{"report_id":"0b678a8f-d620-4134-b1de-6cc932834070","version":6,"status":"done","tags":[],"date":"2026-01-09T09:18:07Z","url":{"schema":"http","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":"app"},"ip":{"addr":"38.54.81.14","port":0,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Philippines","country_code":"PH"},"final":{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/?cid=276788","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"title":"www.888.vip","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":"app"},"ip":{"addr":"38.54.81.14","port":0,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Philippines","country_code":"PH"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-13T09:18:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T09:18:05Z","timestamp":1767950285,"ip_dst":{"addr":"47.254.187.122","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40198,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-09T09:18:05.429427+0000\",\"flow_id\":1179903882809436,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":40198,\"dest_ip\":\"47.254.187.122\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"pfnmz6-1297-ppp.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":909,\"bytes_toclient\":1634,\"start\":\"2026-01-09T09:18:05.381020+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"xz.tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"146.103.74.60","ip":{"addr":"146.103.74.60","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":509,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tpiej.app","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-09T09:18:08.129282Z","last_seen":"2026-01-09T09:18:08.129282Z","alert_count":5,"request_count":5,"received_data":634,"sent_data":2306,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xz.tpiej.app","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-09T09:18:08.124551Z","last_seen":"2026-01-09T09:18:08.124551Z","alert_count":3,"request_count":3,"received_data":435,"sent_data":1426,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api12976546579843116546.jewelry.cn.com","ip":{"addr":"172.65.218.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-09","domain_rank":0,"first_seen":"2025-07-13T05:38:44.883202Z","last_seen":"2026-01-07T16:47:15.21708Z","alert_count":0,"request_count":1,"received_data":477,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"GoCache","description":"GoCache is an in-memory key:value store/cache similar to memcached that is suitable for applications running on a single machine.","website":"https://www.gocache.com.br/","common_platform_enumeration":"","icon":"GoCache.png","categories":["CDN"]}]},{"fqdn":"138.113.11.10","ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":28,"received_data":771068,"sent_data":15388,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api129756497983113874651.mios.cn.com","ip":{"addr":"138.113.100.55","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"domain_registered":"2023-10-10","domain_rank":0,"first_seen":"2025-07-08T20:31:16.009699Z","last_seen":"2026-01-08T23:20:28.295015Z","alert_count":0,"request_count":1,"received_data":540,"sent_data":486,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api12978448132216478946546574.zcfhi.cn.com","ip":{"addr":"138.113.100.55","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"domain_registered":"2024-02-06","domain_rank":0,"first_seen":"2025-07-13T11:43:53.661247Z","last_seen":"2026-01-08T23:20:28.426982Z","alert_count":0,"request_count":1,"received_data":557,"sent_data":492,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api1297351657641321645.federal.cn.com","ip":{"addr":"140.150.28.17","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"domain_registered":"2025-07-09","domain_rank":0,"first_seen":"2025-09-22T13:31:28.781074Z","last_seen":"2026-01-06T12:37:08.26972Z","alert_count":0,"request_count":5,"received_data":4186,"sent_data":4001,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vue-BJUJtGKq.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"importedModule","is_inline":false,"md5":"f06f0fd561eea95c4feccde0746117b1","sha1":"32c45886151948703a8ac692a48d3cce70aa25e3","sha256":"e228111590701d2db46eb9d8c2a4d85377a449f398bbed10a94ef47938a57c55","sha512":"88e3e6da9f043912c14291675ff91b5426e21fe36defd0cd318131e1b2a9c791fdd662697838cbc1a0a0bddc3139d5ce4e81f82108886153575d383aef0fe4a1","ssdeep":"768:8XCLkQJtg/ocN0MjFuPgDpt6RDMk/0jOVT/eFYl9E27OqX6MQYAMOxTlExfheEqh:9wSCqJCI2b273WNK2U40MH","tlshash":"917308e83092b46253fa19e2007b0406f3792d5a3849d998b16dfedb3e7241550bbfbd","size":74100,"data":"","first_seen":"2025-06-19T04:15:59.499735Z","last_seen":"2026-05-09T15:09:41.320306Z","times_seen":8049,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/ua-parser-js-DP5omx3I.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"importedModule","is_inline":false,"md5":"b71c1a4fd07412d0ddd5f0006e401e75","sha1":"a3cf730602aeef3df364916f4ef42e7c0f903419","sha256":"bc8e4ca06ec494e7df32f2dbf125b9b0503a60de5991b5badbb20e5e6c043ad7","sha512":"d018e92aeb4d98a54260edbd707e088a8875010278bc8979921cbbc492281e1fb8720ced7e21cc29b33500d4221c0c403b88b31b6f70caf069f2fc4daad2b793","ssdeep":"384:KLykXfExhSMH+rq/51Raw7t2v6az5CgSpnMjEMuSI162By4iBWijdv:KLFfY1erq/51YGt2/z5C3fSI162By4ib","tlshash":"f6b2a77fe3d5b73c07ece508d63504482f271f69ea88a0746e9892a1a9747c612c7f36","size":24038,"data":"","first_seen":"2025-06-19T04:15:59.5131Z","last_seen":"2026-05-09T15:09:41.337233Z","times_seen":9706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/index-DcgdwXkb.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"17d926ef4088ff59ca79f27c24a95543","sha1":"f3f52cc22de574eb6bd83d3dcc2c0500307c56a8","sha256":"9eab33303e416f7a6a1a127aaff15396e65efc478816f00a4e98dbdcb0eb6793","sha512":"077ef7258b56bc1b8db3a5f5033f3aec9d9dbb60cb4a8f97435e6c33fd1c4538cb119d1a0b9b0ae95856154585e60fb378fce98fee43f1db188b729723235a24","ssdeep":"3072:OTDe9it+MbniyaenCG5RsgSY33JT1u065twZ:UDesQMbniblCagSY33JT1nZ","tlshash":"c0c35ced7278657c26d709acab3b1140631d78a63985c4e0f96e8f7827a3c48f367e14","size":126397,"data":"","first_seen":"2026-01-06T11:38:19.394669Z","last_seen":"2026-03-15T08:06:36.382276Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vant-BGmWO0Bj.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"importedModule","is_inline":false,"md5":"6d405d0e201a7e59001fa3732e601deb","sha1":"5e9782ceacd87cb267c610855a11d88388d5f849","sha256":"49225d1c23add4df603a7e2d4d8dd8cb7e26d926b4e461bb58b3ab6dc86e785f","sha512":"4ad5f0a44df106356de8d02bf00364e1000f804ace31a63094ba7174eb892a9ec3769118bc5ddea163ae8cc9784bf4b5008eff7c7a5bfae9492d2346dcf995a6","ssdeep":"","tlshash":"b95167ac3651bc34465a1ea2417f9ba5b2163824704b8050e008dd153951863c7fffde","size":2638,"data":"","first_seen":"2025-06-19T04:15:59.51972Z","last_seen":"2026-05-09T15:09:41.344415Z","times_seen":8045,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/?cid=276788","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-05-09T15:13:45.541786Z","times_seen":33445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/vant-D5IJGWJU.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"importedModule","is_inline":false,"md5":"852e273954fa90d55c0e74ba1adde9e4","sha1":"1edd5cd78042a89fdb453eff7ac00a81ee11381d","sha256":"a362f686e909416c308eb2e9bd7303593e68b441a6672db1d2d76f8545fe3049","sha512":"593a21cc5befa4ea9345c755b92e155f572805c6d43b162d45e5fc28db1d8aa7a29e65da492cdd1773689a4c5b28d321c6e70b57082931694d38695db8ebce6a","ssdeep":"768:aHcoeRdR113jDKzaKhIP3aJZmHD19BOoTEwVde0ewh6Kg462KIGsEnCrE/jXg:Jo0DKzO3aUnMULPKXg","tlshash":"f7b209993086f43f63f585ee40690201a3291b6a341ec4ecb53ceedbb299c5974b6b35","size":25153,"data":"","first_seen":"2025-06-19T04:15:59.508357Z","last_seen":"2026-05-09T15:09:41.33289Z","times_seen":8046,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/zh-DouvtOpq.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"91a18b33bcb17cbe7177a9787cb588be","sha1":"6bb583a55da1cce82636a30be851a7524365f19f","sha256":"42bcdf3b44045ff2a7b927c99989b7b2b27900fea5551cf38048596bd8a6483f","sha512":"75ecb63cbedd9f208aa9ba807ef7686ce5b2995886c3777c54971900354961af15ba3a2719a0b632f56c2ea1f7a38eda677957acdfd9ddc861f693a48b15dac8","ssdeep":"96:fApPtkJV+RbBllseqL3pg+MEag9Yn4pKzt7qzAr9NOQg71pLDIoblBenYX33r:4pFyGnqzuJd4+Ms2QmPblUenr","tlshash":"ecd11ada47fc9eb8428602956f5b0884b0182df7e6e6c8e45fa689f53089f1f13131db","size":6177,"data":"","first_seen":"2025-12-12T11:54:03.023715Z","last_seen":"2026-05-09T16:10:26.340744Z","times_seen":936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/polyfills-DEdh9lOP.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"903e1fec1d61eff2c06167dabcc62903","sha1":"40013b2fe02ce4399e54f3b6442b55b35b856e08","sha256":"498f6464b67dba15b58fbfadea02983e5e5f2b85852d3bea9c67fda4c5bd7537","sha512":"5489707db231e3f2a5195ff5ad9f5b4cba90f5608e91dc8c2f8c10029cd76b0ac4cfb237d6d3b3a635d9e06b4949f012212534a0419c937f5949ccd01ae577de","ssdeep":"1536:K8WDdRYdEj8LXgkvQPDDdEZ7D0U0ZbmNvNXBfnyQHF10a4S:SDdcE0XvQPndQD0U0ZbmZNZn9F10a4S","tlshash":"1ab3e6c9f6d6f0a207e760a4403f110bf23b6d55b81e9090e366d5d17cb9a8ac13bf69","size":116404,"data":"","first_seen":"2025-11-26T09:41:12.537516Z","last_seen":"2026-05-09T16:10:26.33664Z","times_seen":1306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vueuse-NPvArpLr.