeqwSyovggL41gw7VAl8PmwQgUkmvMDyVlNeyYS\r\nx-amz-request-id: QPDZKKX8Z56AWS6C\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:45:35 GMT\r\nETag: \"5a1dff9153a77d8a9378efd305a31020\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 224131\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":224131,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1220x1500, components 3","md5":"5a1dff9153a77d8a9378efd305a31020","sha1":"b280f6a2970151e339afd5e73361e0c6a734744e","sha256":"8ee4ccfa0296fd6e5c7ca878aa83aa308acc4699ede63a1cabc0be5af3798602","sha512":"abeb0d6350b6e478258e33713708899eff0b9a58db05b3137d5f869ae78214493b0829a025a3d5ffee54038c62d08ff38f0ae26a011960c0e5a08ed2ebd2e24e","ssdeep":"3072:/Oktuw2ZB4RVrrrV2GlegkDtLvyrA+PmwLiixr10oAIC1yQFMQLNXNP7g+UB2qDa:mktT2TCOGeLvIf/2IUyKb62qnGj","tlshash":"bc2412a0e302057ac0fd497d1cca4627eeaef7ba61eef102c42768103957736b574a67","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.551318Z","times_seen":7463,"resource_available":false,"data":null}},"time_used":1045,"timings":{"blocked":830,"dns":0,"connect":0,"send":0,"wait":116,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/banner_01.183cb7e4.png","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/banner_01.183cb7e4.png HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 13:39:14 GMT\r\netag: W/\"91050-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:14 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91050,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 352, 8-bit colormap, non-interlaced","md5":"183cb7e4e9c1e8e3a5a24e5979f2ea5b","sha1":"5496ab511a333e267732b6fefbb6013565b649fa","sha256":"45d681c6d681a965afd9f35944f61954983d9680514839acdc8311121971ecfe","sha512":"9792d41e1c6dc0b7dfa37263e77b860dd0d3834f5d7655499960c133454edc065e6349719c691507ceb7eb27c2ba5cc5d6291b2dcf5ce53bf703b2d1c19d86e7","ssdeep":"1536:rcn3lhNDAuFKUkblgDG8W+A2iIMbvUPi3qwQZbJPwinyW:rc/aHpbtmMbMPivO1winyW","tlshash":"53930280b679e85b98347db00f9daed77ea512593612e1e7c6f2986c704c0dca9083ca","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-05-30T03:35:54.842857Z","times_seen":3579,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/TK-SHOPlogo.cbfdb625.svg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/TK-SHOPlogo.cbfdb625.svg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Tue, 06 Jan 2026 13:15:03 GMT\r\netag: W/\"6046-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:03 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6046,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cbfdb6254c537c65ec00c79065184ead","sha1":"0799761ba27668d1240f736692e90becf8b284fa","sha256":"08849f150b00d457a0cb3df3a18b75b2c3d4d727c597cd8b39baf874b62501f8","sha512":"39cfe7e2399b4438490384f2ad62ba9d456e72c71820f5e4d77d793ed613393fb620f665ea4e8de70241ded33a05e0e8464c40f2a69884ca10f6d174b31de16a","ssdeep":"96:1KfV2oLT9QTPsoQ+8oRpsAYXBUG7jygYc5VnN3Rr7CykUV6qa3zIYkcLRo1tA:1oXLsRt8ZAKjP15xN3Rrm4w3zIbnbA","tlshash":"f0c17d7d4070bedcf1f4856a7b26f6d3ed15227fd20a5189a96834833810863b9763b0","first_seen":"2025-08-19T13:02:14.824105Z","last_seen":"2026-01-14T11:25:19.898519Z","times_seen":59,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/fonts/iconfont.0080bb9b.woff2","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /fonts/iconfont.0080bb9b.woff2 HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tksn55.cyou/css/app.ec0f329e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: font/woff2\r\ndate: Tue, 06 Jan 2026 13:15:04 GMT\r\netag: W/\"5212-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:04 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 5212\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5212,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5212, version 1.0","md5":"0080bb9b021fc0823608910adc2e5fdb","sha1":"b03c86fc4fb5e0542122925d2eb2468cdc842dd3","sha256":"a72e9b48fd851011d2e52a77ae7f72b6de42e4647182c7bae3ca49edf3347af4","sha512":"aa68b80986d5ebce07a92a36839e2b7f4365932ac12c992864ebb4a4e49ab9964e39464d9da1b79a0f963947a669176c3f65b23ef4e4203e520a790bfe6b0756","ssdeep":"96:vSvxwJyBbfhD1WrBqAFtlzkqV4tQWGRGQX/rZHhxm9Sy4kUf6:vS5H1p4FtlwqV4tOGQXtBxm9SpkUi","tlshash":"94b18f888c661528cf387a353840367dc9a3130db636e49acae41f1b57ab78a0159761","first_seen":"2024-02-11T04:26:44Z","last_seen":"2026-06-06T14:40:04.436528Z","times_seen":8057,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-2d3b15cc.1065e47b.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-2d3b15cc.1065e47b.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"8220-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8220,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8220), with no line terminators","md5":"15af1d3c26e82f554e22d4b92989e50c","sha1":"21febdbf6c09940131326c18d6c6b5881074b618","sha256":"330f77708473892fcf35599941ab374c7dc73f4e2d71923161330537dfbb637f","sha512":"2752f6891792617b5a6e0e7aef54d792861597683c59ffa9a44525ae90d438a03e2bbe7c31a106dcebdf686e409edc822af50910d2aa3f54004a8ba1f929bd69","ssdeep":"192:Iz5sbKYxgCtCowY2duLGm7AtmIfP5iFxWXo:i5s8CkC2caIIsFko","tlshash":"ab02d5b7a0b2e029666bf0a9757495f87444da12ecd783e5f6847238ccc32e31666b0d","first_seen":"2024-03-24T18:07:05Z","last_seen":"2026-05-30T03:35:54.884855Z","times_seen":1196,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-78328792.1a94a034.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-78328792.1a94a034.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"428-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 428\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":428,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (428), with no line terminators","md5":"839113b3a06297a1185b208299520527","sha1":"df67e42e507fdf888b4f0b1706a0bd54e09763ff","sha256":"ae7439473b984cf35ac3a8199ea3a3ccd8c794d239d0e36fec25cd4a3f0222ac","sha512":"da16c62f7431636915bdfa092d4468b66770272aca96b2e4c27d1bf9cd36b044dc03acb199486e709a3a82c272c9ab6ffe79305e116376d596ec30e3523dbf6b","ssdeep":"","tlshash":"2de0a0a051072a3b2563f0b6a8c20427b655f7abe91291107be305092e7b38a68373e8","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.363745Z","times_seen":6807,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2ef5db62.b80aa325.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2ef5db62.b80aa325.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"17017-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17017,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16971), with no line terminators","md5":"67b92cfc754be57bdc6f4cd19eaddde0","sha1":"ff1be038beb446f655351a6b38dd5b6898e51300","sha256":"3afe2072d25313e434d48e990a3d9fcdac2fc4245bd1801a7d45f6065558f012","sha512":"008bbb1d8cf35a7b81feaa618d4669ad4a36a59c02c0e52c5c464a667280c72d5fabb9d94694f4e47784b2a8cb4ac642b8263cae6c02fc38582909c8ef5b486d","ssdeep":"192:glxthRrXBrUFGaEERrSr8yS7cAfo8KwRHfnQMsfN8qAV5rQzpV7ocKwRHfnyMs4/:gdX+M1ERE+7HnhqIU7HndqIRlRt","tlshash":"0372f92a50047c9c0e61a0ed702b3464a05a95105919df5bffb8ceedbaced2d261737f","first_seen":"2025-11-12T04:02:16.025986Z","last_seen":"2026-01-14T03:40:42.784139Z","times_seen":56,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-55a26a12.f331b865.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-55a26a12.f331b865.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"6609-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2998\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6609,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6581), with no line terminators","md5":"36408654b8775efe695ea96cb465716c","sha1":"f48885a05e1a21aba6c6165ac8869d5465aee7d1","sha256":"8210ec7e35330c5d107afeb0b11113fb6092bbc4f707bf75ecb50ceb0d81aa39","sha512":"3792a86671b27b9e206b575608b70d2a6366422d854c7a63e9bf070398115ffdaa5e0a9f61fbc6a8a98434bf2056bcbba69ffacef64cb4d3c789328a55bb1491","ssdeep":"96:BBljrEdlndrjYXkLIuGtdcskBIHKKFD7AkMTEWgvbVPLYsoqfZTx3:Brc5j45uGtmUbD7AkMAWspUsJfr3","tlshash":"32d1d89ea518f80d4e1b9152301d29b3f5a93ee4b024c9dab73dc8fd619cd102b2eb75","first_seen":"2025-02-23T06:52:24.649688Z","last_seen":"2026-01-28T12:30:45.036406Z","times_seen":151,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-597b172c.f72fbbe6.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-597b172c.f72fbbe6.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"10209-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3494\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10209,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10057), with no line terminators","md5":"f47f8e343514e2dfc5259582c01a50cc","sha1":"97860e2ebeef68e9574d37f2c83cf797345d36eb","sha256":"4e7abdd2c5c718336ada13aa060d8783a72446bfe1a1d5877921627c0190a150","sha512":"a9b13d072fa9d3235f92d55eafc73c84e5e6a5216161801e9236e7916c0b62330fe86ab56a88778978a84b6866cd38b194d0085620dc33c725bbee4ff322bbf8","ssdeep":"192:OfqfNhehydUUd5b1DEOh4EOnItniEOwdBeMlBvYEOcvQDIPPrx0GXby+T+r:OfqfNheyus5bRtnPBeMlUDI+GXY","tlshash":"cb22f748779074655a8b61b2a16f204fb3b728c8270b58a0c378e9d4b87495db37bf5c","first_seen":"2025-04-07T11:52:05.490238Z","last_seen":"2026-01-28T12:30:44.937444Z","times_seen":153,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-91f4e7e8.3b3d8f80.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-91f4e7e8.3b3d8f80.