{"report_id":"1071faea-1672-43a3-9986-a89439ea69b5","version":6,"status":"done","tags":[],"date":"2026-04-14T18:34:52Z","url":{"schema":"http","addr":"363999.cc/index.html","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":0,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"363999.cc/index.html#/","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"title":"bet365","dom":{"size":87324,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (44862)","md5":"85087cee02511465ff6953dc8625518b","sha1":"d78f3f99a9fbfe8bf7d3a09acf1c7436d5f46e1b","sha256":"f08ff40112128d20355ab900e5bb0b33cbefeda13850c4f57aa8f46b2a243159","sha512":"b78a59620a9c1ccbd83198ec2beac8429bc8f8bba145624868d0295b65df79b3a0a78e2c4927d5405b071b96737c42b4a20cf9aef6fac8946155f661ae930cd3","ssdeep":"1536:KW1rwU1BAUkIDL39yK5hrFem0LTgaBXOX7tlqZ:KWBwU1BAUkIDL39yK5hrFem0LTgyZ","tlshash":"e8831fa64890224991330a55cbdc8f68573dc767a8734cdf335a384f8b82bed239e657","dom_hash":"domhash75e593dc79931e20d08f08f8a126d2e0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"363999.cc/index.html","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":0,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-19T18:34:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"img.alicdn.com","ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2008-06-25","domain_rank":61670,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2026-04-09T01:39:54.782952Z","alert_count":0,"request_count":21,"received_data":1538438,"sent_data":10059,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"ai-bmp.segplfnmys09img.com","ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-02-06","domain_rank":0,"first_seen":"2025-05-17T01:48:26.587569Z","last_seen":"2026-04-14T07:37:55.109613Z","alert_count":0,"request_count":8,"received_data":933234,"sent_data":3842,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"363999.cc","ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":415,"request_count":83,"received_data":3253282,"sent_data":80680,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Tencent Waterproof Wall","description":"","website":"https://007.qq.com/","common_platform_enumeration":"","icon":"TencentWaterproofWall.png","categories":["Hosting panels","Security"]}]},{"fqdn":"j-raw.img9ra2khc1.com","ip":{"addr":"47.242.232.127","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-03-15","domain_rank":0,"first_seen":"2025-08-27T22:22:09.03595Z","last_seen":"2026-03-31T02:30:38.804684Z","alert_count":0,"request_count":2,"received_data":112236,"sent_data":961,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"ipwho.is","ip":{"addr":"172.66.175.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-29","domain_rank":18239,"first_seen":"2020-06-08T11:52:47Z","last_seen":"2026-04-11T14:08:11.052553Z","alert_count":0,"request_count":1,"received_data":315,"sent_data":414,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ssl.captcha.qq.com","ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"domain_registered":"1995-05-04","domain_rank":744414,"first_seen":"2012-11-03T19:41:33Z","last_seen":"2026-04-10T03:52:16.924148Z","alert_count":0,"request_count":1,"received_data":101081,"sent_data":412,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"cstaticdun.126.net","ip":{"addr":"47.246.50.191","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"France","country_code":"FR"},"domain_registered":"1998-02-28","domain_rank":474446,"first_seen":"2017-06-21T07:31:41Z","last_seen":"2026-04-10T07:57:49.828861Z","alert_count":0,"request_count":1,"received_data":37118,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"363999.cc/static/js/vendor.810e3659.