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"importedModule","is_inline":false,"md5":"f57c1dab91fa5bcf6cc05dafb72fe784","sha1":"02165143404317c6434319149653f730bbe80603","sha256":"7244981ad0fd0347cc2f3d384a2a2db3cc2678d99e6b5ea5381f4d98d7625108","sha512":"2bf0b1de7a04bc917d7a792b58d79d778ad5f35bd6c088a8a051b534c4f8a72eccb592c05adadd8e2304a84bc3dbfc21168fc5746bb7df89f2ef5a99640168bb","ssdeep":"96:lrJGxFiRKyxeF1NFjWtE8CEQxST3VPXt5L2kJOLUtNRCeSkG6ToEuvSOpeFPTbQP:lrYiRKD6tE8vQxST3pL2dUtNRnSkGCoX","tlshash":"ffb1c99875927071737b4c99d077010ab33c39a0358ee0d0a02fafd53a619e293b3d9e","size":5323,"data":"","first_seen":"2025-09-23T05:38:40.251503Z","last_seen":"2026-05-09T16:10:26.330718Z","times_seen":4772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/?cid=276788","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"963c3feeef946595bb0db2603e8f0e99","sha1":"464845676a3f1a30abaddc22e4f4f0e1f9c2bcf2","sha256":"b0ea5440ced019976321dd5c214ddc0e86ddd34c695822497ef29e1dc4573887","sha512":"d9e5230d15bcedc98201038aeb2a7c99cb9c5b25ab37c587c929702ed180dd55070d2ef68e3353117666e76ea9c77191a1b80fb8db98da7b93bad38609bfc11b","ssdeep":"","tlshash":"c2a012c50010060425ea0015c773330430df82e60c1c5840400344a033d430f02176cb","size":86,"data":"","first_seen":"2025-10-09T10:05:02.889418Z","last_seen":"2026-05-09T16:10:26.364394Z","times_seen":4729,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/crypto-js-Bxg3hG30.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"importedModule","is_inline":false,"md5":"0af8d2f1fe6e8561c27e25def2203a11","sha1":"795359172462f18ddf0b219d3f4f1025852a3232","sha256":"59a93b83cecb195f686ab071a66fed26cabca9bd21f797b9b78f7f20b3f8a9be","sha512":"e6de4c7e8731c98bda03cb76f76c0cbc674c2f14dc53228797f66a26c12e678a8840319e35480b37fe879745640134c306e147e16fda165df9645aa8b99cb54e","ssdeep":"1536:s1MrM4s1tY5FfYeOj/RQtPtNPU9ArHMto:s/aYeOLRK","tlshash":"64634ac4768870d1a3ab78a0093fb08b727335a249acd198f264e6dd6d7c6dd8136d3d","size":69315,"data":"","first_seen":"2025-06-19T04:15:59.523491Z","last_seen":"2026-05-09T14:31:19.803881Z","times_seen":5445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"api1297351657641321645.federal.cn.com/hall/api/agent/promote/binding/reportViewV2","fqdn":"api1297351657641321645.federal.cn.com","domain":"federal.cn.com","tld":"cn.com"},"ip":{"addr":"140.150.28.17","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:03.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api1297351657641321645.federal.cn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 11:21:37 GMT","end":"Wed, 18 Feb 2026 11:21:36 GMT"},"fingerprint":{"sha1":"C8:D0:DA:8E:3D:D9:A3:0E:33:3F:4E:F3:A0:CC:05:FD:0D:99:D9:9B","sha256":"22:E8:70:2E:85:7A:B0:CD:01:DE:16:6B:E5:86:CD:1C:B3:0E:9A:BF:97:72:19:92:0A:E3:F7:B4:1D:7E:17:D4"}}},"request":{"raw":"POST /hall/api/agent/promote/binding/reportViewV2 HTTP/1.1\r\nHost: api1297351657641321645.federal.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: 41677c55-8949-4a2d-b72f-4c7eda6ed25b\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: 41677c55-8949-4a2d-b72f-4c7eda6ed25b\r\ntimestamp: 1767950283\r\nsiteCode: 1297\r\nsign: 9yE747yHu7/K/zhMZnicbgzboWvRF3YweTGRIgwR4veoo4HDOrIYVX7jwNoiBOjb\r\ndevicetype: 4\r\nplatformtype: 3\r\nContent-Type: application/json\r\nContent-Length: 118\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":118,"data":"{\"channel_info\":\"276788\",\"visitor_device\":\"342d4310945132c09809a89cbfced7fa\",\"accessUrl\":\"https://138.113.11.10:5001\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 100\r\nset-cookie: acw_tc=0a094e7617679502840817044e3f9da24043d02706beeead73b6b8eefe5463;path=/;HttpOnly;Max-Age=1800\r\nx-trace-id: 8708f2216285385f8a4d2778a1e5945b\r\nx-env-apisix: 0\r\nx-env-go-biz-agent-server: 0\r\ncache-control: no-cache\r\nx-saas-server-id: f49dcffcc-299ml|8c5f8fa9c89e6ffd5a84dc6e16fb183a\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 jp184:6 (W), 1.1 PS-CDG-04Aeg47:0 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_45632-50952\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":100,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"518142e3d5e8c2111b21b78ee3eecb3f","sha1":"41971d6895cee377beefaf02585c2f990fe35825","sha256":"ee1c080dd74fdab591abf4100c307718c87c665e19bbd32eb334b3dc6487e41c","sha512":"bdfa3f516c19cc3df0bf09dc75dfadbfae770163fa61dabd8a7587fdb378477cc84793a9a244744e75f4e57d0413aea48d1c2a39c0251101c69c0b0dc113dbee","ssdeep":"","tlshash":"46b01290522e974355d563b9110f0582df9e55458c3e8318cc8ead28c44a06722004b4","first_seen":"2026-01-09T09:18:22.714299Z","last_seen":"2026-01-09T09:18:22.714299Z","times_seen":1,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/index-DcgdwXkb.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:00.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/index-DcgdwXkb.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 695D22A3F4962B333618D2AE\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"17D926EF4088FF59CA79F27C24A95543\"\r\nlast-modified: Tue, 06 Jan 2026 10:54:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8511746997384362039\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.2\r\ncache-control: max-age=31622400\r\ncontent-md5: F9km70CI/1nKefJ8JKlVQw==\r\nx-oss-server-time: 28\r\nvia: 1.1 PS-000-04hRt98:7 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 238886\r\nx-ws-request-id: 6960c7c9_jp18_21289-59088\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":126397,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64610)","md5":"17d926ef4088ff59ca79f27c24a95543","sha1":"f3f52cc22de574eb6bd83d3dcc2c0500307c56a8","sha256":"9eab33303e416f7a6a1a127aaff15396e65efc478816f00a4e98dbdcb0eb6793","sha512":"077ef7258b56bc1b8db3a5f5033f3aec9d9dbb60cb4a8f97435e6c33fd1c4538cb119d1a0b9b0ae95856154585e60fb378fce98fee43f1db188b729723235a24","ssdeep":"3072:OTDe9it+MbniyaenCG5RsgSY33JT1u065twZ:UDesQMbniblCagSY33JT1nZ","tlshash":"c0c35ced7278657c26d709acab3b1140631d78a63985c4e0f96e8f7827a3c48f367e14","first_seen":"2026-01-06T11:38:19.394669Z","last_seen":"2026-03-15T08:06:36.382276Z","times_seen":123,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/ua-parser-js-DP5omx3I.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/ua-parser-js-DP5omx3I.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 688CEE1D356FFA3130EB004B\r\naccept-ranges: bytes\r\netag: \"B71C1A4FD07412D0DDD5F0006E401E75\"\r\nlast-modified: Tue, 29 Jul 2025 07:45:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10442958121826919971\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.3.6\r\ncache-control: max-age=31622400\r\ncontent-md5: txwaT9B0EtDd1fAAbkAedQ==\r\nx-oss-server-time: 2\r\nvia: 1.1 PS-000-04cT199:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 13883821\r\nx-ws-request-id: 6960c7ca_jp18_21289-59140\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":24038,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (24037)","md5":"b71c1a4fd07412d0ddd5f0006e401e75","sha1":"a3cf730602aeef3df364916f4ef42e7c0f903419","sha256":"bc8e4ca06ec494e7df32f2dbf125b9b0503a60de5991b5badbb20e5e6c043ad7","sha512":"d018e92aeb4d98a54260edbd707e088a8875010278bc8979921cbbc492281e1fb8720ced7e21cc29b33500d4221c0c403b88b31b6f70caf069f2fc4daad2b793","ssdeep":"384:KLykXfExhSMH+rq/51Raw7t2v6az5CgSpnMjEMuSI162By4iBWijdv:KLFfY1erq/51YGt2/z5C3fSI162By4ib","tlshash":"f6b2a77fe3d5b73c07ece508d63504482f271f69ea88a0746e9892a1a9747c612c7f36","first_seen":"2025-06-19T04:15:59.5131Z","last_seen":"2026-05-09T15:09:41.337233Z","times_seen":9706,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/vant-D5IJGWJU.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/vant-D5IJGWJU.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 68D6E2D57E084E3732DE4B3E\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"852E273954FA90D55C0E74BA1ADDE9E4\"\r\nlast-modified: Tue, 23 Sep 2025 04:57:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3881004583381422922\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.4.3\r\ncache-control: max-age=31622400\r\ncontent-md5: hS4nOVT6kNVcDnS6Gt3p5A==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-000-01HE2150:4 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 9037045\r\nx-ws-request-id: 6960c7ca_jp18_21289-59142\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25153,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (24864)","md5":"852e273954fa90d55c0e74ba1adde9e4","sha1":"1edd5cd78042a89fdb453eff7ac00a81ee11381d","sha256":"a362f686e909416c308eb2e9bd7303593e68b441a6672db1d2d76f8545fe3049","sha512":"593a21cc5befa4ea9345c755b92e155f572805c6d43b162d45e5fc28db1d8aa7a29e65da492cdd1773689a4c5b28d321c6e70b57082931694d38695db8ebce6a","ssdeep":"768:aHcoeRdR113jDKzaKhIP3aJZmHD19BOoTEwVde0ewh6Kg462KIGsEnCrE/jXg:Jo0DKzO3aUnMULPKXg","tlshash":"f7b209993086f43f63f585ee40690201a3291b6a341ec4ecb53ceedbb299c5974b6b35","first_seen":"2025-06-19T04:15:59.508357Z","last_seen":"2026-05-09T15:09:41.33289Z","times_seen":8046,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/cocos/config_data.json?t=1767950","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /cocos/config_data.json?t=1767950 HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: eb9779f8-efcf-4dab-9fce-f516b4d1ddf2\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: eb9779f8-efcf-4dab-9fce-f516b4d1ddf2\r\ntimestamp: 1767950282\r\nsiteCode: \r\nsign: TAQxWXk5ECMqsXnclbMyYtkD1zjqWNlLO6MaCZ9JQVZ2a5N+kv+6ZF0CDtDAPUr4\r\ndevicetype: 4\r\nplatformtype: 3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: application/json\r\nserver: AliyunOSS\r\nx-oss-request-id: 6960C7CA1FFD1135313F51CF\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 07 Jan 2026 10:59:48 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11245385302796388412\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=86400\r\ncontent-md5: TjSaqeZGudlip0bDlFoovQ==\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nvia: 1.1 PSxgHK6sh179:18 (W), 1.1 jp18:19 (W)\r\nx-px: ms jp18SIN, ms PSxgHK6sh179HKG(origin)\r\nx-ws-request-id: 6960c7ca_jp18_21289-59165\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6060,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (6060), with no line terminators","md5":"4e349aa9e646b9d962a746c3945a28bd","sha1":"4934a1183db694a217752a5e39c0d28d55605f12","sha256":"8380454c72ad17ed8af90b5e2166e7c2204990f28c758f36ed4cec105fd278b4","sha512":"2b8d17d86fb5d386432fe93288d9c988c0798c4ec86ace6e7998b9ca479002aa7644a4e36321f50e013d7d4dc532d6d0c4774f0d6b215e0d5ccdbeff2fc13042","ssdeep":"96:nI8YGt5qlDctAV2GiH06TF7lHQzCLBWJaZHVPR1wmNqusq1f9VhiRd9V2xiyjQMB:nTYGnqlDct5+6Vyq3ts8NivgbjQ5CBuQ","tlshash":"26c18e9484c4b7bdf2026ac550e372043bf51c568c46b20b2e60ef57668f90a176f42e","first_seen":"2026-01-07T16:47:36.460614Z","last_seen":"2026-01-17T18:45:10.835167Z","times_seen":45,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"146.103.74.60/ipacdn.txt?t=1767950282876","fqdn":"146.103.74.60","domain":"146.103.74.60","tld":""},"ip":{"addr":"146.103.74.60","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"146.103.74.2","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 05 Aug 2025 03:11:02 GMT","end":"Sun, 06 Sep 2026 03:11:01 GMT"},"fingerprint":{"sha1":"48:98:F3:AD:F2:1C:C7:EB:CD:EC:0F:B4:FA:04:DE:CF:1D:1B:B8:19","sha256":"C4:54:02:E1:D1:76:33:8A:8E:62:E0:05:9D:B3:9A:A6:C9:EF:34:71:E0:69:EB:2B:F6:A6:07:88:2E:7E:7F:3C"}}},"request":{"raw":"GET /ipacdn.txt?t=1767950282876 HTTP/1.1\r\nHost: 146.103.74.60\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a094e6317679502838268467e4f963a4d06032e26684ab8d751842760f411;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: 1.1 jp184:2 (W), 1.1 jp18:28 (W)\r\nx-px: ms jp18SIN, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_jp18_22522-11675\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-09T15:17:00.404515Z","times_seen":291294,"resource_available":true,"data":null}},"time_used":1950,"timings":{"blocked":828,"dns":0,"connect":269,"send":0,"wait":287,"receive":3,"ssl":559},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:50.791Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":1083,"timings":{"blocked":1083,"dns":0,"connect":330,"send":0,"wait":0,"receive":0,"ssl":351},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/polyfills-DEdh9lOP.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:00.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/polyfills-DEdh9lOP.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 6953BA7F1C0FF73438DAE1F6\r\naccept-ranges: bytes\r\netag: \"903E1FEC1D61EFF2C06167DABCC62903\"\r\nlast-modified: Tue, 23 Dec 2025 08:13:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1492588491682344136\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.6.8\r\ncache-control: max-age=31622400\r\ncontent-md5: kD4f7B1h7/LAYWfavMYpAw==\r\nx-oss-server-time: 5\r\nvia: 1.1 PS-HKG-040fc30:21 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 855370\r\nx-ws-request-id: 6960c7c9_jp18_21289-59087\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":116404,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57556), with NEL line terminators","md5":"903e1fec1d61eff2c06167dabcc62903","sha1":"40013b2fe02ce4399e54f3b6442b55b35b856e08","sha256":"498f6464b67dba15b58fbfadea02983e5e5f2b85852d3bea9c67fda4c5bd7537","sha512":"5489707db231e3f2a5195ff5ad9f5b4cba90f5608e91dc8c2f8c10029cd76b0ac4cfb237d6d3b3a635d9e06b4949f012212534a0419c937f5949ccd01ae577de","ssdeep":"1536:K8WDdRYdEj8LXgkvQPDDdEZ7D0U0ZbmNvNXBfnyQHF10a4S:SDdcE0XvQPndQD0U0ZbmZNZn9F10a4S","tlshash":"1ab3e6c9f6d6f0a207e760a4403f110bf23b6d55b81e9090e366d5d17cb9a8ac13bf69","first_seen":"2025-11-26T09:41:12.537516Z","last_seen":"2026-05-09T16:10:26.33664Z","times_seen":1306,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vue-BJUJtGKq.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/@vue-BJUJtGKq.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 688CEE1DDA8A793438696AAE\r\naccept-ranges: bytes\r\netag: \"F06F0FD561EEA95C4FECCDE0746117B1\"\r\nlast-modified: Tue, 29 Jul 2025 07:45:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2765128482951630514\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.3.6\r\ncache-control: max-age=31622400\r\ncontent-md5: 8G8P1WHuqVxP7M3gdGEXsQ==\r\nx-oss-server-time: 2\r\nvia: 1.1 PS-000-04cT199:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 13883820\r\nx-ws-request-id: 6960c7c9_jp18_21289-59112\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":74100,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f06f0fd561eea95c4feccde0746117b1","sha1":"32c45886151948703a8ac692a48d3cce70aa25e3","sha256":"e228111590701d2db46eb9d8c2a4d85377a449f398bbed10a94ef47938a57c55","sha512":"88e3e6da9f043912c14291675ff91b5426e21fe36defd0cd318131e1b2a9c791fdd662697838cbc1a0a0bddc3139d5ce4e81f82108886153575d383aef0fe4a1","ssdeep":"768:8XCLkQJtg/ocN0MjFuPgDpt6RDMk/0jOVT/eFYl9E27OqX6MQYAMOxTlExfheEqh:9wSCqJCI2b273WNK2U40MH","tlshash":"917308e83092b46253fa19e2007b0406f3792d5a3849d998b16dfedb3e7241550bbfbd","first_seen":"2025-06-19T04:15:59.499735Z","last_seen":"2026-05-09T15:09:41.320306Z","times_seen":8049,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/hall/api/lobby/config/getAppDownloadInfo.json?t=1767950","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:04.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /hall/api/lobby/config/getAppDownloadInfo.json?t=1767950 HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: 2d4991ec-63c3-4b16-bca7-87ed9e8d1749\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: 2d4991ec-63c3-4b16-bca7-87ed9e8d1749\r\ntimestamp: 1767950284\r\nsiteCode: 1297\r\nsign: evT/3Y5uvi8MzWDBvJ0inHoXcC5sMiCIlvGT9Nk/BLkbcpjzB1kwD1cwgZmk12SR\r\ndevicetype: 4\r\nplatformtype: 3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:04 GMT\r\ncontent-type: application/json\r\nserver: AliyunOSS\r\nx-oss-request-id: 6960C7CC1FFD113531535ACF\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 07 Jan 2026 19:19:59 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18316725020149527087\r\nx-oss-storage-class: Standard\r\ncache-control: s-maxage=600,public,max-age=0\r\ncontent-md5: XqLIgH50S1giA13rgjgs3g==\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nvia: 1.1 PSxgHK6sh179:18 (W), 1.1 jp18:19 (W)\r\nx-px: ms jp18SIN, ms PSxgHK6sh179HKG(origin)\r\nx-ws-request-id: 6960c7cc_jp18_21289-59226\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3800,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (3800), with no line terminators","md5":"5ea2c8807e744b5822035deb82382cde","sha1":"e0a6ec950f348ddc3a66c7de12617b26d30bf1bb","sha256":"af25ccf08783351871d703054481cd339f41b923fc012cb3f7b0cf284a88bbd1","sha512":"0af81c196e48097fc35beb34a611ceee301ee4a01f3c2eecf6e97e2d990745ea1576da97bc3d4a7459bf637366d601184ac4b91e9862306b311cc49965cb4068","ssdeep":"","tlshash":"ba715c9a207ca8b772d47e31938fafa411580706d2504bf37754323a99e6ff1a161bd3","first_seen":"2026-01-08T23:20:44.682738Z","last_seen":"2026-01-14T06:38:09.323329Z","times_seen":27,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vant-BGmWO0Bj.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/@vant-BGmWO0Bj.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 688CEE1D4F0FE4343073805B\r\naccept-ranges: bytes\r\netag: \"6D405D0E201A7E59001FA3732E601DEB\"\r\nlast-modified: Tue, 29 Jul 2025 07:45:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13849520693333665795\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.3.6\r\ncache-control: max-age=31622400\r\ncontent-md5: bUBdDiAaflkAH6NzLmAd6w==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-000-04cT199:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 13883820\r\nx-ws-request-id: 6960c7c9_jp18_21289-59117\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2638,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2637)","md5":"6d405d0e201a7e59001fa3732e601deb","sha1":"5e9782ceacd87cb267c610855a11d88388d5f849","sha256":"49225d1c23add4df603a7e2d4d8dd8cb7e26d926b4e461bb58b3ab6dc86e785f","sha512":"4ad5f0a44df106356de8d02bf00364e1000f804ace31a63094ba7174eb892a9ec3769118bc5ddea163ae8cc9784bf4b5008eff7c7a5bfae9492d2346dcf995a6","ssdeep":"","tlshash":"b95167ac3651bc34465a1ea2417f9ba5b2163824704b8050e008dd153951863c7fffde","first_seen":"2025-06-19T04:15:59.51972Z","last_seen":"2026-05-09T15:09:41.344415Z","times_seen":8045,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":382,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/vant-D5IJGWJU.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/vant-D5IJGWJU.