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"12297-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3778\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12297,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12265), with no line terminators","md5":"62ecc99cebd7658d11b5c1766aa2c424","sha1":"0908ade7326f569e2c39704f42a4a0ecf08e274f","sha256":"a5c240a1488a39d90fd96148382135bcd2b1deb36dbd61acf0d8f1f0780c7f6d","sha512":"f4a2e543c6a2bddf9b2d5b2fc94fa6fadaa160826aa88db7ca5ae7d4bb2a0e37892b4dd3d0d925db0bc138d02d78ba82d98aa9e9d54acc694836a5676f1a1347","ssdeep":"192:5Bo3gsx9fnS9gHJJhDJzfNcj1iXcFW32I5eAW0Tu8M5hHBaSLob:g3x9Bp9zfNcjVWgc05hq","tlshash":"9742950a7153b12e5d6b81a1300a7420b6743fe94805d08ab6b8ddf977d8c79732efa9","first_seen":"2024-09-25T10:54:55Z","last_seen":"2026-05-06T08:37:36.260683Z","times_seen":841,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/fb09769f-95b0-4418-bc5a-8f91952ddf75.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/fb09769f-95b0-4418-bc5a-8f91952ddf75.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 2IbLlcNCTgMui940Z+rvBFzTsHO/+tzpeYxDRdICZ+ZK53WaAKzlF+0FSV9mGRcVcDCxD63rSDedg8BAOXfJEoDmv8fM0gQx\r\nx-amz-request-id: VPY5K3QFVSH26WS5\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"e1d0a17b2eb5865bccc7dff6330f6562\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 147078\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":147078,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"e1d0a17b2eb5865bccc7dff6330f6562","sha1":"c956ae8ac7dc2720241d709e92d963ce814550bb","sha256":"9d0495f4e08deab21e64eb8cbe00de00a937aba37d3ff7a3714f30e551f978e0","sha512":"a6c80898e0109f3b6887861ca36e8bcbad9e7091a24eb9d49e55051ebeacbff242ecf0b192cf45d318948b90d660b97dc520cf870d5d651af386a4cec7553456","ssdeep":"3072:0bomG8J7r42I27eo7oPi6T3gKWN4+ogF1Ejq76Cui8MuXK/vDJMKC:0brr425eo6WUgRuC98M7DJMKC","tlshash":"f4e322ddc9c8a380c8003df5fd1699599a347ea34db476461f637adc7b19648ae1bc0c","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-06-06T14:40:04.515165Z","times_seen":9325,"resource_available":false,"data":null}},"time_used":1063,"timings":{"blocked":415,"dns":0,"connect":0,"send":0,"wait":119,"receive":195,"ssl":334},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B07V3DF1QP/51G8uW4FLLL._AC_SL1010_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B07V3DF1QP/51G8uW4FLLL._AC_SL1010_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: rDfDfu4E3jGiRzhCTnN0Q1gkfL1IibZ14izN5YVv4er5P2aPbhvdfYhToanTxtNVXgUWJMwuMOo=\r\nx-amz-request-id: VPY2JEJ2AQJJ8RWK\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 02:20:51 GMT\r\nETag: \"933feffc6f87b5e835ebcefde5c5c67c\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 8680fdf2f0e12092efe3d61a6df35efeeb6658f49e10a7397687c7f378021bd3\r\nx-amz-meta-s3b-last-modified: 20231029T132225Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 45111\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":45111,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 499x956, components 3","md5":"933feffc6f87b5e835ebcefde5c5c67c","sha1":"b4961dc6b0b61aaf05cc9e4ffc4318eaaedd60a7","sha256":"8680fdf2f0e12092efe3d61a6df35efeeb6658f49e10a7397687c7f378021bd3","sha512":"1fe7f9b5dcfa651626616464fe7b1c25946eb77d2fb4d6739bb2cd9e9c5012feef50e8928dbc6ee5a125570949760b702b647bd4ed73ea7cde3b4cb853a45bf6","ssdeep":"768:ygg6D3BnJNDyRk1XT3cR1EHhRToTNw8sDd+TnRrJq/TEdjBxT1:y383hPSk53cRiraNw8sDy5dFx5","tlshash":"0113f1cb2eac3597f1ae313bf24150414b9aebd1a8b0da71752380441435b7f6de746e","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.44464Z","times_seen":2374,"resource_available":false,"data":null}},"time_used":732,"timings":{"blocked":259,"dns":1,"connect":95,"send":0,"wait":120,"receive":94,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/c568cc14-8506-4b6e-85dd-bfd46f7a8607.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/c568cc14-8506-4b6e-85dd-bfd46f7a8607.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: UXLrKuIaaHlqrGg/chSNMlbEbcWvecms5mh00Fi61WVkQ34vUfIiQtUwByBv/mz26wxsUeVcgw8=\r\nx-amz-request-id: VPY4YR111AEGGQ6S\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:37 GMT\r\nETag: \"69ea9ab0655294c4e81cb9123f9b84ed\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 117788\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117788,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"69ea9ab0655294c4e81cb9123f9b84ed","sha1":"249e0e3b9f9c8ebb9d3c2b0e8f96db0bbbb96233","sha256":"49bd15612e8028f820eea86b82dafa4d5e439225445e527cf5a3232ed060d942","sha512":"4e05f275f9d9ccecc1ff61aaf45278811f0062aced05aac2d3d4c7648c4be9e1130cda1ec819a3a4503006a7c49b87fe94e1bc71657c2ad2708080425857f71e","ssdeep":"1536:3edS0foEyCuEPL1TVLKPXCTmcgFbbLmWEDBygAcq5qtlDRVtU+e+aPZl6ejI9li5:zCAEP/ICIbCWEBHAcq5ylFVBIuNuV/lr","tlshash":"18b31204277e7cc1c2f9a176c8b1567a57b5c74ee2dd9714ab5a3401cfe3a202e10aab","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.448726Z","times_seen":2353,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":111,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/ce21709d-d03a-485c-bd1a-0ca3c11840fd.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/ce21709d-d03a-485c-bd1a-0ca3c11840fd.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: zwETZ6EC7Mg/pc3WBEN4W9adWypQUjg6l3tqo6Kg9xB2nNdmiHnGOw6X+xuZdoQ1j9Xry/H0GUo=\r\nx-amz-request-id: QPDNYC7JACX9W0ZJ\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:55 GMT\r\nETag: \"4d6bad8f76dccb096768ff49cc7cf445\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 117061\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1410x1423, components 3","md5":"4d6bad8f76dccb096768ff49cc7cf445","sha1":"de7037cff667ef30de1bfd8e6b7ceec7c69dfc42","sha256":"0d98b6495a5e33454e197017e474fc8e00ea09e9d3e72d6bdb54ee943ed1fb40","sha512":"8bd3d378f9633511746f337bfc2cca32278fdbb5458cb2f7d23d9f3167a6372a172196821b864488d9f30f326785276baa112893754bad58dfd10b15ad0a2cc1","ssdeep":"3072:iypv8tQzm4aYSV7OHP76tr4EbClnokN48XL:iyp0SApOHPsrfbbX8XL","tlshash":"1fb3121b9b295d27e3c7537156210310963cce652895ee3678457f8e3caf3aee88c98c","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.521114Z","times_seen":2378,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":457,"dns":0,"connect":0,"send":0,"wait":117,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-a19b6e94.618d092a.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-a19b6e94.618d092a.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"15265-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15265), with no line terminators","md5":"e25d809f9de11c7d85495343aa166b4a","sha1":"a953f732d5923295924398ad4bda8f7e2b5f8d18","sha256":"5bc2df253d04ba86acc28bc740dc5e2817b723139ad3ccaa236debd4116accb1","sha512":"46d7b7949fc30f3e1d4ef5d11b98efa99ef5af2e20b43bfe27798c1e10894572ed03ec9ec0628174c0a85090c8f030e2de6f130a3120de5b8fc0369e74833d63","ssdeep":"384:i5s8CkC2caII41+qFkV0vD5rw/CVFcjLU:i5sVGUI4EFaDm0FcHU","tlshash":"2662c47a7034a539b5bb966d3098a4ce7053e943c15782bdfe59b12cc4c72e3663138e","first_seen":"2025-08-19T13:02:14.721463Z","last_seen":"2026-01-14T11:25:19.804873Z","times_seen":63,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2d216994.abfbf739.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2d216994.abfbf739.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"255-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 255\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":255,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"e7949dc2de0878e849cf3715ca6be5bc","sha1":"9421c37479babb994e0a9ee0c7f0056202ebadb5","sha256":"2f91706fa1cba12f83256093aea5c62de8712ceb61a05d8e559b0b54d1b7af39","sha512":"22895c7a4eea5fc7446053efdcd741cf6d762b1cf018c3b498d7c43baec63a91e79c504eb7ee0b95afde46b8393803ce02f02eb0a1d9eb956719559dcbdef49d","ssdeep":"","tlshash":"6dd02ba6b0627ca6c55b3081026ba363342e245a0edc106517f146d42275a1e81159a9","first_seen":"2024-02-11T18:17:18Z","last_seen":"2026-06-03T23:39:34.573208Z","times_seen":4036,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-74926972.0bd1ca12.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-74926972.0bd1ca12.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"89105-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46135,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46127), with no line terminators","md5":"ede452e2e0284f259e8cab1a589122fa","sha1":"fd1a16b02bc7a173ccbe1ee5236b6affe21bdcb4","sha256":"78077f62bf347a4d2693e4af60c46e310ca6cf901d32aa78d58ad5b32295f092","sha512":"7c6f5f54d463b782591a391186c6c758d8b051de3fc476fa211c12e2768e74c870e4e516398b4529c6730c6858b7d075723722fe1e4650902f45eeba1885cfdc","ssdeep":"768:XZTpb5uzHZPv8dh7p+xhVEa7QEdR3s0PvtPHddDr6+qPnEQzPu/OGc2iY+2eS:XVpb5uz9we4EPsStPHXannPzQY2Y2eS","tlshash":"58232998b25161b641db54e0586f140af071b8522c86cca4bb70c6d2aef4fd7b4bbf72","first_seen":"2026-01-06T05:25:57.539354Z","last_seen":"2026-01-06T14:02:55.655719Z","times_seen":3,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-971b8156.c3acef98.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-971b8156.c3acef98.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"6834-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1736\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"f7b1de25905c81c373dba149d03c31f9","sha1":"862e37406535632dfb53a15f6a89c16efb3c94df","sha256":"e75dbd8d3fa49fec96c2b893018aed78a616974cb812b015636553d832881751","sha512":"5a2f0034e39196a38ce44b9d9cc46301069bf252b4f092c46db65bcd45a55ed05a6b53bc8241f14a5f5390b530394bcfb0ffea60b21c9262d0b669e07fd1707d","ssdeep":"96:Zsivfdy8lOFD1vq80WV/LPxDmvo6SOwUu50NJj9MC2:Zz33lSD1v30I/LPxDWrhxuuz+","tlshash":"56e10ff2f231112f7426953be18389e8bc86b10dd3ffc656ff84b514daa9182063518e","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-06-06T14:40:04.448067Z","times_seen":1977,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-080bb2e0.615f6bf6.