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bedee06bf1ecb74b16963accf47f1ee6","sha1":"102f1c066510b32156187a6a5ff2c151b77a2dfb","sha256":"199457c90e0803a10a5c4174a483f38d5ba0b06027c04b9db34f3272776a322b","sha512":"d04929f148f711c5add137877a2166212c3dc43b3bec7e2967b270485b251642c1cc78541bc1ed401126058cff5157b61ab12c044550a6cb59108bdc2a495e58","ssdeep":"6144:RP172NnKnxIA3MYCGC2RcfyfSkiARCONEgHfPcdFvBX+M+BdmvUW6Vd1SUGaaNA5:FYnKnxIkzcfWiwxcxRb8W6PAaaknP5","tlshash":"1de4e7cd7692f0a243f321b6402f640bb37a6959680d8550f251e8e5bcbd95e923bf3c","size":714345,"data":"","first_seen":"2026-04-11T19:27:24.407746Z","last_seen":"2026-04-14T19:44:49.905541Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/main.4536b28d.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"92b6393179be80ded0e05c0ac32a5ad2","sha1":"53bfcc801a0739aa0d38d1792b0aa8a075831104","sha256":"7f532978edd466089064b9e294b2c576bab1b84fd461a60bb3138636d496974a","sha512":"0f5b33eb6824c33d2225b833842300a3edad755685c250a1126e3cf667edaf2edafef515f275d6c658d00894d0768ed290f91aba828080d1936f714cac798fd8","ssdeep":"3072:63F+4srju8fALtcdi70YF4YRqHmFfDwCEnGah1l0f/uDoDU:UFhqaLenilU","tlshash":"eca4e849b141b8ab03f3a17a802f1559f2b52895a54c8c50f368cde7f9f6558a32ff38","size":465928,"data":"","first_seen":"2026-04-11T19:27:24.472855Z","last_seen":"2026-04-14T19:44:49.900534Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/5.0515d292.chunk.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"722920a55682db2e23b7e787b7eb950c","sha1":"db7693664f979024e1f2a12713fe1067c7aa4abb","sha256":"860d9ce25f30fe7fffbbfdf61539fb90807bf42c341c2e030978b213a32b19d1","sha512":"bf5dec3c8d57c1a5e4e5c08a058bd3e5f956a136bc395e69b8ddd7e26ff88ecbf0e658ea6ad48e19df4007287270148136c665346974204364647f5b0d917e61","ssdeep":"1536:NArEPoOkMAwX/NwU1BAUkIDL39yK5hrFem0LTX:NAoFJVwU1BAUkIDL39yK5hrFem0LTX","tlshash":"bfb3749658a0214990330956cbdc4f68973cc75768724cee3366ac8fcb55bed23ae723","size":107470,"data":"","first_seen":"2026-04-11T19:27:24.315922Z","last_seen":"2026-04-14T19:44:49.931264Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.captcha.qq.com/TCaptcha.js","fqdn":"ssl.captcha.qq.com","domain":"qq.com","tld":"com"},"ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"75c02f2babf85e1cccb5b29fd34a6366","sha1":"0857d7722946b19654ad88957b53395ddb038166","sha256":"621017b9793196f9f116f358191e84ead52da9d385ba7e84e43d2dbe265acdba","sha512":"9e60ede7c1bcf037d1e1f261c897a82000a9d1522a48dc24469220007f7701026b3ed2aa344204d5cb2475b65c7daac66c8ca658292aeac3061a7ede7302dffe","ssdeep":"3072:UkxTYeu24ozqA9/hISgSGO3excrmPQ0Ds3:FzqA9pIlnO3eyjys3","tlshash":"e4a318deb3f1762d05ab6194cc3b9d8e68374c508018f175cfb9c687b628589921bf3a","size":100834,"data":"","first_seen":"2026-04-13T09:36:01.244733Z","last_seen":"2026-04-14T19:44:49.91847Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/manifest.980d8531.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"fdd0500956408e0c554a63d74b4a5e1d","sha1":"4ba7dede6db71a4cb28c6dd11d26acec6af96d7a","sha256":"1abf41a7c5810b899afca4cfaf2b4cad6efb5792ba43be0b7c245f1f21923d2a","sha512":"efdba62b95fe00f3d2913d3bf0d613c776b0baeb94a59e3b39099c46ae34752ed74075842acbc8db22d3abe40750499e6e1f4d9bffaa364126a07485cc39d7c1","ssdeep":"","tlshash":"a04181dd35d2b9d69bf75ca4022f9124e13d2d02ad6ded84d3c890617c30ca88226ea2","size":1999,"data":"","first_seen":"2026-04-11T19:27:24.359332Z","last_seen":"2026-04-14T19:44:49.943325Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cstaticdun.126.net/load.min.js?t=202007291602","fqdn":"cstaticdun.126.net","domain":"126.net","tld":"net"},"ip":{"addr":"47.246.50.191","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b84cb0a31b495c2f8e736f1e74a4cf8","sha1":"61e467e1e97108ee6abf81004f141e4347a36e85","sha256":"740ab6d450334fbd8d02a43abd926e6861406889956d4852eb5452bf237e844e","sha512":"5eede42cca78ef3ffcd6c2eb99e6c520cd7a6250cb2067316ee3454243aaafe14adbbab9cc31a809e4ef9cc68e2986d6fa99e09ad58deaf3248859ffe216997f","ssdeep":"768:9KHK1+h00zI0RAcKsErsQsLiz0I+/QtzfS5+8hfgVCMiE:9CyrsQa6tjS5D5gEE","tlshash":"5ef2d68cb690f4bb4ba76070813f920be13b5614b499c0e4b155e4e4adbd8ce5627f3c","size":36116,"data":"","first_seen":"2026-04-08T12:46:49.918052Z","last_seen":"2026-04-14T19:44:49.930745Z","times_seen":190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/733063748/O1CN01nN9OkC1dYdaVrUs02_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/733063748/O1CN01nN9OkC1dYdaVrUs02_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 