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 68D6E2D57E084E3732DE4B3E\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"852E273954FA90D55C0E74BA1ADDE9E4\"\r\nlast-modified: Tue, 23 Sep 2025 04:57:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3881004583381422922\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.4.3\r\ncache-control: max-age=31622400\r\ncontent-md5: hS4nOVT6kNVcDnS6Gt3p5A==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-000-01HE2150:4 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 9037044\r\nx-ws-request-id: 6960c7c9_jp18_21289-59116\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25153,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (24864)","md5":"852e273954fa90d55c0e74ba1adde9e4","sha1":"1edd5cd78042a89fdb453eff7ac00a81ee11381d","sha256":"a362f686e909416c308eb2e9bd7303593e68b441a6672db1d2d76f8545fe3049","sha512":"593a21cc5befa4ea9345c755b92e155f572805c6d43b162d45e5fc28db1d8aa7a29e65da492cdd1773689a4c5b28d321c6e70b57082931694d38695db8ebce6a","ssdeep":"768:aHcoeRdR113jDKzaKhIP3aJZmHD19BOoTEwVde0ewh6Kg462KIGsEnCrE/jXg:Jo0DKzO3aUnMULPKXg","tlshash":"f7b209993086f43f63f585ee40690201a3291b6a341ec4ecb53ceedbb299c5974b6b35","first_seen":"2025-06-19T04:15:59.508357Z","last_seen":"2026-05-09T15:09:41.33289Z","times_seen":8046,"resource_available":true,"data":null}},"time_used":380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/crypto-js-Bxg3hG30.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/crypto-js-Bxg3hG30.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 68D5BD5F7E084E3932B54690\r\naccept-ranges: bytes\r\netag: \"0AF8D2F1FE6E8561C27E25DEF2203A11\"\r\nlast-modified: Tue, 23 Sep 2025 04:57:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11575899039431984631\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.4.3\r\ncache-control: max-age=31622400\r\ncontent-md5: CvjS8f5uhWHCfiXe8iA6EQ==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-HKG-045nl33:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 9112171\r\nx-ws-request-id: 6960c7ca_jp18_21289-59137\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":69315,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0af8d2f1fe6e8561c27e25def2203a11","sha1":"795359172462f18ddf0b219d3f4f1025852a3232","sha256":"59a93b83cecb195f686ab071a66fed26cabca9bd21f797b9b78f7f20b3f8a9be","sha512":"e6de4c7e8731c98bda03cb76f76c0cbc674c2f14dc53228797f66a26c12e678a8840319e35480b37fe879745640134c306e147e16fda165df9645aa8b99cb54e","ssdeep":"1536:s1MrM4s1tY5FfYeOj/RQtPtNPU9ArHMto:s/aYeOLRK","tlshash":"64634ac4768870d1a3ab78a0093fb08b727335a249acd198f264e6dd6d7c6dd8136d3d","first_seen":"2025-06-19T04:15:59.523491Z","last_seen":"2026-05-09T14:31:19.803881Z","times_seen":5445,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api129756497983113874651.mios.cn.com/ipacdn.txt?t=1767950282876","fqdn":"api129756497983113874651.mios.cn.com","domain":"mios.cn.com","tld":"cn.com"},"ip":{"addr":"138.113.100.55","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mios.cn.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Wed, 01 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"06:48:F5:C4:6C:0A:BA:1B:CB:2A:B4:E5:90:E3:D8:03:49:7D:03:C0","sha256":"D2:A9:E1:7D:33:69:D9:A9:23:EF:A0:DD:7C:1A:97:4A:8D:4A:27:F4:49:53:78:85:64:C0:EE:6E:A4:8E:49:3F"}}},"request":{"raw":"GET /ipacdn.txt?t=1767950282876 HTTP/1.1\r\nHost: api129756497983113874651.mios.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a0f6b8f17679502833024072e598d37ca4b97a0fcac323bae14a03c80ab0c;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: 1.1 jp184:10 (W), 1.1 PS-CDG-04Aeg47:21 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_48469-15156\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-09T15:17:00.404515Z","times_seen":291294,"resource_available":true,"data":null}},"time_used":832,"timings":{"blocked":314,"dns":183,"connect":27,"send":0,"wait":200,"receive":1,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:44.641Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":5525,"timings":{"blocked":0,"dns":4922,"connect":292,"send":0,"wait":0,"receive":0,"ssl":308},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":""},"ip":{"addr":"38.54.81.14","port":443,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Philippines","country_code":"PH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:53.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"petji.app","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jan 2025 11:06:29 GMT","end":"Thu, 03 Apr 2025 11:06:28 GMT"},"fingerprint":{"sha1":"7C:01:EF:28:17:9F:B6:FA:38:6D:9A:13:A3:7E:5F:CC:46:7A:2F:5A","sha256":"01:59:D8:52:9E:50:BB:2C:03:A7:88:03:C4:5A:57:FA:0C:D4:49:A2:AA:35:E5:A1:B6:40:6F:DD:2F:A3:7A:A0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://xz.tpiej.app/?cid=865853\r\ncontent-length: 0\r\ndate: Fri, 09 Jan 2026 09:17:54 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":2507,"timings":{"blocked":1101,"dns":485,"connect":301,"send":0,"wait":305,"receive":0,"ssl":312},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/assets/vant-DJOnW2S3.css","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:00.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/assets/vant-DJOnW2S3.css HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/css\r\nserver: AliyunOSS\r\nx-oss-request-id: 6953BA7F1FFD113633CE384E\r\nlast-modified: Tue, 23 Dec 2025 08:13:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17944980485908575814\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.6.8\r\ncache-control: max-age=31622400\r\ncontent-md5: hGLpeNy3oTOMMuVxP1I4/Q==\r\nx-oss-server-time: 8\r\ncontent-encoding: gzip\r\nvia: 1.1 PS-000-01uXU203:15 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 855370\r\nx-ws-request-id: 6960c7c9_jp18_21289-59089\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12595,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12594)","md5":"8462e978dcb7a1338c32e5713f5238fd","sha1":"c729ead6412c6e2170d8ebbb88266b47c9a26823","sha256":"e3d1127793c738345cec2f02d7c4f9aa268505ab2d4527e9b77f75bb2f840bd3","sha512":"fcc34c90f6434bcc64a1641d102ab82e0a4fbe541b841813e0938663e49aa2ccfa26474dd9b520d38ee22b543ad25d5b56e758c6c1274cd7ce5b6dd7b44dce84","ssdeep":"384:MD2KFZnHEcam51bjQurwcq6SWHd/flrwcq6SWHd/fyfzQWmhqIX:5fXmhqIX","tlshash":"5742412ae841027a6e036a2597de05d4f17ce6b27e62cde8715432498bc7ff81737247","first_seen":"2025-08-21T07:31:55.601088Z","last_seen":"2026-05-09T16:10:26.363278Z","times_seen":7283,"resource_available":false,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":600,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/crypto-js-Bxg3hG30.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/crypto-js-Bxg3hG30.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 68D5BD5F7E084E3932B54690\r\naccept-ranges: bytes\r\netag: \"0AF8D2F1FE6E8561C27E25DEF2203A11\"\r\nlast-modified: Tue, 23 Sep 2025 04:57:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11575899039431984631\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.4.3\r\ncache-control: max-age=31622400\r\ncontent-md5: CvjS8f5uhWHCfiXe8iA6EQ==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-HKG-045nl33:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 9112170\r\nx-ws-request-id: 6960c7c9_jp18_21289-59113\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":69315,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0af8d2f1fe6e8561c27e25def2203a11","sha1":"795359172462f18ddf0b219d3f4f1025852a3232","sha256":"59a93b83cecb195f686ab071a66fed26cabca9bd21f797b9b78f7f20b3f8a9be","sha512":"e6de4c7e8731c98bda03cb76f76c0cbc674c2f14dc53228797f66a26c12e678a8840319e35480b37fe879745640134c306e147e16fda165df9645aa8b99cb54e","ssdeep":"1536:s1MrM4s1tY5FfYeOj/RQtPtNPU9ArHMto:s/aYeOLRK","tlshash":"64634ac4768870d1a3ab78a0093fb08b727335a249acd198f264e6dd6d7c6dd8136d3d","first_seen":"2025-06-19T04:15:59.523491Z","last_seen":"2026-05-09T14:31:19.803881Z","times_seen":5445,"resource_available":true,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vueuse-NPvArpLr.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/@vueuse-NPvArpLr.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 68D6E2D58A23F73437AE75F9\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"F57C1DAB91FA5BCF6CC05DAFB72FE784\"\r\nlast-modified: Tue, 23 Sep 2025 04:57:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13531219125344317706\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.4.3\r\ncache-control: max-age=31622400\r\ncontent-md5: 9Xwdq5H6W89swF2vty/nhA==\r\nx-oss-server-time: 4\r\nvia: 1.1 PS-000-01HE2150:4 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 9037045\r\nx-ws-request-id: 6960c7ca_jp18_21289-59138\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":5323,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5322)","md5":"f57c1dab91fa5bcf6cc05dafb72fe784","sha1":"02165143404317c6434319149653f730bbe80603","sha256":"7244981ad0fd0347cc2f3d384a2a2db3cc2678d99e6b5ea5381f4d98d7625108","sha512":"2bf0b1de7a04bc917d7a792b58d79d778ad5f35bd6c088a8a051b534c4f8a72eccb592c05adadd8e2304a84bc3dbfc21168fc5746bb7df89f2ef5a99640168bb","ssdeep":"96:lrJGxFiRKyxeF1NFjWtE8CEQxST3VPXt5L2kJOLUtNRCeSkG6ToEuvSOpeFPTbQP:lrYiRKD6tE8vQxST3pL2dUtNRnSkGCoX","tlshash":"ffb1c99875927071737b4c99d077010ab33c39a0358ee0d0a02fafd53a619e293b3d9e","first_seen":"2025-09-23T05:38:40.251503Z","last_seen":"2026-05-09T16:10:26.330718Z","times_seen":4772,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vant-BGmWO0Bj.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/@vant-BGmWO0Bj.