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-080bb2e0.615f6bf6.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1594-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 577\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1594,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1594), with no line terminators","md5":"7bb68d7264949b255c669843ea227988","sha1":"c37129a7f0dbda018bd10436c4812ca558ccca03","sha256":"e1e47844c3390d548f1cd51ea560bf6301ebc6163228d4bf728cfd0a10b5e70d","sha512":"af29987a4411e45d99202eed3f1ebb777ea971e2b4eb617f4232c504c4f83b247c6e6651bb83c7dd153a19306a521a1e4ff6e633c6faf12308f1eb631623f7eb","ssdeep":"","tlshash":"3b31761e3e491d18f833f71f21c24a5e3212a37385b6831a7c43e55afd470c67ab12a6","first_seen":"2024-02-11T04:26:50Z","last_seen":"2026-06-06T14:40:04.368662Z","times_seen":5573,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/9f9c23cc-7abd-41ee-a116-01eed9d588a5.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/9f9c23cc-7abd-41ee-a116-01eed9d588a5.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: FXn1TVCmzug0kp0rgdn1Rb1AzWpRETaSkA5UKnGlbN3IfqnqZL7/uYw4KkYgOLEySUU88+PvtQYKmkf1GsQ6XYZOQ8eqojLQ\r\nx-amz-request-id: QPDY0J4FZ3ZF8B5E\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"8d6323e7fdd7e06d404af122b2c85f3f\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 22652\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":22652,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"8d6323e7fdd7e06d404af122b2c85f3f","sha1":"a5d01f7b4ad71db23c48fa3f117f7cfcc444e189","sha256":"8e2b0eddf8d540aaa3b2076eefe4ba494c7acabed1f15431bafffe5bd3513f72","sha512":"6fc93fb49c82210ca205c6d6dd0831f9016eb24e3a5fbd5072106d5f2b44adb98d39c7df922da930f53d2cbfc28176810e7f2692011d556155f4785c8b314c19","ssdeep":"384:g1oAebo8+5LM5Y3W9rtPwKbJO5Uq6/ECRgQPifCiN:g1o39+dMmKrtPwUqSyQPmCq","tlshash":"eea2be61f8803733c585636c4cbea112585584f288f9e8aba674cee9f2d4c879c49ce6","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.31611Z","times_seen":9774,"resource_available":false,"data":null}},"time_used":1275,"timings":{"blocked":1156,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/4d106467-e1bb-4199-91a3-14c09c397800.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/4d106467-e1bb-4199-91a3-14c09c397800.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: wM1mWqdMAzrrrE9EN/COwH/gA51pK9ShNJolXYdhJ/AWRaxFogEJize8kUBqrSOOh5SUYkZq0t4=\r\nx-amz-request-id: QPDQV583Q3BD9HJD\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:13 GMT\r\nETag: \"14d9f42f2c63b1613cc542428d426122\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 82584\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":82584,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1470x1500, components 3","md5":"14d9f42f2c63b1613cc542428d426122","sha1":"00e4462aa838f47df6791daf815e8eb0a5cd4bdb","sha256":"755dcfb51fca83949bf37ee825b678dab8b0cdd28d284dc614d367e147e6464f","sha512":"f306d811d90201f184c9381f938e563403ccdea51be8dcaa96f6a040424410bb313194077dbb6431ded01deeed1b7fd7d0698b962ffd3c6c2b04d3f886619cb8","ssdeep":"1536:GnQEa9MqP9A4s7zP1m7+PpzKo0Rm6c2/DJfjgo48h58th4WsEP208:7EadHUj07+PENRmLmlf94AetuWN8","tlshash":"e78302ed3bcea846f6ff59bc185ff48469120935eb324643e31274d8c6b86328f25465","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.474531Z","times_seen":7154,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-376ad29c.aa3ac6c5.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-376ad29c.aa3ac6c5.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"50699-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50699,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (50623), with no line terminators","md5":"49e972a2e64eff6adc0861e762ef062a","sha1":"7a16c115394f807135c947be094c4b39a3612657","sha256":"97b7802e56e78ab889d4900256bac0039884633a7a67d401572df1132c7eed7d","sha512":"5c2555a4800cff27b385789ec62a77cee2779a060eb8b3efdab1f2288d260a41994f1fc25b0e1fc1a35512710698946ff8fcecbf366cfe18626d8ac605a6f17a","ssdeep":"768:wX4uI37KNbqUxeV4GQ2jD+OJhBnCV9Pnyw1R3JHmWSqBPi:aJikvMvXIRyG3JGyB6","tlshash":"f03318576128b46d5e6656a2305b30a0a2a43be45408849ff67ccdf963dcc243b0ff7e","first_seen":"2025-11-12T04:02:15.989158Z","last_seen":"2026-01-14T03:40:42.890604Z","times_seen":56,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-6699a1ea.05fcf008.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-6699a1ea.05fcf008.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"3692-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1274\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3692,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3688), with no line terminators","md5":"d9246805257caee7e56e58d586fde1ec","sha1":"7deab1aee796fdfb9f2c5036b31ea84ab59d6833","sha256":"d1bd04564b0c20c35f152289163336e5fd697a6cd7409c5ca56d5aadbf9ab480","sha512":"669eb7e4b821ad5992d5db949dacf9077608eda8917608a2f4d56e8374fcf7c26fa0f66b664ea013e340ac2ecc7c7773dca0af803cdb97b14d8ecb440ce7ebe8","ssdeep":"","tlshash":"f3715546412179ed8bb9115231a86024f1f109dc680dac92eebcecf963e487c6b6d3fd","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-06-03T23:39:34.6421Z","times_seen":2860,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/syspara!getSyspara.action?code=mall_max_goods_number_in_order\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/syspara!getSyspara.action?code=mall_max_goods_number_in_order\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 87\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"7c4654fa4ff81d11b3c8d322ec628880","sha1":"080c15bfaa6d03e4ccdd092630344aaf1f003c47","sha256":"1f9573c145cceac2e7ec7273293953edd53fd282aca6e50acd9334f59f34a5fa","sha512":"61d2d5a60435f554ef05dcb0e1b1c47875ac6610289e4d3ea66013244a25a7b1b720d3927649ce420575cc00929d9350f519524350066508593ad659aacb79ed","ssdeep":"","tlshash":"b9a012009c155c150c03c244a84d260641c8210246404e180d041928017d43c21000b0","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.499491Z","times_seen":5687,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-2b19c21c.0e701f5c.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-2b19c21c.0e701f5c.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"2911-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 917\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2911,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2911), with no line terminators","md5":"ccea655bea4bc170e3aaa0f2f26510ee","sha1":"1259c05c03dfc98dc7f24d470689316ce0bd9141","sha256":"0417838141e75f770427672acfbbaf935e495175cc8431d1a95ff1853902dcf7","sha512":"861aaec4e19464a7f373e1627ff2e2e21060a291d64b39290946344f1ddd72d89cbfcec2245f553ff1933023db5dc0d95c6374859c8eb768c69e9a3220c8afff","ssdeep":"","tlshash":"e851d0523a4d7619913bf2a8f5c1bd8c32a0b1679353d2079ecf5c199cabfc2352da48","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-06T14:40:04.504296Z","times_seen":1032,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-28/b95dc824-0d77-4013-a5b6-73fab1c9e4c5.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-28/b95dc824-0d77-4013-a5b6-73fab1c9e4c5.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: BWW2ZlWWJI8O4wikETvNnsi8b1uVaPEvyu31uFJWVsTDb6YOMo+1iLAwbL3pJW6BCU6JiJXfbSnKC6PMjhjW2vdaRMGMhsSC\r\nx-amz-request-id: QPDH8VM1FJW3QG0H\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:17 GMT\r\nETag: \"0527d1653d7ad2d9fce0c6e3e6ff3f8d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 17300\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":17300,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"0527d1653d7ad2d9fce0c6e3e6ff3f8d","sha1":"96f83c2be0860f8d33bda1e5955d2f69e1947cce","sha256":"91d6492646ed09c0cd914e6d6b5756d5e5ce01c44334b1e4fe035ead232a3f00","sha512":"a52945f8f23f05aedb2288cf6da590d9cacdeb9c07cda2e165f751c8f5eab3a752061e605e778f3c374481c4b1661d99be9d5fd8962d30e5cc3e4f5f007f2a61","ssdeep":"192:Gdel8vIA3KMvActt7vDzEu/L38lmmDOTORDpUcQws5kXMwAjdMubITDpgO67jTf:GdSnq/tt7vTLAnyO5skTAjGJTt67","tlshash":"ce7216179d089dd3616cc3e5bf060eec7f9a5758e8063def90a10fd93b206878d8946a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.520388Z","times_seen":9854,"resource_available":false,"data":null}},"time_used":896,"timings":{"blocked":787,"dns":0,"connect":0,"send":0,"wait":108,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/74320950-831e-4dbb-887e-09fbc2c1b501.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/74320950-831e-4dbb-887e-09fbc2c1b501.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: J+r/st1oUxdCc9RLsJyPksPW8zhcgEMegi0EJwIgM1yDfDfqTTo+z8DrCEdN14gcO9J1IAGLlCc=\r\nx-amz-request-id: QPDYD7745ZFHSFHQ\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:50:38 GMT\r\nETag: \"755beb0acc47fd21e538c3b25359b060\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 138697\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":138697,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"755beb0acc47fd21e538c3b25359b060","sha1":"3ea9d8c04dc9f72448f2b72802065cca80a98b53","sha256":"9636ca3c7079d5e57d692b66104fd9c53854c54b9c074dc79c974d52fab6fc82","sha512":"9239457347dd2cc3f21401f59280fa233cf0f74d4d47415112e3666210e07410fabee8fd06346880890d5a0fa1211e3d2754bf6c7b83e7fd23e83d8af70cf2d6","ssdeep":"3072:EYIZstVjQOeoAYzeufLqX99sd9JGjY96eDdlswyo102lnkS:ELuBkoAYaKqX99sd9JDQeDd+wPnB","tlshash":"4ad3120e32b8b5bdeded11f0b19970bbbef5e15a4a830e4e1e8b650a57358457c4320e","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.503554Z","times_seen":2287,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-4a688b54.a6224730.