47600\r\ndate: Sat, 11 Apr 2026 09:31:44 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5f39517758999038366705e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache23.l2de4[0,0,200-0,H], ens-cache9.l2de4[1,0], ens-cache2.se3[0,0,200-0,H], ens-cache1.se3[40,0]\r\naccess-control-allow-origin: *\r\nage: 291771\r\nali-swift-global-savetime: 1775899904\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31534821\r\nback_uri: /imgextra/i2/733063748/O1CN01nN9OkC1dYdaVrUs02_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 40\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145062e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":47600,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"2eb2c77fd1b9180ac0b1fccb38b9df0f","sha1":"516067b9a8fbf92b4fb1e01c370deff23e93c32b","sha256":"b038c7340f044361d500eb28a70ed3a2c8b63ce2fdd48106c9e72968448d5dc6","sha512":"2d986fdbbca2b09d4d16f7d6699d8e3f28247b1798560790042e5c4d905bcd05ab88276d3c884c6d6f0cadd38ee3280ffd36740f620075cdc9733e38038b1619","ssdeep":"768:HINhI9gvPjNPFG6ZNiXZaiPTtNSqhGqBmVgISz7ZwYiKJkhsiBW+V9D:HILIOjNPF3fqMi7tAq4lkiWeLY+7","tlshash":"ad23f29aa4048d8ec7d49ab74b60fca15c3d05fbefd1ba7894d927934680e59dc3402b","first_seen":"2026-04-11T19:27:24.381417Z","last_seen":"2026-04-14T19:44:49.920668Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":1049,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/bty15/20241029/GAMEIMAGE/2/IMSB/1730197613606.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /bty15/20241029/GAMEIMAGE/2/IMSB/1730197613606.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 65266\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BD0FA57931372943F2\r\nAccept-Ranges: bytes\r\nETag: \"61461DEFBD3C56BD9B03ACC0D7460E47\"\r\nLast-Modified: Tue, 29 Oct 2024 10:26:53 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1484773192588488675\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: YUYd7708Vr2bA6zA10YORw==\r\nx-oss-server-time: 3\r\nExpires: Tue, 21 Apr 2026 18:34:37 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":65266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 211 x 265, 8-bit/color RGBA, non-interlaced","md5":"61461defbd3c56bd9b03acc0d7460e47","sha1":"d6163f01189883d94a008e38be840db9f563408d","sha256":"31cda65ce75f332545aee8276faef667c1795407f97b23179cd1f96cbf33ab97","sha512":"7b63fb5c03f295931979d6d9503eddc6a8cab51b98710eac4e884ad48d7521670c98a0561bd0183f8514eea81074bd990bf29f578f079b7403c35ea298ab7408","ssdeep":"1536:UbCnn4OwmI0oI0r/TkRMwks6If/XPCGnQBVZZrnw2UZX:vnn4m9+z03PCrDUJ","tlshash":"b353025c79e8ccb994163690e53f21d58bde732c11d91811ab7ef0ea1482edb27bce18","first_seen":"2025-10-17T01:07:58.8892Z","last_seen":"2026-04-14T19:44:49.951561Z","times_seen":63,"resource_available":false,"data":null}},"time_used":3177,"timings":{"blocked":2612,"dns":0,"connect":0,"send":0,"wait":283,"receive":282,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/a15.a86497eb.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/a15.a86497eb.