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 688CEE1D4F0FE4343073805B\r\naccept-ranges: bytes\r\netag: \"6D405D0E201A7E59001FA3732E601DEB\"\r\nlast-modified: Tue, 29 Jul 2025 07:45:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13849520693333665795\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.3.6\r\ncache-control: max-age=31622400\r\ncontent-md5: bUBdDiAaflkAH6NzLmAd6w==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-000-04cT199:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 13883821\r\nx-ws-request-id: 6960c7ca_jp18_21289-59141\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2638,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2637)","md5":"6d405d0e201a7e59001fa3732e601deb","sha1":"5e9782ceacd87cb267c610855a11d88388d5f849","sha256":"49225d1c23add4df603a7e2d4d8dd8cb7e26d926b4e461bb58b3ab6dc86e785f","sha512":"4ad5f0a44df106356de8d02bf00364e1000f804ace31a63094ba7174eb892a9ec3769118bc5ddea163ae8cc9784bf4b5008eff7c7a5bfae9492d2346dcf995a6","ssdeep":"","tlshash":"b95167ac3651bc34465a1ea2417f9ba5b2163824704b8050e008dd153951863c7fffde","first_seen":"2025-06-19T04:15:59.51972Z","last_seen":"2026-05-09T15:09:41.344415Z","times_seen":8045,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/favicon.ico","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/html\r\ncontent-length: 138\r\nlocation: https://138.113.11.10:5001/normal/favicon.ico\r\nvia: 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nx-ws-request-id: 6960c7ca_jp18_21289-59160\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":310,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api1297351657641321645.federal.cn.com/ipacdn.txt?t=1767950282877","fqdn":"api1297351657641321645.federal.cn.com","domain":"federal.cn.com","tld":"cn.com"},"ip":{"addr":"140.150.28.17","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api1297351657641321645.federal.cn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 11:21:37 GMT","end":"Wed, 18 Feb 2026 11:21:36 GMT"},"fingerprint":{"sha1":"C8:D0:DA:8E:3D:D9:A3:0E:33:3F:4E:F3:A0:CC:05:FD:0D:99:D9:9B","sha256":"22:E8:70:2E:85:7A:B0:CD:01:DE:16:6B:E5:86:CD:1C:B3:0E:9A:BF:97:72:19:92:0A:E3:F7:B4:1D:7E:17:D4"}}},"request":{"raw":"GET /ipacdn.txt?t=1767950282877 HTTP/1.1\r\nHost: api1297351657641321645.federal.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a094e7617679502832336892e3f9d34d0e7480cf7fa202774592065bf419a;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: 1.1 jp184:6 (W), 1.1 PS-CDG-04Aeg47:0 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_45632-50928\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-09T15:17:00.404515Z","times_seen":291294,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":231,"dns":173,"connect":26,"send":0,"wait":197,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":""},"ip":{"addr":"38.54.81.14","port":80,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Philippines","country_code":"PH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:50.185Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nContent-Type: text/html; charset=utf-8\r\nLocation: https://tpiej.app/\r\nDate: Fri, 09 Jan 2026 09:17:50 GMT\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":904,"timings":{"blocked":299,"dns":1,"connect":302,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xz.tpiej.app/favicon.ico","fqdn":"xz.tpiej.app","domain":"xz.tpiej.app","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xz.tpiej.app/?cid=865853","date":"2026-01-09T09:17:59.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xz.petji.app","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jan 2025 11:16:29 GMT","end":"Thu, 03 Apr 2025 11:16:28 GMT"},"fingerprint":{"sha1":"D6:23:28:10:89:C8:33:1E:5F:90:C6:37:43:11:77:03:2E:6D:B1:27","sha256":"0C:48:49:A2:D5:C6:7A:D6:63:CC:A3:1A:BF:2C:A9:2C:7D:17:C3:0C:4B:1A:87:6A:77:E2:4A:64:80:6E:47:19"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: xz.tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xz.tpiej.app/?cid=865853\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"xz.tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/?cid=276788","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:59.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/?cid=276788 HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:00 GMT\r\ncontent-type: text/html\r\nserver: AliyunOSS\r\nx-oss-request-id: 695CF40823C054363923D94D\r\nlast-modified: Tue, 06 Jan 2026 10:54:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17917520778798942939\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.2\r\ncache-control: max-age=600,s-maxage=1800,public\r\ncontent-md5: ObxRuFYo6NktE8EUQ9SGiA==\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nvia: 1.1 PS-000-04e3T101:4 (W), 1.1 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nx-ws-request-id: 6960c7c8_jp18_21289-59073\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (344)","md5":"39bc51b85628e8d92d13c11443d48688","sha1":"cacb3397ca2eaa83377a9dbffe0341aca8d67b30","sha256":"4f12a653d15c35d22086ebb85e6dd0a9e2b441e1a581795e6e77b0a12f46d7e5","sha512":"22dbf0dafe1360f4036dd1daa267ed6a4664c013e59b8db4f7be1bb06e38a5b0d61bf5ff66faa61f159eb1b498c4b8a09201329b862e81057778094f8d11e037","ssdeep":"","tlshash":"5e51244665f0cd5612680e2aaed6f4087ed296c7454da880b4de54fd0f80fc68bd35ba","first_seen":"2026-01-06T11:38:19.401696Z","last_seen":"2026-03-15T08:06:36.387453Z","times_seen":120,"resource_available":false,"data":null}},"time_used":2005,"timings":{"blocked":810,"dns":0,"connect":272,"send":0,"wait":384,"receive":0,"ssl":537},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vueuse-NPvArpLr.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/@vueuse-NPvArpLr.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 68D6E2D58A23F73437AE75F9\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"F57C1DAB91FA5BCF6CC05DAFB72FE784\"\r\nlast-modified: Tue, 23 Sep 2025 04:57:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13531219125344317706\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.4.3\r\ncache-control: max-age=31622400\r\ncontent-md5: 9Xwdq5H6W89swF2vty/nhA==\r\nx-oss-server-time: 4\r\nvia: 1.1 PS-000-01HE2150:4 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 9037044\r\nx-ws-request-id: 6960c7c9_jp18_21289-59114\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":5323,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5322)","md5":"f57c1dab91fa5bcf6cc05dafb72fe784","sha1":"02165143404317c6434319149653f730bbe80603","sha256":"7244981ad0fd0347cc2f3d384a2a2db3cc2678d99e6b5ea5381f4d98d7625108","sha512":"2bf0b1de7a04bc917d7a792b58d79d778ad5f35bd6c088a8a051b534c4f8a72eccb592c05adadd8e2304a84bc3dbfc21168fc5746bb7df89f2ef5a99640168bb","ssdeep":"96:lrJGxFiRKyxeF1NFjWtE8CEQxST3VPXt5L2kJOLUtNRCeSkG6ToEuvSOpeFPTbQP:lrYiRKD6tE8vQxST3pL2dUtNRnSkGCoX","tlshash":"ffb1c99875927071737b4c99d077010ab33c39a0358ee0d0a02fafd53a619e293b3d9e","first_seen":"2025-09-23T05:38:40.251503Z","last_seen":"2026-05-09T16:10:26.330718Z","times_seen":4772,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/ua-parser-js-DP5omx3I.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/ua-parser-js-DP5omx3I.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 688CEE1D356FFA3130EB004B\r\naccept-ranges: bytes\r\netag: \"B71C1A4FD07412D0DDD5F0006E401E75\"\r\nlast-modified: Tue, 29 Jul 2025 07:45:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10442958121826919971\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.3.6\r\ncache-control: max-age=31622400\r\ncontent-md5: txwaT9B0EtDd1fAAbkAedQ==\r\nx-oss-server-time: 2\r\nvia: 1.1 PS-000-04cT199:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 13883820\r\nx-ws-request-id: 6960c7c9_jp18_21289-59115\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":24038,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (24037)","md5":"b71c1a4fd07412d0ddd5f0006e401e75","sha1":"a3cf730602aeef3df364916f4ef42e7c0f903419","sha256":"bc8e4ca06ec494e7df32f2dbf125b9b0503a60de5991b5badbb20e5e6c043ad7","sha512":"d018e92aeb4d98a54260edbd707e088a8875010278bc8979921cbbc492281e1fb8720ced7e21cc29b33500d4221c0c403b88b31b6f70caf069f2fc4daad2b793","ssdeep":"384:KLykXfExhSMH+rq/51Raw7t2v6az5CgSpnMjEMuSI162By4iBWijdv:KLFfY1erq/51YGt2/z5C3fSI162By4ib","tlshash":"f6b2a77fe3d5b73c07ece508d63504482f271f69ea88a0746e9892a1a9747c612c7f36","first_seen":"2025-06-19T04:15:59.5131Z","last_seen":"2026-05-09T15:09:41.337233Z","times_seen":9706,"resource_available":true,"data":null}},"time_used":360,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":360,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api12976546579843116546.jewelry.cn.com/ipacdn.txt?t=1767950282876","fqdn":"api12976546579843116546.jewelry.cn.com","domain":"jewelry.cn.com","tld":"cn.com"},"ip":{"addr":"172.65.218.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api12976546579843116546.jewelry.cn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 12 Jul 2025 00:00:00 GMT","end":"Sun, 12 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0A:E0:8A:4F:32:CB:CF:62:E2:DB:4B:3E:0C:3A:2D:D3:A4:8A:BD:4B","sha256":"53:F7:B0:4F:6E:F8:86:6E:1D:DB:FA:15:04:37:B8:5F:ED:C0:47:8B:BA:6C:FB:12:B5:98:3C:B2:1B:42:24:05"}}},"request":{"raw":"GET /ipacdn.txt?t=1767950282876 HTTP/1.1\r\nHost: api12976546579843116546.jewelry.