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-4a688b54.a6224730.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"11653-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4050\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11653,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11611), with no line terminators","md5":"cac1eb346548aba113dda9997e672fcf","sha1":"1b770c7b7ed8fddc38a3699128908b8c2ed5fb81","sha256":"898742034b21cd7dd80ae2625308976a3b5fbc45e036c74e5e8952b82cceb774","sha512":"08a4f98e665fee47e24e2090c25bf672599eebe9f9c17c940176416e848308b343ed5af7083c1999e8900ffee29fa85fc214e6bf7b8409afd79f53ed040cf3ec","ssdeep":"192:CBo3gweyB73GmgA4Whyd7BaSLZ7HfmkBv6vDSs:n5eo72xWoTNs","tlshash":"7932d6487293f89d09a350b0605fb907f1a92a51380d9696f3b4caf539bcd0e6326f3d","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-01-28T12:30:44.890021Z","times_seen":160,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-1ab1e7a6.0f966556.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-1ab1e7a6.0f966556.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1224-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 470\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1224,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1224), with no line terminators","md5":"ce2f9f210240017dfa234a5c59e03ab9","sha1":"20e39b73d6088fb949dea4896683b9e44363e61f","sha256":"f6c3f2dbbc0a4d14f0ec0e41b832cd006df8a3ee6ad314f73eef5bd92d735ef2","sha512":"511ae298fc32284c3d5a451ac0fabdc0d4fd01404e81f5442945e8879a617cc90d4d03855859a311ecc38bb28c36bd016f2d419e03bce34fd79885f2a58d1ae0","ssdeep":"","tlshash":"35219d81731a1227247bf5abd4b015beb07073eb641a4352e99ba3204fcba663803796","first_seen":"2025-10-06T03:51:01.440512Z","last_seen":"2026-01-14T11:25:19.835094Z","times_seen":61,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-376ad29c.cf3ef494.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-376ad29c.cf3ef494.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"21435-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21435,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21435), with no line terminators","md5":"347e7471c06e54b272c94be9c1ad23c2","sha1":"c861e89f40823ab23cd3f71a14bb2146b4848c63","sha256":"274d806042475f7c8c017e971f32194339ac1c74bcea70a23a2743af61b3b43f","sha512":"88b410b900b577eaa4f8c0b87fcd9408c26e9234b360c484a2fc205fe3438adb714a0b4a9a12a4af442be36799d6484a98e47a2ae41662c85bfa07730bbca22c","ssdeep":"384:3ZMkIQyEkkeX/pZ25ZC85s8CkC2caIdR2iW4YGrSLjhh+P5/e7R0N:jIZEheX/poF5sVGUqtLr+P5/eVy","tlshash":"e1a208b1b22d223cb937f2691a8156cdb460f263e4568396bedc7325c8c36e36d34265","first_seen":"2024-03-15T18:45:48Z","last_seen":"2026-05-30T03:35:54.799409Z","times_seen":900,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right2.23d3e322.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right2.23d3e322.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:15 GMT\r\netag: W/\"6978-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:15 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6978,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"23d3e322bf2a163abb5e4331580d3d7c","sha1":"dc9cc27e86b9ab385f24a1ebcacc102b8fee6d12","sha256":"e71173feb88bfac5f997753ceac015ca23f31f9f2234a8083be8a5a4d4e6bc20","sha512":"072c55f9d2a58fab3e13393b1f401d1302aa3269b405f85fdf99a86e9e8860bbc4182db36bf5acbfc6aaa9cf492dd69d194e70513d0f28b4fa287cf6b8b1d0d3","ssdeep":"192:E87ECyhHACQc4X2g7B0WiYHgv+YLX8RrI9GMftmR:fECKHACQcBg7BUYHgv/Qt","tlshash":"9ce19d5cef89ba61df29a13b062535093b23560a7fd297ff754c6c10e956c3056d8051","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.82406Z","times_seen":4660,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-3fd6aeb4.ba19ca45.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-3fd6aeb4.ba19ca45.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"922-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 922\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":922,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (922), with no line terminators","md5":"3701036a35bcea856e89f00d36781e8f","sha1":"b63d63b209ccc2d1402c31a15d1d83edfe17d7c9","sha256":"a1e235f84b6314672b83a7044c2002663ee3a911f57b6d40232c5a0677b4bc32","sha512":"704ff416fa3d339a2677f78c0648d1991b282fd126cf410e760f7268dcdcadd45e77cc9fddd37352fbd6bfec16b25b97fa60c12c3a07bff3d1bca84c13f91903","ssdeep":"","tlshash":"04119e73a125d932e9332d77674494def19188e2e6428739bee7690cc08eb539621304","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.321503Z","times_seen":2105,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-4f3cc811.c70dd4a7.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-4f3cc811.c70dd4a7.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"111-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 111\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"6fa0ecf4147c8ce0222c50c699e3807a","sha1":"a77f07547a33f9b6ec67e6eed37629f508f97a6b","sha256":"6943a6d74dcebdb81ed9b48152a94e537946bd452b87590c4179c966722f5719","sha512":"8cc93fbb80c2bbce59ed5c2bf12fbe7ca0c49da27fa32ef1bbaafbf84aace700d4e60931ad95010ae4f7a5405b3e6f475e9ebf8431beb768ddf5d95ac4efb1ef","ssdeep":"","tlshash":"66b0123a734b04fc8c2ff0203f5988b87ec13322e11924035f9c8024451e7027c30210","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.445601Z","times_seen":8474,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-ec5b203e.45f75ffc.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-ec5b203e.45f75ffc.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"4759-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:56 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1123\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4759), with no line terminators","md5":"50b67c1e36297b1843f24dadece451cb","sha1":"aab4395d6d74d3e50d7016a544f7709a601343a2","sha256":"6310619d584f66c72ad89a3e491fcd0100f459bbb6c9d49d92843f464fcf51d5","sha512":"4dfc42a95a7a19d045ca233519f6f1c6fbd5446b344a059b1a5f691e916a5191b0121a7ba61619722cb7989a175982917bdf4e6359cfa4920d9f1e4b3ae2f29b","ssdeep":"96:2oxsUQOwXVcjglPJiA8J+eCkGCaCR4CRjpClCucCOCTpCHC9C3C9CtACbCUCtCcJ:2oxsUQOwXVcjQPJiA80eCkGCaCqCTClX","tlshash":"35a11297311f133d68b7e1571981a86d7878efc2c1322211fc27aa18c8db6977a3724d","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.336196Z","times_seen":5412,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-08-14/29e5a33a-f02d-43f6-b4ce-5edb8be1577a.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-08-14/29e5a33a-f02d-43f6-b4ce-5edb8be1577a.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: kTvvnqvizTNgM03CznFrjfTw7vARRyHCXvFxWF6zAZ+WjaDI1a59SGYs1xVHbUJcapD+p2kMmqPFQTWc+e57K/TDLJUJOkF2\r\nx-amz-request-id: QPDZJD2VDHYN94EH\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"a7d470fbe103fb9a6784c6e3bd450ccc\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96012\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":96012,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 500x500, components 3","md5":"a7d470fbe103fb9a6784c6e3bd450ccc","sha1":"cef53fa7fec6b069bc298b96adc02886d48a2bd6","sha256":"4529834992120ae959682d5dfc40e76a46db199fdbe4b20fd77e5d1ce92accd0","sha512":"e429d8efffecef5f79cbdab092f84a5054126fb33ee4b22d8e50861cba8d10edc49b41b5d0b8d02d997428b0f661816cca586b58f15d10cab9629375de8ff737","ssdeep":"1536:Kvlkpltm3DoZ3IUr1vvliVOHylrocmmIqeWJ6BHlCJsSEBT+qScNiHoDqlSBvP:Kvl2tm3DotIUrxtiVaylroc0dPHQJlsZ","tlshash":"1f93f19fdd0acc318b46e0ea7a85c1a364b9c25354d0f97f5739d8b6c09c7b99802cc9","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.367777Z","times_seen":9563,"resource_available":false,"data":null}},"time_used":1280,"timings":{"blocked":1150,"dns":0,"connect":0,"send":0,"wait":127,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/right8.b1412bc5.jpeg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/right8.b1412bc5.jpeg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Tue, 06 Jan 2026 13:39:16 GMT\r\netag: W/\"4948-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:16 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"b1412bc5ba0e763ff23aa08e3edfaedd","sha1":"d47b7b57f0147304de91e48497863d4bc90f2582","sha256":"a787935def85b5205fd886da2128855c877ab64a61755efee88d38c3f53d8b26","sha512":"d008c03d079a300f48904ce78873596b45e8d763f410e1707961ffdcd8786c57d2c78e9b191f42d50fba60009c78b843cdd0fd8cf4d3faac2c3d913c9cba0c5b","ssdeep":"96:Whjfa1ZcZcf9nqATAMmrGxCMpAdWWxzq/SVbFNXJakuuHcPL8z1UlmXexHgvMjH:Ej8Zbf9nXTYMpfWZbFNJuu8PYz1LOxHv","tlshash":"a4a17fcc3a345e7bff2491b3768b17391718092524bcc37921aa2e2c3e0ed704869d67","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-03T23:39:34.548481Z","times_seen":4716,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-83fd3762.bbf1f88d.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-83fd3762.bbf1f88d.