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1981\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-7bd\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1981,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced","md5":"a86497eb1c6f3fa7e286eafe5c0e8c44","sha1":"ba95a5887fa5baf565ef12436e2d0be61350c91f","sha256":"2931042b2435abb9574f461a774fdcd51d111880c3685ea70f642be58c0636df","sha512":"cc902d01069cda087b2ac4fb76110d77cd2e628236fdd22aa794f8da92ce34c8d3f5ba828bf423fafdb8eb6f7bf4b58761c55ccb1076d4d43b2ed04e2ef45ed2","ssdeep":"","tlshash":"c941285cba847ca152aced2058e4ac7f1a175840ede0a180be8bc08b5e542faa84d1c3","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.953072Z","times_seen":1366,"resource_available":false,"data":null}},"time_used":1804,"timings":{"blocked":1481,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/gameBg5.5ff40831.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/gameBg5.5ff40831.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 79142\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-13526\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 590 x 200, 8-bit/color RGBA, non-interlaced","md5":"5ff40831503057fd7a34d6ac9a81f9d8","sha1":"dfc27195d714ece16f2921fb4d024f8c01c02507","sha256":"aad9309f3a99f9efb384c81edb93630dd802bee8edc124d3bbf963a7c5b6fb3f","sha512":"df7d96ad2b887085db98cecbb176ab58e039ba9706cb038b37602dd15b00772ba2868efc0df3efec3b878ee9c913c2898164b480abf3724c246878a821b9462f","ssdeep":"1536:P2G70WKa1gKtsJGxJbLtPPUkNWkL3FX+rM1+nAmV1fbPPZNZ8t2:eG7LRvtsJG3HNUkNpLwg1Le1fbpgt2","tlshash":"c17302ad73ac4923f4d8d56f987b113feb023db7e5bc57159c8a72601c1d1eb894208a","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.944484Z","times_seen":2321,"resource_available":false,"data":null}},"time_used":2166,"timings":{"blocked":1510,"dns":0,"connect":0,"send":0,"wait":327,"receive":329,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/webconfig/findByBroadcastConfigList?showSource=1","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/webconfig/findByBroadcastConfigList?showSource=1 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916739088168e003d659a800f7f73ff9292cadf20fd3a6e1c;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2052,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"2e08eae5bba0826dbe2fd6d9fad099e3","sha1":"05a6e9726e823b4de1ee8adba2a29cbced6ebcbd","sha256":"07fd73dc790e8ea9b8b04f16e19f355ef2a2ade7fc76c2488dea952fe7c3c99b","sha512":"8bc464c006d3ab7ba1cf30c4571f5a5a4c7af96e7c447e6e15962786a8fb411bd9be8ca787d34a048cde707444b7a2428655b5bd6e9db81dbceb40c1b8d9026c","ssdeep":"","tlshash":"a0414c92a2cf08696b3795e488a91b64c12e0adfc401fe8c446eaf444ba56f32211dd6","first_seen":"2026-04-14T18:35:05.671146Z","last_seen":"2026-04-14T19:44:49.923313Z","times_seen":2,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":293,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/dervice/getQqAppId","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/dervice/getQqAppId HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916742173170e0039119bdf9a5c5a98b7e32919c8f3a4419d;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"812edc333c432907fc0dc8e02cca41b4","sha1":"efa71879fb41d96f5a0febd3bf36d8af1bae803e","sha256":"4d4ac26bec782811a3c1513d95bf55146a9474a5ee738bd37aa75b4db28923b4","sha512":"652967f7863e4dfb274164369a4d0d040e75660380facd01e94a090bbb3257df07e0a97bb7c433758850c8faa7952f7d40513235c7e32458f92ce2d0558f11d9","ssdeep":"","tlshash":"59c08ce92b9808430d27c8840859661d718c32a686c83b94814aae0266a46c89908024","first_seen":"2023-09-02T03:46:07Z","last_seen":"2026-04-14T19:44:49.95252Z","times_seen":57,"resource_available":false,"data":null}},"time_used":937,"timings":{"blocked":579,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/webconfig/findByRecWebConfig","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/webconfig/findByRecWebConfig HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1966,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"159d67574adfbb0d06d0f005e66917b2","sha1":"fbe4cc105baf457eb5963212b292d0ea83c08afa","sha256":"ba867a1d5fa438be2f777e5560be37ff5fe739e1a2d33972fb0cbc9bd0769fd8","sha512":"a174acfa2207c260cdcf0c435217b116e018bf800f207c4d1e37fa41112730dec2013c3171f9d618c388b2ac0cf78e3bb8b516e7574f0be6abbb2ad95e9009a1","ssdeep":"","tlshash":"af410eef4788852f87af87ee289fb938c87d469740829c8fd0561e6a80bc5e1124cb01","first_seen":"2026-04-11T19:27:24.294638Z","last_seen":"2026-04-14T19:44:49.934021Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1366,"timings":{"blocked":1000,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/arro.77f0350d.