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a0f6b8f17679502838424343e598d8f00ec82495b384387e230c3c95cb843;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nserver: gocache\r\nc-type: pf\r\nrid: 444b82f3ca8c08077708dff28399e895\r\nx-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GoCache","description":"GoCache is an in-memory key:value store/cache similar to memcached that is suitable for applications running on a single machine.","website":"https://www.gocache.com.br/","common_platform_enumeration":"","icon":"GoCache.png","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-09T15:17:00.404515Z","times_seen":291294,"resource_available":true,"data":null}},"time_used":1926,"timings":{"blocked":811,"dns":356,"connect":1,"send":0,"wait":299,"receive":0,"ssl":456},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api1297351657641321645.federal.cn.com/hall/api/agent/downloadSite/regionAccessV2","fqdn":"api1297351657641321645.federal.cn.com","domain":"federal.cn.com","tld":"cn.com"},"ip":{"addr":"140.150.28.17","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:03.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api1297351657641321645.federal.cn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 11:21:37 GMT","end":"Wed, 18 Feb 2026 11:21:36 GMT"},"fingerprint":{"sha1":"C8:D0:DA:8E:3D:D9:A3:0E:33:3F:4E:F3:A0:CC:05:FD:0D:99:D9:9B","sha256":"22:E8:70:2E:85:7A:B0:CD:01:DE:16:6B:E5:86:CD:1C:B3:0E:9A:BF:97:72:19:92:0A:E3:F7:B4:1D:7E:17:D4"}}},"request":{"raw":"OPTIONS /hall/api/agent/downloadSite/regionAccessV2 HTTP/1.1\r\nHost: api1297351657641321645.federal.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: clienttimezone,content-type,device,devicemodel,devicetype,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-custom-referer,x-request-id,x-version\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nset-cookie: acw_tc=0a094e7617679502834626929e3f9dc0db067d1e68b139b9393bea43baa879;path=/;HttpOnly;Max-Age=1800\r\nx-saas-server-id: f49dcffcc-fndg4|c56c232de31e5cb601489c91538839f3\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: clienttimezone,content-type,device,devicemodel,devicetype,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-custom-referer,x-request-id,x-version\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 jp184:6 (W), 1.1 PS-CDG-04Aeg47:0 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_45632-50934\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api1297351657641321645.federal.cn.com/hall/api/agent/downloadSite/regionAccessV2","fqdn":"api1297351657641321645.federal.cn.com","domain":"federal.cn.com","tld":"cn.com"},"ip":{"addr":"140.150.28.17","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:03.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api1297351657641321645.federal.cn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 11:21:37 GMT","end":"Wed, 18 Feb 2026 11:21:36 GMT"},"fingerprint":{"sha1":"C8:D0:DA:8E:3D:D9:A3:0E:33:3F:4E:F3:A0:CC:05:FD:0D:99:D9:9B","sha256":"22:E8:70:2E:85:7A:B0:CD:01:DE:16:6B:E5:86:CD:1C:B3:0E:9A:BF:97:72:19:92:0A:E3:F7:B4:1D:7E:17:D4"}}},"request":{"raw":"POST /hall/api/agent/downloadSite/regionAccessV2 HTTP/1.1\r\nHost: api1297351657641321645.federal.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: 78e44215-b9af-4f65-ac50-ac31467d4d6c\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: 78e44215-b9af-4f65-ac50-ac31467d4d6c\r\ntimestamp: 1767950283\r\nsiteCode: 1297\r\nsign: HBG+L9L4Ez3EFH8MnHX4BH48FcYLxV0+XzwWhcCPz6EkSyqIdqO9UibHcKlOr5Hn\r\ndevicetype: 4\r\nplatformtype: 3\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 278\r\nset-cookie: acw_tc=0a094e7617679502836556966e3f9ddefdf59fb6732356a9198a517723e162;path=/;HttpOnly;Max-Age=1800\r\nx-trace-id: fd14fef84bc6ccfe35e64bd9515ef390\r\nx-env-apisix: 0\r\nx-env-go-biz-agent-server: 0\r\ncache-control: no-cache\r\nx-saas-server-id: f49dcffcc-wvh6q|4a018443e1240374a9ea81b2994a5593\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 jp184:6 (W), 1.1 PS-CDG-04Aeg47:0 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_45632-50940\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":278,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"84c8ed3cbcf4754bc1f35add397b243c","sha1":"dda7854ee5237cc47e6265cb2d34487badc16ebc","sha256":"4e67e422b8b76dd323a90c8843ce97ab2551e5ff0fa7fdce381ccea37b6330c4","sha512":"c0a6ba974cd411e211022399eba4aaff247fe535fa95922e66a5006e805dcb13f3178fdf26943eb6cb2259c9dc73eaf1d1e68fef177c94d58083111b22065238","ssdeep":"","tlshash":"03d05e1e0736adfceea592a9602a6ed179ec5001204c9738fcde2e3412d878e533125a","first_seen":"2026-01-09T09:18:22.725173Z","last_seen":"2026-01-09T09:18:22.725173Z","times_seen":1,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tpiej.app/","fqdn":"tpiej.app","domain":"tpiej.app","tld":""},"ip":{"addr":"38.54.81.14","port":443,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Philippines","country_code":"PH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:57.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"petji.app","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jan 2025 11:06:29 GMT","end":"Thu, 03 Apr 2025 11:06:28 GMT"},"fingerprint":{"sha1":"7C:01:EF:28:17:9F:B6:FA:38:6D:9A:13:A3:7E:5F:CC:46:7A:2F:5A","sha256":"01:59:D8:52:9E:50:BB:2C:03:A7:88:03:C4:5A:57:FA:0C:D4:49:A2:AA:35:E5:A1:B6:40:6F:DD:2F:A3:7A:A0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://xz.tpiej.app/?cid=865853\r\ncontent-length: 0\r\ndate: Fri, 09 Jan 2026 09:17:57 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":90,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xz.tpiej.app/?cid=865853","fqdn":"xz.tpiej.app","domain":"xz.tpiej.app","tld":""},"ip":{"addr":"38.54.81.14","port":443,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Philippines","country_code":"PH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:57.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xz.petji.app","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jan 2025 11:16:29 GMT","end":"Thu, 03 Apr 2025 11:16:28 GMT"},"fingerprint":{"sha1":"D6:23:28:10:89:C8:33:1E:5F:90:C6:37:43:11:77:03:2E:6D:B1:27","sha256":"0C:48:49:A2:D5:C6:7A:D6:63:CC:A3:1A:BF:2C:A9:2C:7D:17:C3:0C:4B:1A:87:6A:77:E2:4A:64:80:6E:47:19"}}},"request":{"raw":"GET /?cid=865853 HTTP/1.1\r\nHost: xz.tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Fri, 09 Jan 2026 09:17:38 GMT\r\netag: W/\"68787a24-5a\"\r\nlast-modified: Fri, 09 Jan 2026 09:17:38 GMT\r\nlocation: https://caomdskf.vsdoifj1gkr2hej7sd1kvhkwebfkw.cc:1266\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, server, disk\r\ncontent-length: 105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":90,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text","md5":"bdf1e252b3d875216e2c84e437615815","sha1":"9dfcb0ff31ae65eea21d8eb814768b41c3c05c9d","sha256":"ea9a81f11e67435a4ef44616a214666c6a2ae280b4aa9f9d2079c0b1d1986ffb","sha512":"136b50989cb037dda8a7d9410a2fe12e648a13abf862876ae31ec751ded64dae5afaf7d6f0c0cffa5644cb26f29fe49454174d145fceda2bfa884fdaa9dbe0b1","ssdeep":"","tlshash":"19b012631a21c01a0231d2901405b10290410713dc084560ceb420cc4ca5e58d587225","first_seen":"2025-11-17T06:46:57.244166Z","last_seen":"2026-05-09T14:00:22.940926Z","times_seen":628,"resource_available":true,"data":null}},"time_used":2699,"timings":{"blocked":1191,"dns":545,"connect":316,"send":0,"wait":317,"receive":0,"ssl":326},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"xz.tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/hall/api/lobby/channel/go/getChannelInfoById/id/276788/info/channel.json?t=1767950","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:03.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /hall/api/lobby/channel/go/getChannelInfoById/id/276788/info/channel.json?t=1767950 HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: c1abbe90-32ee-47e3-8f7b-d09d09f220a4\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: c1abbe90-32ee-47e3-8f7b-d09d09f220a4\r\ntimestamp: 1767950283\r\nsiteCode: 1297\r\nsign: 2Hzw9TyBJ7Sd4QsxhSKHMJcYQr2ZrCDl6d4ueuE3Vjeg3bWBDb2iHQDQfr1Lv+7A\r\ndevicetype: 4\r\nplatformtype: 3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: application/json\r\nserver: AliyunOSS\r\nx-oss-request-id: 6960C7CB1FFD113531F156CF\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 07 Jan 2026 19:19:49 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5119971646365072010\r\nx-oss-storage-class: Standard\r\ncache-control: s-maxage=600,public,max-age=0\r\ncontent-md5: 9oI3meBZwl5O9Z/jbOi86Q==\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nvia: 1.1 PSxgHK6sh179:18 (W), 1.1 jp18:19 (W)\r\nx-px: ms jp18SIN, ms PSxgHK6sh179HKG(origin)\r\nx-ws-request-id: 6960c7cb_jp18_21289-59210\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1176,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (1176), with no line terminators","md5":"f6823799e059c25e4ef59fe36ce8bce9","sha1":"4b79a421ab06bf88d6310b0f9a82faf10cf61c64","sha256":"145b3aa7f7c2ca79bcf8faff1b16ce3f1b4ea6b31c59191dceaa0ca6899277a5","sha512":"4ccf6eb608f6b904d7d3bfc8ecacf474986172283b127ec1dd5b0bc51cc31b1042af63021f87e0ac26f0921448fd11db4fa6ed16bd7bd1c34c7828c5e087ae42","ssdeep":"","tlshash":"2421a76bc83bb9403126f6e50987998fadc6557713342e50db6004fc496af944833adb","first_seen":"2026-01-08T23:20:44.675206Z","last_seen":"2026-01-14T06:38:09.331452Z","times_seen":27,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api1297351657641321645.federal.cn.com/hall/api/agent/promote/binding/reportViewV2","fqdn":"api1297351657641321645.federal.cn.com","domain":"federal.cn.com","tld":"cn.com"},"ip":{"addr":"140.150.28.17","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:03.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api1297351657641321645.federal.cn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 11:21:37 GMT","end":"Wed, 18 Feb 2026 11:21:36 GMT"},"fingerprint":{"sha1":"C8:D0:DA:8E:3D:D9:A3:0E:33:3F:4E:F3:A0:CC:05:FD:0D:99:D9:9B","sha256":"22:E8:70:2E:85:7A:B0:CD:01:DE:16:6B:E5:86:CD:1C:B3:0E:9A:BF:97:72:19:92:0A:E3:F7:B4:1D:7E:17:D4"}}},"request":{"raw":"OPTIONS /hall/api/agent/promote/binding/reportViewV2 HTTP/1.1\r\nHost: api1297351657641321645.federal.