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"2267-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:56 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 790\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2267,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2267), with no line terminators","md5":"8c6c2e32d246f43938c015ddcdeb69c0","sha1":"b6c0900796b2f918e95196d1deec6b6bb23de45c","sha256":"2286584045d499c3f6d7e0178051e8cee89b1e36412f7e91b095f677e1b46c73","sha512":"9bb9bf502e8cfe654b271eaa74dfbc90f633cc0ffc25cd2811f89643b603d79584fc1396ad80f23b84cf54beffa20f21ab81a34c3f799d0b7b6cda721418feab","ssdeep":"","tlshash":"5241c0737065617ad9b3e36972419ccc7a81f243e3b352f8fe95e43c89c2aa2193019d","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.440992Z","times_seen":6380,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-4ad33d1e.83c1a826.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-4ad33d1e.83c1a826.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"22755-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22755,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22685), with no line terminators","md5":"26e3a7ca6aa2e8ae4df9692c2a162330","sha1":"21efb436c2615f9b1b7569ac1005ef0bf071b4b6","sha256":"99d6bb3ecb594c5bad2c2b9627473550b6116edb5d0d8f1b1d7a99288df51275","sha512":"da52db00610da91b65dd15625958b7325ae2baabb48e874db7fb3c0f07c9234c931433820eecb3cff2561613ffc2cbcf22e7b2a083aa337874818a71a6872b8e","ssdeep":"192:6xthRrXBriBcE1UxZB73GKU6QQBNgtTkzsuQ4y1wTYDLihd15pj0L9IeuuyWwQme:UXIB/8D72LXJlUkAH9GPrs69rZqJRmq2","tlshash":"50a2a30ea146fc9b0fa272e5701f301160528054680a9e66f778cdf9b6ffd596623b3b","first_seen":"2025-11-12T04:02:15.963437Z","last_seen":"2026-01-14T03:40:42.869725Z","times_seen":56,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-83fd3762.4141f47f.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-83fd3762.4141f47f.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"3423-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1317\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3423,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3423), with no line terminators","md5":"2b207373c31b539d731413b20e6816dd","sha1":"f905a0a4ecf04ed721c3240776eb3ee88bc275ff","sha256":"9cea95bb9e08566cbd5dc0cb1228aa2eef1f312d4710ab8498bfb3e8f4c10383","sha512":"a29a43519df3089fe8f8d8e68682eb4568e3d1018f1dee74bf00702db220eabfa5058286cb32e1eb05d4a2045f81e039d47814ca0f4068ef9ae405abe5a5bacb","ssdeep":"","tlshash":"1561640e5453b47eac6e5102b11975a8a0722fd6c841c4e7fa3ccea993d0d74332ebe9","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-06-03T23:39:34.490511Z","times_seen":2427,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-24e95abb.b2e5197a.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-24e95abb.b2e5197a.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"447-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 447\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":447,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (447), with no line terminators","md5":"921bce4f483b1f08e93b4216d27b47de","sha1":"b4a29f334d7440c5b2f40841216224b72c6fcde9","sha256":"66b6628c502e0ea0445dc0ae31e229f358bd8a58aaf06e4eb525757fea64d439","sha512":"44e70871a7b43d640237f9f6f070c10a7bed3b3256e548f42488214ac6cd1421ae2209822abbb46e4940081e816f71e92ba2e6a658d1118cf5e3a9f8e7537240","ssdeep":"","tlshash":"f6f0ec012cbd95a15837c53df1c233b42e20369f0206c7a2ac44ac54c68ba613a14201","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.334237Z","times_seen":7244,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-09-27/fec070f0-ebcb-41bb-9d4e-b383ced7bf87.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-09-27/fec070f0-ebcb-41bb-9d4e-b383ced7bf87.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: R9cnadaANlQ597KzJHO8DmFAGVtL9M8IteN7w7nDs4hE8boBnrcZdTG6SHb5AwHvt6Mi6trJhMfg3uhSvqvpnVgdMlbbV3gs\r\nx-amz-request-id: QPDNCBR1FDKZTGXR\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"9f38d77d904f502b512c9ec5b8ea5906\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 167342\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":167342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"9f38d77d904f502b512c9ec5b8ea5906","sha1":"1bebdca8e525a4c016780265cf05ba2e0621f652","sha256":"7be1f4180d586218d352c2e46603c046fbacdf908313b987becca84e09bbcc2d","sha512":"cbbae2f0cee0235b23fdf99e7e006101c9a6d7001a5c43cd2aec059fe207ceb0b17a6f51754406e006a7d3b78221ac572aa3db6e2efa58c36a7f1baa466d305b","ssdeep":"3072:2zHXQyGpimL+GdP+1wNE2AneMrUhkhYEHuxS2Sd4EbgdNSoDejQT8:2zHgzc4+Cm2AeMXZ2SdFCmjD","tlshash":"92f323e5cb37e0a3826f6a210d5da645e507a04727113fea532a8f53c38d3d75687ec8","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-03T15:09:48.988894Z","times_seen":5379,"resource_available":false,"data":null}},"time_used":1230,"timings":{"blocked":1008,"dns":0,"connect":0,"send":0,"wait":124,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/2c9882e2-5834-48ac-9326-2fcb50e3f03d.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/2c9882e2-5834-48ac-9326-2fcb50e3f03d.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: kPM/7IdrgatZXgR8NqarwqaeDnVhVKW0AmWrxXL1twUClkGSLk/35b24YCtRGVgwDRlj+Wo/1PA=\r\nx-amz-request-id: QPDV20VS05WFWYWQ\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:48:03 GMT\r\nETag: \"e20b3cf0277fa3099d6972dd28d24abc\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 15607\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":15607,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 802x521, components 3","md5":"e20b3cf0277fa3099d6972dd28d24abc","sha1":"84d0691dcf51b356061d534f15b0d525a74ca14d","sha256":"4c7f74a7416671cabecb63179e3ccffca56fa748572c201b258b4a386b56c27d","sha512":"4b46eef72d81a1487e47a8424dba9e855df286ebb4841e4fdfb5208b65c2483a3f3a148e529b1711aba34da55d3493c4292f2b4b40b050ff9f8130d40cba6f97","ssdeep":"384:1o70easHMM6iAWmDWgBefzTEtnnRo8sKNdyqbAafK:1o7aHdWmDWmyvya1kA6K","tlshash":"7062ce521a0f3984e86d297e452f27b04b679ee3f12f0c91307ac112d2e49e0ad9e0fd","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-05-30T19:01:35.807573Z","times_seen":2297,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":676,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-fe46833a.f2bd8913.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-fe46833a.f2bd8913.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:24:38 GMT\r\netag: W/\"731-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:24:38 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 731\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":731,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (731), with no line terminators","md5":"04fddaebcf220f89065a61a8972e9ff6","sha1":"a72aaad63f69552c1bfc2ce529d0934877a151a5","sha256":"fde628e3bf1d28a032a27b15fb82ee652f593c2de925664d244ef73294ca3002","sha512":"91283184ba4be03fc8613a4cb7476f38560ea9ce179e380e14c783b1dbd2a7b001596670057aca7a28aa80f63ff390a69ddada5e8730d7ec4ab353382952985b","ssdeep":"","tlshash":"b30128f3d1100422c1f7e617e1826898ff95ccb2e753c0afad92551d82caad70ba7b15","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.35256Z","times_seen":8466,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/img/logo.df085cbc.svg","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /img/logo.df085cbc.svg HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Tue, 06 Jan 2026 13:18:17 GMT\r\netag: W/\"5721-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:18:17 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5721,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df085cbc4038cf578fd93c40d41e16c7","sha1":"e454a7f317a0bd270c3f81a098ee2dad67448206","sha256":"c371d47546e457eabce34de3085eaa81dc7d30fa355ca5446aa73fa86016f551","sha512":"75b5cdae3619691502b4f6329862fd0a6d3c126a7a27a7f76d10b51a24f53c915cbef2fa33c741caada5cf8b431a75300c4b16f605fd6008986b839df7af52b4","ssdeep":"96:1KfeEztIF8TjMXTO+HyY9UE/mCH+/87pU8+V6Y9fcIkfcuGF1vVKnlU1dQU7jVgH:1oTi+RMCCe0O8K9CIk0ZwnlU1C2jUR","tlshash":"f8c18f3b4e4f097d8fb59ea9127ce0231dd062daed42465c6dd638f0c85c4879ea2a4c","first_seen":"2025-08-19T13:02:14.882206Z","last_seen":"2026-01-14T11:25:19.95549Z","times_seen":59,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-09-27/4ccad6d7-1ac4-4b71-91a2-7f303bae5eb3.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-09-27/4ccad6d7-1ac4-4b71-91a2-7f303bae5eb3.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: XOGSqrHHbp21OIU4AsxJZv3VyWTPQpEYoDHfrpOEaRPikgF7pDdhs9Y18Vl7+gZkv8z6D7GvWFeNa+RML3pQBIM1mGFRsQVQ\r\nx-amz-request-id: VPY391KWFQGYK4KJ\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"5a8141a1e3f9ae20e358558f847715f5\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 204466\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":204466,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"5a8141a1e3f9ae20e358558f847715f5","sha1":"f7be50d3868c793818255a6094e78053690db2e9","sha256":"620a101a1e114bcc50bddbec1e1bbc157276a7d86918c943589c479e1f824d24","sha512":"bebc62defc949b0295bbc48717a43e974dab98b90383e568eea78e58a503791c8c87473af26443e43eaf9154bdf4e4fa0ab7ec18b37b6d289ea454b3ece93a54","ssdeep":"6144:6n2eIy8lDUjZw6TiGDMkl8T4Ax0DSOyYl:6n2CjZnRi4AxeXy2","tlshash":"b61423bdb2efcc1a21695ad1d4719b7ce7b85db0d448343803714296cdca53a6ff0928","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-06-03T15:09:48.90584Z","times_seen":5010,"resource_available":false,"data":null}},"time_used":1155,"timings":{"blocked":374,"dns":4,"connect":93,"send":0,"wait":120,"receive":285,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-11/2b1f361d-49af-4f07-99de-f8e65f804abb.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-11/2b1f361d-49af-4f07-99de-f8e65f804abb.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 0LAYK9/IZM9ro2bzETSwl2TN25axQQpMSe5mrmjLHY9EFpw6+rgv8AbIWmsPhdHWPmJtIfhLcHW6yZVXafQAIfCqgd+4xp9F\r\nx-amz-request-id: QPDQQCSS3NK5Q4F0\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:49:09 GMT\r\nETag: \"8e45ef03c4d3d3f8338e907948eb5268\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 55668\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":55668,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 962x1031, components 3","md5":"8e45ef03c4d3d3f8338e907948eb5268","sha1":"6d8847195c0a42f8310bdcf575ea57a0bb889766","sha256":"de9af8571cfab6b7bdcee5e4fc038ff690fa02e497205a7136633e8fd284f600","sha512":"c14e594f7bd92be09f77d59496127622a20d24f54f2dc28cfc34c33e8f579d2a39d9308b82023403476d985722a30b6bdeae0f8ac97cb69fc9c2d0e466064da3","ssdeep":"1536:d0B/FwBZy6t1n07VqLvJ/qkz5HvEwW2Lto8y:qVFSZd11NpjWX","tlshash":"f84302ca57610c98e499afb2377f37079713a5ed493026a33de69aac110cf112876ef4","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.636763Z","times_seen":7318,"resource_available":false,"data":null}},"time_used":1079,"timings":{"blocked":955,"dns":0,"connect":0,"send":0,"wait":122,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-59b3c64c.e3d69890.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-59b3c64c.e3d69890.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"2934-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 885\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2934,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2934), with no line terminators","md5":"6c9c06504aeaa44eceb02b42501b4d05","sha1":"f44d6b5f35027749a0816164f09b9bed1890ddfa","sha256":"f00be6b0aedab8ac5e7de13774b195a7ea74e9ebb240a077a80f953ce6ee868e","sha512":"915e73c6db5b1607e430494b9064be658f02e64a04af9de8f3c615fc034bcd7fb8dd609a3df2f40ee8f652f430d94fe31e6ae3080ed2c7242c3bb72f6073c923","ssdeep":"","tlshash":"df511fa139392a7c4837e067b1d5d5af70a8f25bc0b786cd8ca1335e9cc32422d126ce","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.330347Z","times_seen":964,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-2d7a155f.8b138344.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-2d7a155f.8b138344.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:09 GMT\r\netag: W/\"27708-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:09 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27708,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (27666), with no line terminators","md5":"d40d8898bb2f11a4b9cbc9030fd633ad","sha1":"0c64b1e894dd61e3c01b60855ca04a6a90425376","sha256":"a855b572b93268ca96659fcc51e21f15a54b5cee0d398f7144d536dafaefc3db","sha512":"ef1223d1c4042f33615e2a3de9ea37b6966a08bb722de7a8271aa943567dc93ff068203b02be4bc355f17dd98b28c4ed4f44fea34bc2db3c6b779677ef660e44","ssdeep":"384:PFJ1G5vSAJRx5WaveIA6WwQDPqtjcg5BNK6lRguvwwOO1hb2s:PFJ1G5vSaWieT5p7q1NK6lRguvhOO2s","tlshash":"0cc2f81a3286242849631fa453df4b09f33261d564264988f3ada1c76f7cd6e31bbb7c","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-01-28T12:30:45.020786Z","times_seen":165,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-a19b6e94.079673fe.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-a19b6e94.079673fe.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"33174-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33174,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33138), with no line terminators","md5":"dcbb85b3450703136ce7785bf868c298","sha1":"b009c8a44c2dde5a7a93c9db4bc4f1a65aff1ef7","sha256":"b5f108e96a3b4d79d5b3fe20ccf76b40ad8bb5079465c1458cb47ac45afc9741","sha512":"a1003c66b3df5198bf2a70219ebd42d200a98ef7b7e746d9af7c4dac489256e9b22b9b4d6eac98fdf9ae00bc4caa4eda2996dbd38bfc629ce82fb2fb7ece5819","ssdeep":"384:GNsnfX898V8ftwCaMsH0NbdGoalA+QbHz/jvMsgWvzsyUqG8V:LM9zsHgbdGKT/AsEy/V","tlshash":"efe2f94ba4c26c7d899a6159241b1258f8323f86e042c8d6b63cfde4d1b9e34772f76c","first_seen":"2025-08-19T13:02:14.834267Z","last_seen":"2026-01-14T11:25:19.887905Z","times_seen":59,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-971b8156.f79c8552.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-971b8156.f79c8552.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"13663-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13663,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13655), with no line terminators","md5":"23e303e1d457ded5c19fb3400a22b026","sha1":"252ee41d519536f951e581e385b134c44d17d148","sha256":"817dd349f3cd067b90ec0a1357b16f6485467350f8e4c3c77dee13591d00ff16","sha512":"95ebd0fe0352e0da1b21d23d54c3313ef8a1597a7b583484a7613b8091017f3aa4734bf841435d29decfbfcb8c521a7b62801ed47f9c945e0230a590cfba3ff0","ssdeep":"192:NzCjfAcMsHRpMu7mWKD12R+YEX+WzU9MuMOO0L5xq/cictjAfNeNF/BPsGCS:sfNMsHRp3Q19X+WzU9MKdmmvPJ","tlshash":"e45285e6c470a4bd495a82b22055f1e0fb643a1cd106554efa7cec9b72dd424332e77e","first_seen":"2025-08-19T13:02:14.744046Z","last_seen":"2026-01-14T11:25:19.931574Z","times_seen":60,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d2355e87-0f42-48d3-9924-966b9fd8d2e0.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.15.197.215","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/d2355e87-0f42-48d3-9924-966b9fd8d2e0.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: grPGRUCSrUUlWqpPJ5QaovQZhRsGShYuuzntwEU194hyVoYggHPPdh1aLzK4iGtWn0O0Pd+isqivjOFVffasShmTWcf6Ud+T\r\nx-amz-request-id: QPDNV18KZZWG1J1T\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"3fb702f913ff64c272d67742c3fade6d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 28164\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":28164,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"3fb702f913ff64c272d67742c3fade6d","sha1":"9d59af9b1418caaf57ed3f938074958affbdbf5c","sha256":"effe7b76be1c47da3ab9aaf81e6542743506dc40affd341687094417a4feea49","sha512":"1be15380d11c4c57f3ac922aa8d945afa256b4fda813b5254fe3ec2fd8b01fc242c8f9faf79a25245626438240e63d8c68bc1e3dc6c8ae1569b363e28f99c817","ssdeep":"768:GkLEEqGMducsX2FbPZlrPr0YFveH2fzquxgfI:GZXvducmObPZlrPoYkH27hl","tlshash":"3bc2278b59484ed3a46d93e5be970e9c6f453b4ce88229ff10924fd77f202664c4d02b","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-06-06T14:40:04.300167Z","times_seen":9833,"resource_available":false,"data":null}},"time_used":1132,"timings":{"blocked":1010,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/20a7dcb0-4ecb-43d4-bfe4-e7b16a8d6d70.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/20a7dcb0-4ecb-43d4-bfe4-e7b16a8d6d70.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 9NyTh0Uo9KKJHp7fxMATnJmQmcm/TLVrlgUdUGzVDnX8hZOGXNKYCaxS+T+0EaYLShhCF+vuhtQ=\r\nx-amz-request-id: QPDXYMYRJHJTJ0M8\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:47:36 GMT\r\nETag: \"0cb226a4c24b62a8027c524333a66d1a\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 9972\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":9972,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x1500, components 3","md5":"0cb226a4c24b62a8027c524333a66d1a","sha1":"bcd930afabd37e41dbff70ff18d3164036810ea3","sha256":"cae70bc988ba3c3472e4161ca54422d0e54923f5b26ee7e7e34716c90c97c2aa","sha512":"0182b799ed0ad9230c5713f54e77dec912e6873d55c491d41e30db98575b93ece455e58effcf4b52a2f1e5ec5638fa27ac16d8319119f1aa3ff0f1fce499789f","ssdeep":"192:1I49RvIJWdElnZFHjjtCcYjtGDCRxXEZJHMcf:1IKRvAZFDj0cOt4CR9EZJf","tlshash":"3f221ae391d3585f9838efdb9b5886e7d82ac355df6a3102204b030677e9f50ce3945a","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.433865Z","times_seen":2466,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-a19b6e94.618d092a.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-a19b6e94.618d092a.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"15265-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15265), with no line terminators","md5":"e25d809f9de11c7d85495343aa166b4a","sha1":"a953f732d5923295924398ad4bda8f7e2b5f8d18","sha256":"5bc2df253d04ba86acc28bc740dc5e2817b723139ad3ccaa236debd4116accb1","sha512":"46d7b7949fc30f3e1d4ef5d11b98efa99ef5af2e20b43bfe27798c1e10894572ed03ec9ec0628174c0a85090c8f030e2de6f130a3120de5b8fc0369e74833d63","ssdeep":"384:i5s8CkC2caII41+qFkV0vD5rw/CVFcjLU:i5sVGUI4EFaDm0FcHU","tlshash":"2662c47a7034a539b5bb966d3098a4ce7053e943c15782bdfe59b12cc4c72e3663138e","first_seen":"2025-08-19T13:02:14.721463Z","last_seen":"2026-01-14T11:25:19.804873Z","times_seen":63,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=0\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=0\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f2982955040e03da061e625bb0bf375c","sha1":"20181528c67d8f347372b93f90d96e7d6c3cfd0b","sha256":"aa16d955b045de5c2728a37653d3f51d5f24f6e43879c0214e7b015079356608","sha512":"503575abcbe6db127825c8225d96bc0142d885aa83f74e8b5558ede44b0668ea953ffe7d3087c4d55b98b8550f776ebce4c989e93d571590ed8aa03789e88bb0","ssdeep":"","tlshash":"b49004403c0d1c17040fd545f44c3540455c315307d4c7300d4c5730415f1753d04570","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.32915Z","times_seen":7296,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/445c45cc-a9b2-4753-8903-eb823436e494.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/445c45cc-a9b2-4753-8903-eb823436e494.