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: clienttimezone,content-type,device,devicemodel,devicetype,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-custom-referer,x-request-id,x-version\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nset-cookie: acw_tc=0a094e7617679502838877013e3f9d2f0b5d72a2c80eb90edef14f01ef5134;path=/;HttpOnly;Max-Age=1800\r\nx-saas-server-id: f49dcffcc-tw9r4|55afb915fc240fdded5e9d83d2015892\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 1728000\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: clienttimezone,content-type,device,devicemodel,devicetype,domain,language,nonce,platformtype,sign,sitecode,timestamp,x-custom-referer,x-request-id,x-version\r\naccess-control-expose-headers: X-Trace-ID, newjwt, token\r\nvia: 1.1 jp184:6 (W), 1.1 PS-CDG-04Aeg47:0 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms jp184SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_45632-50946\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/hall/api/agent/downloadSite/getDownloadTemplate/tid/4260856.json?t=1767950","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:04.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /hall/api/agent/downloadSite/getDownloadTemplate/tid/4260856.json?t=1767950 HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: 268f95b8-4035-46fb-a6f6-f5ee0b4695d9\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: 268f95b8-4035-46fb-a6f6-f5ee0b4695d9\r\ntimestamp: 1767950284\r\nsiteCode: 1297\r\nsign: Hsy+tlsiXUe5/Hx/VSNbnbx015+xfWWLuxkGQkdvr8Pf8/ZyXaMblo1IOTZVYDR+\r\ndevicetype: 4\r\nplatformtype: 3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:04 GMT\r\ncontent-type: application/json\r\nserver: AliyunOSS\r\nx-oss-request-id: 6960C7CC1FFD113531BD58CF\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 09 Jan 2026 07:17:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7837374673435202812\r\nx-oss-storage-class: Standard\r\ncache-control: s-maxage=600,max-age=0,public\r\ncontent-md5: 9Rf37B6HStigIc4KAECVuQ==\r\nx-oss-server-time: 3\r\ncontent-encoding: gzip\r\nvia: 1.1 PSxgHK6sh179:18 (W), 1.1 jp18:19 (W)\r\nx-px: ms jp18SIN, ms PSxgHK6sh179HKG(origin)\r\nx-ws-request-id: 6960c7cc_jp18_21289-59218\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":8856,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (8856), with no line terminators","md5":"f517f7ec1e874ad8a021ce0a004095b9","sha1":"b916a4f9cd1f45d22f4d01ae5b2616571edf007b","sha256":"16cf42502fda21548d0dbe3b1a8b72f3ddc2308bff69c6caade6137dc9b1d7b1","sha512":"3aa2c9819dd853db6e84cc619b53c1785eba1d4b6a20a5282855a070603d81767a68fa04bac988c14df7c2cb4c3e6b7e44bd306def4a9ef6735fb4daf77a67d3","ssdeep":"192:OekbHh6q/WhskXatp7c5qgBdxTRh2cYL9SBpQ1jtkvOheQ12joiJwz8:5gQK+4p4jBF6L9D18Q1Hiu8","tlshash":"fe02c083c0800a5e22065f76b513bda71c872f4522bfb876f86cbd6383611379c651f5","first_seen":"2026-01-09T07:21:01.889273Z","last_seen":"2026-01-09T09:18:22.727427Z","times_seen":2,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/index-C1FG5uR3.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:05.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/index-C1FG5uR3.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:05 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 695D22A8F96C0435366BC3A5\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, HEAD, PUT\r\naccess-control-expose-headers: Etag\r\naccess-control-max-age: 200\r\naccept-ranges: bytes\r\netag: \"62A8C392B59206CCD1009F0BADDB6DB2\"\r\nlast-modified: Tue, 06 Jan 2026 10:54:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11737205704654144845\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.2\r\ncache-control: max-age=31622400\r\ncontent-md5: YqjDkrWSBszRAJ8Lrdttsg==\r\nx-oss-server-time: 1\r\nvia: 1.1 PS-HKG-04Zkf45:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 238885\r\nx-ws-request-id: 6960c7cd_jp18_21289-59251\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6713,"size_decoded":0,"mime_type":"text/javascript","magic":"Java source, ASCII text, with very long lines (6227)","md5":"62a8c392b59206ccd1009f0baddb6db2","sha1":"5dcbd282ed09c18e3e07983de72f965d672fc564","sha256":"5c8fd91b5387bacb797223057d709760980893cbcae3b229bf3c35087e746452","sha512":"dc4278960dd6dce9dbfc8d137f29bf40499ca55221c046eb3e7864569bc5189eba2358a1b24a8a46e6cc9a303eed8ba240e055f0f7054d588703587509793387","ssdeep":"192:7JFS+RIPLweMZR7kNef+fgfTVu2I1tlRo0AAt4:mP8eqCUTVEY","tlshash":"c0d1954efc184d759372189cb649040401756b9396a8c2b0f6be5ba90af4c649fef4fd","first_seen":"2026-01-06T11:38:19.385151Z","last_seen":"2026-03-15T08:06:36.382841Z","times_seen":120,"resource_available":true,"data":null}},"time_used":284,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xz.tpiej.app/?cid=865853","fqdn":"xz.tpiej.app","domain":"xz.tpiej.app","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:17:55.092Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /?cid=865853 HTTP/1.1\r\nHost: xz.tpiej.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":1356,"timings":{"blocked":0,"dns":707,"connect":317,"send":0,"wait":0,"receive":0,"ssl":330},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"xz.tpiej.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/config.json?t=1767950","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/config.json?t=1767950 HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en;q=0.9, *;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nlanguage: en\r\ndevice: 342d4310945132c09809a89cbfced7fa\r\nx-version: 7.0.2\r\nX-Request-Id: 7442566f-166e-444f-b98d-2da794f2e0fe\r\nX-Custom-Referer: https://138.113.11.10:5001/normal/?cid=276788\r\ndomain: 138.113.11.10:5001\r\nclienttimezone: UTC0\r\ndeviceModel: undefined-undefined\r\nnonce: 7442566f-166e-444f-b98d-2da794f2e0fe\r\ntimestamp: 1767950282\r\nsiteCode: \r\nsign: DM7bAlQZ+/FGPWrv4A/loMLK0LN5dkE9NGodrPZ0InuZIHJutqZQyakTjaBlZOMl\r\ndevicetype: 4\r\nplatformtype: 3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: application/json\r\ncontent-length: 3\r\nserver: AliyunOSS\r\nx-oss-request-id: 6960C7CA1FFD113531974FCF\r\nvary: Accept-Encoding\r\naccept-ranges: bytes\r\netag: \"8A80554C91D9FCA8ACB82F023DE02F11\"\r\nlast-modified: Tue, 06 Jan 2026 10:54:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4208899406445584739\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.2\r\ncache-control: max-age=31622400\r\ncontent-md5: ioBVTJHZ/KisuC8CPeAvEQ==\r\nx-oss-server-time: 2\r\nvia: 1.1 PSxgHK6sh179:18 (W), 1.1 jp18:19 (W)\r\nx-px: ms jp18SIN, ms PSxgHK6sh179HKG(origin)\r\nx-ws-request-id: 6960c7ca_jp18_21289-59152\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8a80554c91d9fca8acb82f023de02f11","sha1":"5f36b2ea290645ee34d943220a14b54ee5ea5be5","sha256":"ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356","sha512":"ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a","ssdeep":"","tlshash":"c7200000000000000000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-05-09T15:23:45.942977Z","times_seen":381456,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api12978448132216478946546574.zcfhi.cn.com/ipacdn.txt?t=1767950282877","fqdn":"api12978448132216478946546574.zcfhi.cn.com","domain":"zcfhi.cn.com","tld":"cn.com"},"ip":{"addr":"138.113.100.55","port":443,"asn":54994,"as":"ML-1432-54994","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zcfhi.cn.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Wed, 01 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0B:02:6E:22:4D:B2:DE:B2:12:15:7B:17:5D:70:EA:24:30:6B:4F:59","sha256":"16:B8:DA:1F:A7:0A:FE:56:9B:93:87:69:54:04:88:9A:81:EF:55:E4:C5:EF:46:87:D6:D2:D8:DB:13:42:35:F2"}}},"request":{"raw":"GET /ipacdn.txt?t=1767950282877 HTTP/1.1\r\nHost: api12978448132216478946546574.zcfhi.cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/\r\nOrigin: https://138.113.11.10:5001\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: text/plain\r\ncontent-length: 2\r\nset-cookie: acw_tc=0a094e7117679502832638330e3f92698496540110ba4e91e3da97ee0290da;path=/;HttpOnly;Max-Age=1800\r\ncache-control: s-maxage=315360000,max-age=0,public\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-credentials: true\r\nvia: 1.1 PS-SIN-04A9N80:12 (W), 1.1 PS-CDG-04Aeg47:6 (W)\r\nx-px: ms PS-CDG-04Aeg47CDG, ms PS-SIN-04A9N80SIN(origin)\r\nx-ws-request-id: 6960c7cb_PS-CDG-04Aeg47_46218-48037\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-09T15:17:00.404515Z","times_seen":291294,"resource_available":true,"data":null}},"time_used":742,"timings":{"blocked":268,"dns":142,"connect":26,"send":0,"wait":200,"receive":1,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/zh-DouvtOpq.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:04.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/zh-DouvtOpq.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/js/index-DcgdwXkb.