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: fe06ZeYngafpTbhfRyI6kK7TCk7Qg2zy4GInBP2Ayh7fBz53C4pajPvq64jIjqZ5R/PhJrezyWg=\r\nx-amz-request-id: QPDWJ8RX1JG1284A\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:48:54 GMT\r\nETag: \"07f95e174804bff3d97c5b13f915cf7d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 157447\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":157447,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1261x1459, components 3","md5":"07f95e174804bff3d97c5b13f915cf7d","sha1":"fd90a34dd34b37bf7d1c3f62c563c35d2ac8b82a","sha256":"872dcd22912f0f77f949b0642a505d3955f616d070da19c652f4312243eee5c4","sha512":"33010f75dbb816564d931260fb29a588407a9367f82140ccc3bfc33472a049cc8015a5a955832192affe139118dae18a3d5d2a4395227feb2cb0223b7dbc705d","ssdeep":"3072:UUwHcs93dkA8nkSsanKc4hUm1wyHhJ0qmz2WBJBrDymn8hKB1HoT:hs9tkXbsanKJOqCq85D58MB1IT","tlshash":"a0f312537850ac65dd7a4332a3266918bcc0e364dcbdc988417b9d4b87a811b6dbfbcc","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.516636Z","times_seen":2417,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-4f3cc811.d5541481.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-4f3cc811.d5541481.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"9704-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3653\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9704,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9670), with no line terminators","md5":"5872c13341ea2ef0daf1917c394db1d0","sha1":"d401a26aad594eb3496b26fc66fb91b862a10f1c","sha256":"a7444f9ca8b37f63a53e7ff38345c1d8e804af4fd6e9ab75dc4350b75165dd2d","sha512":"704db7d8eefab2f1087dfa87dec257defefc8e0355b57c6d4b57c1d1c74cb34c17769d5adaf3e089d4ed54ee33bebd4ecde0ad1fa8c533b305378e576dcd7d6a","ssdeep":"192:bE6pgpvwC6acMPcaJ6VHPqSSC5gVkf5XdI6k:bbpgpvgqsHyzW5k","tlshash":"2c12d9c9bb92f89d8b6721d4706fb457f19626207c0d12e2e278c8f63a68c1d6353736","first_seen":"2025-02-23T06:52:24.648426Z","last_seen":"2026-01-28T12:30:45.07672Z","times_seen":141,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-50d79b30.2b487c91.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-50d79b30.2b487c91.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"2983-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1260\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2983,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2979), with no line terminators","md5":"a90cfd8894378845b7588c0a51e5a3b0","sha1":"30e4d08a17be82186fcf3e3d831953c6b3febfa4","sha256":"a7d904eb3bb068b4a0391f212665fe91b34850a4c2117db499f42365e09ee092","sha512":"2a36fcd7da4d71c29e13f0d950c2d92248b11bfded147b37bbc2d18690f28907d8a71f6a41451604326ae717a767b8191b3be7c1b4d7412ce8f3c7038937cd09","ssdeep":"","tlshash":"1051524c5462f47d898e502a311db734a0713fe34484a4bebb78ce9592a8e61370f7b9","first_seen":"2025-02-23T06:52:24.649014Z","last_seen":"2026-03-07T04:45:22.165523Z","times_seen":165,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-68f12e90.11e869e8.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:17.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-68f12e90.11e869e8.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:10 GMT\r\netag: W/\"17489-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17489,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17481), with no line terminators","md5":"86d04b389f413c1a3e43ead5810f90dc","sha1":"b473930891d00833490d2a6cff841669a050147d","sha256":"858b18630373ed8c26a1ca18b097f8506d0de5faefad52b1d53d16b9940ad4ec","sha512":"e73dc3aa2712d643deb855bb15bcde835f14d0b059efc12c83d89646b09958737fc3384198640c76ec717ec3861af0190a2ec2df1f0b3003dc0346989b0e4449","ssdeep":"192:AMkdDwLDPOAetuzhJgFjz9Y7zcqv0Q5zd0z4uzUhHYk8GHzYDckx30GUglxgl+/I:kq2QhJgFCcqvPo4uL+zwNHgyI","tlshash":"ad723b93760de44d4e3b65c5363e3966a2871924b008689bf37e9cfe128cc24355bb7a","first_seen":"2024-07-21T11:22:38Z","last_seen":"2026-05-08T14:37:46.624707Z","times_seen":1131,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-ec5b203e.2bdc9aa9.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:18.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-ec5b203e.2bdc9aa9.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:39:11 GMT\r\netag: W/\"5317-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:39:11 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1811\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5317,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5315), with no line terminators","md5":"e467108151a0178efb3f1559b3b3d89a","sha1":"b24c5b324d0df9ff9122d55d374a36c2ba001347","sha256":"a698238692edf2dd0fdde9588a354d21a1282480e83276b1c4ed66f9035291b0","sha512":"46477ad6e85904d656b5d8e15be0b0040b54416affb71ec445ce3108ae4f656628d782ff3098b5a43af5765bc786167199ee413fad3d67d0faa864ec9670acaf","ssdeep":"48:lD58YPTP0B0j+WWWgSu0+u4jQAF2GB2N5YDWVET/KtLS1gRSpDzwZSkVxUiFN7Yt:VX+WGsSBkLSoLVYIZ3mmJwQPit8F4aM","tlshash":"7db1d889b043a06cc55bb422310e7a75f4a62fb4f401989ef33ddce49994d14772ebb9","first_seen":"2024-03-20T05:26:53Z","last_seen":"2026-06-03T23:39:34.556186Z","times_seen":2516,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/app.a407259e.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:10.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/app.a407259e.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1449434-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:02 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1449434,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63702), with NEL line terminators","md5":"a5863ddfbfe3bf1106c193c9ba43d42d","sha1":"b45a41d3ac29c06457a86ae314e944d5d6682739","sha256":"fec627bede522fc951305091a4011e9a78f73ceab41c9c027a7df4090b51e9d0","sha512":"50ba2ca8a6f91b518bebc3869f28511a4fd3bc56620e21ff72c43e59a5b9573efd2dfb7fe781d9284b6f8c513dcc1d3e6d78c3277c647b21e34e26fc781f5421","ssdeep":"24576:/WOk8ux2UEHyZFR2chrWMU9/a99SHnRKPJttLz29HxNUCOE3Nkxp5RLXGuE9s1BN:+Ok8ux2UEHyZFR1hrWMU9mPXtm9Hb594","tlshash":"18654a96d7d7d3a80fe472a1281737b123b844ebabfe60de0798e59420fed10511ea71","first_seen":"2026-01-06T05:25:57.524079Z","last_seen":"2026-01-06T14:05:15.351001Z","times_seen":5,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/activity/lottery!getCurrentActivity.action?lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /wap/api/activity/lottery!getCurrentActivity.action?lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:13 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 53\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"5b85c39fb769eb183b6e5b8519ec3a00","sha1":"ae8be787b4c0500a7125bd129f660d18541d9da9","sha256":"ba3dc3cf6e634921eb9eed57e39334b4517b5b8b09327a935ff0d5546802c12f","sha512":"68d10a3cc895858d8bfabcd41db64466b2ce4907d7844dd0f69c6a4b83344aa7b3cda0ba2accbd5e81a925652b4a7dd2580316c1d0b30379f80a10ff687fd176","ssdeep":"","tlshash":"d2800000280e2c8b0803a088a88c3a0080ac22a308c0cb200e8cab3880ae2b22000830","first_seen":"2024-02-19T23:01:27Z","last_seen":"2026-06-05T23:30:49.870314Z","times_seen":3091,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/fonts/element-icons.535877f5.woff","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:13.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /fonts/element-icons.535877f5.woff HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tksn55.cyou/css/app.ec0f329e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: font/woff\r\ndate: Tue, 06 Jan 2026 13:15:04 GMT\r\netag: W/\"28200-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:04 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 28200\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28200,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-06-06T14:40:04.328537Z","times_seen":26006,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/3cba5c51-596c-43b4-bb0f-801b2551a36f.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/3cba5c51-596c-43b4-bb0f-801b2551a36f.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: +/VvCn/e6qU9pOTNSUR8kmE/pdOqaKyVWeXwQdyN4BkInBPcpatotToXBTm8kLFsTrMUAtqlNhM=\r\nx-amz-request-id: QPDZ6X9WYVYYDV8H\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:48:38 GMT\r\nETag: \"d08309c8a906abec10902eb9239abe8c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96181\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":96181,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1339x726, components 3","md5":"d08309c8a906abec10902eb9239abe8c","sha1":"aeda5384b198a7af5ef2e0b674dee8b5c8e9cd19","sha256":"56c0b42a383410b485eea554fc8466494ff737bb0ba87173a3d96078572e767c","sha512":"4a5eed14cffc98e81ee7c0c244ecd0b818e296d0f91384b50f84f6eaba25c4e0d9377123d66cf882eac33ff1cba8abe1666fc2b9be26d2d36bb5f45176b44f66","ssdeep":"1536:8187L7QI5Bqn/gHbTCESOzFpIqtIhH5v9TKWs73I4m7dR34F9ncu:j7QISInlppItH5lu3Gx1WCu","tlshash":"229312964b888a58c07c2a7e84ce130fb9b1ff14b511724b9bc116b87fb74da98ddc51","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.374135Z","times_seen":2423,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":434,"dns":0,"connect":0,"send":0,"wait":125,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-3bb28e34.c6474aa1.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-3bb28e34.c6474aa1.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"242-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 242\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"207b8b759b262464712f92d1ae1e37eb","sha1":"7029c92363ea630f095754daf11add091fcb57dd","sha256":"83e8578a1c454c2177dc7c70879f3a2e5e917cb457b060909784e71ddaec84cb","sha512":"7ec9d45d68a15b191ab0ec850c159b6a09cdedeecaa33c45bec5870115ae5717ee8cbdd1c020cdec12987d0705e88b487287e93e72bb2ced89b80fb446516a1b","ssdeep":"","tlshash":"45d0a731b39c5824b527c0dbe6c568c5b6043bb2984974b6edd31f68c887453716834a","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-06-06T14:40:04.482686Z","times_seen":1462,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-43f51806.0daa9b11.