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:04 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 6953BA821C0FF73438CEF3F6\r\naccept-ranges: bytes\r\netag: \"91A18B33BCB17CBE7177A9787CB588BE\"\r\nlast-modified: Tue, 23 Dec 2025 08:13:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4086403456872508404\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.6.8\r\ncache-control: max-age=31622400\r\ncontent-md5: kaGLM7yxfL5xd6l4fLWIvg==\r\nx-oss-server-time: 11\r\nvia: 1.1 PS-HKG-040fc30:21 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 855370\r\nx-ws-request-id: 6960c7cc_jp18_21289-59233\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6177,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with very long lines (3848)","md5":"91a18b33bcb17cbe7177a9787cb588be","sha1":"6bb583a55da1cce82636a30be851a7524365f19f","sha256":"42bcdf3b44045ff2a7b927c99989b7b2b27900fea5551cf38048596bd8a6483f","sha512":"75ecb63cbedd9f208aa9ba807ef7686ce5b2995886c3777c54971900354961af15ba3a2719a0b632f56c2ea1f7a38eda677957acdfd9ddc861f693a48b15dac8","ssdeep":"96:fApPtkJV+RbBllseqL3pg+MEag9Yn4pKzt7qzAr9NOQg71pLDIoblBenYX33r:4pFyGnqzuJd4+Ms2QmPblUenr","tlshash":"ecd11ada47fc9eb8428602956f5b0884b0182df7e6e6c8e45fa689f53089f1f13131db","first_seen":"2025-12-12T11:54:03.023715Z","last_seen":"2026-05-09T16:10:26.340744Z","times_seen":936,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/siteadmin/upload/img/1857631094347010049.png","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:05.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /siteadmin/upload/img/1857631094347010049.png HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 30682\r\nserver: AliyunOSS\r\nx-oss-request-id: 6953BAD56B05E23136ED54F3\r\naccept-ranges: bytes\r\netag: \"3244BC5298D009249AF2EEF2D6D9EB1A\"\r\nlast-modified: Tue, 12 Aug 2025 10:36:55 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17888865220357971371\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=86400,stale-while-revalidate=86400,immutable,proxy-revalidate,public\r\ncontent-md5: MkS8UpjQCSSa8u7y1tnrGg==\r\nx-oss-server-time: 13\r\nvia: 1.1 PS-000-01uXU203:18 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 69326\r\nx-ws-request-id: 6960c7cd_jp18_21289-59247\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":30682,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"3244bc5298d009249af2eef2d6d9eb1a","sha1":"f2ac84d9049f8258b135bad20157d8874647ce4f","sha256":"7e8b85db52327d0b175e17e3a3606bd575892b7b9fdde9397b7244b9c37d9607","sha512":"c2be5c733b783e8557d84a25616d2cc14c84f1981b1cd88db00fb51d09e2180ab6bb3110ab9afb39b2bbcc96604eb983a5a9ae38feed6127930e0ce61f193315","ssdeep":"384:XuXuzFJlSVzRVxnz2FqwUoNoBIdNA46Cx3UxuU52CClKjpgbbNNZ76kUodFAJ:XxBXShRV2vWMG4Bkuk2Cp8pv+um","tlshash":"94d2bfaaaf5a05fbe535c73280e71f097cc3d67094a293510a6a151dac217b4ae2dfc2","first_seen":"2025-11-11T11:49:53.729784Z","last_seen":"2026-05-09T14:00:22.952217Z","times_seen":546,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":284,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/assets/index-CVAF5gOa.css","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:05.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/assets/index-CVAF5gOa.css HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:05 GMT\r\ncontent-type: text/css\r\nserver: AliyunOSS\r\nx-oss-request-id: 6953BA831C0FF734389BF5F6\r\nlast-modified: Tue, 23 Dec 2025 08:13:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 749684062084467238\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.6.8\r\ncache-control: max-age=31622400\r\ncontent-md5: ejrIuQyKQmG2zoWp9RJ5Sw==\r\nx-oss-server-time: 5\r\ncontent-encoding: gzip\r\nvia: 1.1 PS-HKG-040fc30:21 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 855370\r\nx-ws-request-id: 6960c7cd_jp18_21289-59250\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2839,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2838)","md5":"7a3ac8b90c8a4261b6ce85a9f512794b","sha1":"068fdb2be0db3359b5cdf55389a1901618d45268","sha256":"72245b629b9873ce45e6e5f36de7ff59d44143c867193ba16e68880c14a82cf8","sha512":"69d21da4b4419f996670ff9a5007b2eba3b60bb52e0cb1862daecefdecac525d955fe6cd6133e2f99c0c08427ea678b8f4893db86d93e565e404f997107a9950","ssdeep":"","tlshash":"c051257efb6f1416e637e1b67d444a0c2230f371620f0a84bed7781589cf54e38661a9","first_seen":"2025-10-09T10:05:02.884378Z","last_seen":"2026-05-09T16:10:26.362698Z","times_seen":4216,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/assets/index-Dym98j65.css","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:00.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/assets/index-Dym98j65.css HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:01 GMT\r\ncontent-type: text/css\r\nserver: AliyunOSS\r\nx-oss-request-id: 6953BA7F01B8FA363211CE96\r\nlast-modified: Tue, 23 Dec 2025 08:13:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7114102349978114472\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.6.8\r\ncache-control: max-age=31622400\r\ncontent-md5: ffYKlyaJtIZbfP7omjYn5A==\r\nx-oss-server-time: 1\r\ncontent-encoding: gzip\r\nvia: 1.1 PS-000-01iV5201:15 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 855370\r\nx-ws-request-id: 6960c7c9_jp18_21289-59090\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":26235,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26234)","md5":"7df60a972689b4865b7cfee89a3627e4","sha1":"946169c99991dc19abbccd82079619acc135a03c","sha256":"0a05e40574251e657c6acb03b569166d4dc1da4fd19bf38b41fb699763dc8226","sha512":"6d3c3c0fa8a54ccb2f2d42f947b89532765191ce5342c9b0c92320e3035893a40046f2fecad122622ec18f8fb02921c39738a01ca6bab6773c6f2fe49de96756","ssdeep":"192:FwYdgt4Fv1KxGOFANxE/MbpXI1Cn10rEEdprGa6PKl2wNgJwvUiumJWGFHzQMfay:MtuWAhNeXMvJA0u","tlshash":"57c2857fd76b12249427cd65a7c81f588218c523a5130fceba5376068bcbb8f35a528f","first_seen":"2025-11-11T06:03:13.782599Z","last_seen":"2026-05-09T13:23:36.64932Z","times_seen":1411,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/js/@vue-BJUJtGKq.js","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:01.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/js/@vue-BJUJtGKq.js HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:18:02 GMT\r\ncontent-type: text/javascript\r\nserver: AliyunOSS\r\nx-oss-request-id: 688CEE1DDA8A793438696AAE\r\naccept-ranges: bytes\r\netag: \"F06F0FD561EEA95C4FECCDE0746117B1\"\r\nlast-modified: Tue, 29 Jul 2025 07:45:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2765128482951630514\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v6.3.6\r\ncache-control: max-age=31622400\r\ncontent-md5: 8G8P1WHuqVxP7M3gdGEXsQ==\r\nx-oss-server-time: 2\r\nvia: 1.1 PS-000-04cT199:3 (W), 0.0 jp18:19 (W)\r\nx-px: ht jp18SIN\r\nage: 13883821\r\nx-ws-request-id: 6960c7ca_jp18_21289-59136\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":74100,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f06f0fd561eea95c4feccde0746117b1","sha1":"32c45886151948703a8ac692a48d3cce70aa25e3","sha256":"e228111590701d2db46eb9d8c2a4d85377a449f398bbed10a94ef47938a57c55","sha512":"88e3e6da9f043912c14291675ff91b5426e21fe36defd0cd318131e1b2a9c791fdd662697838cbc1a0a0bddc3139d5ce4e81f82108886153575d383aef0fe4a1","ssdeep":"768:8XCLkQJtg/ocN0MjFuPgDpt6RDMk/0jOVT/eFYl9E27OqX6MQYAMOxTlExfheEqh:9wSCqJCI2b273WNK2U40MH","tlshash":"917308e83092b46253fa19e2007b0406f3792d5a3849d998b16dfedb3e7241550bbfbd","first_seen":"2025-06-19T04:15:59.499735Z","last_seen":"2026-05-09T15:09:41.320306Z","times_seen":8049,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"138.113.11.10:5001/normal/favicon.ico","fqdn":"138.113.11.10","domain":"138.113.11.10","tld":""},"ip":{"addr":"138.113.11.10","port":5001,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://138.113.11.10:5001/normal/?cid=276788","date":"2026-01-09T09:18:02.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"138.113.11.7","organization":"TXNetworks Beijing Co., Ltd."},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 04 Jan 2026 02:09:46 GMT","end":"Fri, 05 Feb 2027 02:09:45 GMT"},"fingerprint":{"sha1":"86:B5:17:0A:5F:D6:6B:DA:B9:50:D9:56:BA:F5:BD:51:C1:B3:E6:5A","sha256":"32:FA:A4:59:E7:B7:27:F8:4F:22:CD:45:F7:F4:41:01:22:9B:D6:7C:8A:3A:CE:D4:07:75:9B:C4:AC:D4:1C:FA"}}},"request":{"raw":"GET /normal/favicon.ico HTTP/1.1\r\nHost: 138.113.11.10:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://138.113.11.10:5001/normal/?cid=276788\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 09 Jan 2026 09:18:03 GMT\r\ncontent-type: text/html\r\ncontent-length: 310\r\nserver: AliyunOSS\r\nx-oss-request-id: 6960C7CA1FFD113531B352CF\r\nvary: Accept-Encoding\r\naccept-ranges: bytes\r\netag: \"EFC88B8CF48643A977DEE8EBEE5AAE3E\"\r\nlast-modified: Wed, 07 Jan 2026 15:53:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12598442108753170511\r\nx-oss-storage-class: Standard\r\nx-oss-meta-version: v7.0.45\r\ncache-control: no-cache\r\ncontent-md5: 78iLjPSGQ6l33ujr7lquPg==\r\nx-oss-server-time: 4\r\nvia: 1.1 PSxgHK6sh179:18 (W), 1.1 jp18:19 (W)\r\nx-px: ms jp18SIN, ms PSxgHK6sh179HKG(origin)\r\nx-ws-request-id: 6960c7ca_jp18_21289-59177\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":310,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"efc88b8cf48643a977dee8ebee5aae3e","sha1":"50b89d535d399493558d0bde1b3225c80548eb2d","sha256":"68f62426c319126501255a6007a3eafcbe6d6b1cd1cfbff9356a7f074ec69feb","sha512":"a1a87517d23d55ac01901a3e09b67bfae830c429739faee843c00151a66ad96e31b831402de959a664aa403e90e88258db641d3dbfefc066f2bde9f80839df53","ssdeep":"","tlshash":"63e0c2c384f2940da155426109e1f2081aca95eb5b47984e3dcda7289f8ab4dc9d798c","first_seen":"2024-12-11T10:09:32.928381Z","last_seen":"2026-05-09T16:10:26.332846Z","times_seen":15191,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}