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-43f51806.0daa9b11.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"1374-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 522\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1374,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1374), with no line terminators","md5":"7a0ea81bab09a5e259ac1884d3f72012","sha1":"d87441160241af9deea25169e8fb52a8537929e3","sha256":"b2217a779e1c0810181c9c1cc122bbd3ff1ce69d94164bf7b1e308cceb93e2c6","sha512":"a0d4c2bd68e73bc95ebe419ae4fa1a9210de9ff9e75bb7c3694bffa92fffb77dd7373bc7c3585ba1a9a67b9a3d0207afd87e34d630ba821177a70512c061bb98","ssdeep":"","tlshash":"e3215b00355e673edd37e67e64805abd6900e26bc453e227b9889405cecaa572813ed3","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-06-06T14:40:04.393299Z","times_seen":5043,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-aa8d1574.3ecf88fe.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-aa8d1574.3ecf88fe.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:24:38 GMT\r\netag: W/\"3338-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:24:38 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1004\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3338,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3338), with no line terminators","md5":"1bc5b8235f9e8d5bf3961279423cf630","sha1":"466627105df20f8e829d3db72a2617802b7b265a","sha256":"cc7c2d00d52891b7af0ae290785d54f087c4f61951893b7c7fd8c869f7a8047f","sha512":"a2c17506a8e46344978b7955c1c162a6fdb844d0ec51fce021c04aee33df5d44cae64f10a7a6bf5ec295a1210540e5b82c1f7e79b9d89aa14dc29e7531cd81ca","ssdeep":"","tlshash":"766110382130361c3b37922a25c8f54e2619a9e5f18995c9ba98c42f4edf769dcb0263","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-06-06T14:40:04.508224Z","times_seen":6672,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/js/chunk-0492056c.fa9a1961.js","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /js/chunk-0492056c.fa9a1961.js HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 06 Jan 2026 13:26:56 GMT\r\netag: W/\"3902-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:26:56 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1620\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3902,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3902), with no line terminators","md5":"e5107f6c3a7437c7043e59fe22c67629","sha1":"e9bdd01859b7364fd5fb9a02dd4b5a2731286bad","sha256":"4a6153b088af1f459ccf33a4b30defd53b087f7c1187f10aa17e57d9d902066f","sha512":"62b34efab176c7802ad132e426dcc2be9bfb8f9c7298f494039100c983bcdfc26ab142b03974ef18171b736562f605fb0fc237c290b1150365306bb098563379","ssdeep":"","tlshash":"4681612da056e4bccd9ad052710e7231e1722fd6944089aab73cdfb49294da5332f37d","first_seen":"2025-02-23T06:52:24.632517Z","last_seen":"2026-03-07T04:45:22.077644Z","times_seen":167,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/vendors~app.35d8944c.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:10.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/vendors~app.35d8944c.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"248173-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":248173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7739722848fc1803f8afea0e50e3ceba","sha1":"4d679fb1a6e8e4295873b410b2fd6fe85dc5b58f","sha256":"f31c2497c2dedb833ed17ff0ddb9fc3242dc5fcb25b429c81065a76e33e742a6","sha512":"888372c798f45cb52382017e9ffb4ef30f371819f4b6799003e50b7ab70367ca6cb01b12b3a53c449e28005789db84404ee7e917f81e0f8d404198b6e400ce11","ssdeep":"1536:t28Y7SrW3YeWXA1u9w4HCe/l4JrgW9cMERw4B78O6iZkJgYu8e210kSDDvIc/ehG:WtKw/27eDLL6ob6v7f65WCXkb","tlshash":"8b34b6109b17203bb22bda6d74d0ba892f25c313d8334b7afe95790cc6d64991263e5f","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-05T08:23:29.900178Z","times_seen":2435,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/wap/api/seller!list.action?isRec=1\u0026lang=en","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"POST /wap/api/seller!list.action?isRec=1\u0026lang=en HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://tksn55.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Tue, 06 Jan 2026 14:02:14 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-cache: BYPASS\r\ncontent-length: 168\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":252,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ef9aae75c4e8a326c1dc02c7fc2e74e9","sha1":"cf4455c27dba05025e4a1d849b1321d82f651457","sha256":"a24f761a38b06c9bf85f54a3bbd41ce3af2ed99b850dd9bc0a59c409803b7828","sha512":"1ddd22f27d53dfbcad7f335ef1f6d95671090fe3f4860c8a4814f03762ba03b9b7f2caa15db44a608c48ca70299fdedbba5a93942fa32dbf3b45682e8d2f1087","ssdeep":"","tlshash":"08d05e803c381b65db8dc06a3807760b26a831828a0547bd47fcc7604227f962981511","first_seen":"2025-05-01T12:42:16.906471Z","last_seen":"2026-03-25T12:27:54.216808Z","times_seen":70,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/85c9fa3a-9c9f-44f1-aff5-1f72797dbdb2.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:14.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/85c9fa3a-9c9f-44f1-aff5-1f72797dbdb2.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: qrFALiA1ZIyng723hV7LZyy5F0B+CjvtthO8eSW4g/HdxbmPlZZQYAVttaVVaBZPoKUYmbTLCE4=\r\nx-amz-request-id: VPY1RB1RBV2XSRP8\r\nDate: Tue, 06 Jan 2026 14:02:15 GMT\r\nLast-Modified: Wed, 22 May 2024 20:51:16 GMT\r\nETag: \"b8913d9e5154ba64e3fe7bbb1e357d39\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 115039\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":115039,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1214, components 3","md5":"b8913d9e5154ba64e3fe7bbb1e357d39","sha1":"099900879ee6c6ffc46886c6c7a51deb002620a5","sha256":"323c53514398146cf826ac3c7492cb33fdbf76048efb002dd7245cac6ac00de5","sha512":"1b3d93f1860985cf5a4523f0f637f212b67d23dc4083d74b905209fc50179efceef7878dc86d5f0a19a3e8fe499a5989dcb47f76445872f1551296dda4935dc6","ssdeep":"3072:tnAsQmUqLtgMVlm8Bq1u7PqMQq8+5AsIBYbu2ILf3rQX:BAq5SYlVg1GP50qC2ILDM","tlshash":"eeb3128b8363f8c8ff17a0b56f84b712e516042539b136840eed1614e27ea6f7d47e51","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.335063Z","times_seen":2402,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":261,"dns":0,"connect":0,"send":0,"wait":114,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/208bfce2-9f5e-4564-9ff0-3f42b091c6e1.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.105.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:15.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/208bfce2-9f5e-4564-9ff0-3f42b091c6e1.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: tkLX/yyi7dYTRk295RRFiWEv6vfp1RHcdZastKKACLg0Yv+ouXUt3E8OHP+fLQG7uHNEmDrYRo8=\r\nx-amz-request-id: QPDN63D61VGGQ8SF\r\nDate: Tue, 06 Jan 2026 14:02:16 GMT\r\nLast-Modified: Wed, 22 May 2024 20:47:36 GMT\r\nETag: \"1994307f8b89af5cfce1809d993ccd77\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 70775\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":70775,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1419x1500, components 3","md5":"1994307f8b89af5cfce1809d993ccd77","sha1":"18a1e5b438175e9c250289af987baf9737f6eef3","sha256":"6fcf1c0fd9d63f09ab28bb88303bf4a07948cf20d7f2ada3b98d61b1c72c58b0","sha512":"44130d3baa426c9c78b487f7afc1be7a2aadcead85221802a975bcafa48cf828ea9269b51fdcd1c738e0a7fc03138f3e25317668713641cd8e24bae3648ecdb4","ssdeep":"1536:T+d12/duTA94befwkF/rN77EpdChj5oBzirrX6cRg3AF0:yfLTAueIkF/rN0pdCYRerqcRg3Aa","tlshash":"f76302f370c11441cc64d5b2b68d32b423769356fc2fd30c469e7b5b628983566e3ca9","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.518678Z","times_seen":7198,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tksn55.cyou/css/chunk-68f12e90.27a370f9.css","fqdn":"tksn55.cyou","domain":"tksn55.cyou","tld":"cyou"},"ip":{"addr":"192.238.182.249","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://tksn55.cyou/","date":"2026-01-06T14:02:16.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tksn22.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 14:04:06 GMT","end":"Sun, 05 Apr 2026 14:04:05 GMT"},"fingerprint":{"sha1":"C6:0A:22:5A:A8:1F:BD:21:8F:AB:84:8A:1A:48:58:28:91:85:09:0E","sha256":"56:C0:98:40:5B:79:00:0D:67:1A:68:96:16:79:5C:E2:C5:2B:59:36:AE:B9:64:BF:45:B8:02:6F:F2:D0:C7:6E"}}},"request":{"raw":"GET /css/chunk-68f12e90.27a370f9.css HTTP/1.1\r\nHost: tksn55.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 06 Jan 2026 13:15:01 GMT\r\netag: W/\"4695-1756837077000\"\r\nlast-modified: Tue, 06 Jan 2026 13:15:01 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1009\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4695,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4695), with no line terminators","md5":"2abfc31d2a6752d6d66f5fa21c7fa262","sha1":"63116607f3b72d74be9d1bdd5050ac15859f7243","sha256":"9159959031e6a701bd2e9e5baaa03c4f14d6c2530977a9e013c8af24c4838a37","sha512":"ec6bd33bd4a69b9e93485dfa272e08170ac3c17b0aec5f291b716c1e370435f6bf26fd7b2139aa75790defcf2223f4deeec07818a549334ba069f8a307201127","ssdeep":"96:VQrF215xix1yXSl6nS65EaOYIj8MRSLRsR7S6m0Z8u/j/20RO5sR5WFs5E:VQKM8F9","tlshash":"77a1b050b15e162b687bfad9187cdd4cb0d6fe2ac1324b76ed9f24148882e733622235","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-06-06T14:40:04.500613Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"tksn55.cyou","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tksn55.cyou","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}