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/arro.77f0350d.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: image/png\r\nContent-Length: 1118\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-45e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 6, 8-bit/color RGB, non-interlaced","md5":"77f0350d80e88b9a7a1e073e7cec2f43","sha1":"60ecac41dc69eec39fad5b4d3a6c7560ea78a736","sha256":"2ffb48e40be2171aee94ebc4ee87e839f87af841fd0becb6452633a8128407f8","sha512":"8cd44aa87d63820d49979a6f223582fa05424d3f74dc2ae25bd7de56685b9f796f2fe387a59c385cd90500fef67d6bb256f19f5504338b079e16741531530d22","ssdeep":"","tlshash":"c121466df6512841e2c9f76234f5407b5b371880cea4f05abacec0935db91f658288e7","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.901849Z","times_seen":603,"resource_available":false,"data":null}},"time_used":1564,"timings":{"blocked":1250,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/videoBg.4ce7ca87.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/videoBg.4ce7ca87.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 13984\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-36a0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13984,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 141 x 166, 8-bit colormap, non-interlaced","md5":"4ce7ca8764d5cfcf5ed1113aa4f69f42","sha1":"44e6751e22647581545d02e6b73649739e3fdadb","sha256":"9132b664f4fcdd8fdf2fd5dc1fc220f8bd2df747c06f9ffc4824beec1ec0fcf1","sha512":"56392760bfecb21c08868426cf86d16f7d7e9080ef8b0b8fd6915eaeec17cf246dc7ddc0aa32a06d18b96ddcabf305b88fde2d2db304d82f721896857ddb51e1","ssdeep":"192:gRgNzz7mz1VF7Zn9Sz+/8o4DT2GfXlz2DKxww/pGz01L8KYm5PfsHk8wnxHgO3f4:eSzzeF7BtYCggz01LTYO+wxH/izsqWe","tlshash":"b852d12c0f1869e88a95b3745bd41cc2d7df15ea328d4c1dc8f6b674494b9e947e4224","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.953528Z","times_seen":1789,"resource_available":false,"data":null}},"time_used":2698,"timings":{"blocked":2383,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_THQP.6bdd5ad9.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_THQP.6bdd5ad9.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 2833\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-b11\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2833,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"6bdd5ad9d4099739e01c78f009e84af7","sha1":"337487d219eb37f163526c3240d59657c343d162","sha256":"e464948183a1172d7943b6c0fb0fe72377f9526a3b5dc180a1a7b42784558f94","sha512":"4dbce6231fbbaf0eefc7d0e30e69ddc511326ebab8dd1c8411f77ab70888686c745342ee56cde307f78f868b3f6416f25a18eaef1dfb8383b749bed7acc70bbe","ssdeep":"","tlshash":"e7513c5023988506e38ecc75948d6a30a677b7159de303df3b6e98d61c32d2806d31ee","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.930213Z","times_seen":762,"resource_available":false,"data":null}},"time_used":2029,"timings":{"blocked":1717,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/Video.c8cf615c.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/Video.c8cf615c.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 2738\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-ab2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 118 x 53, 8-bit/color RGBA, non-interlaced","md5":"c8cf615c5c1588158a7552dc18393cfe","sha1":"ab40bd3620f6c0fbb0b76ef68844c481d4f7011c","sha256":"2ad432aad38dac62b0cba9f117c30bcc60359c7ab3f417bdff3b483accf569a5","sha512":"206971a6108f705e0c28628b4349d82e31279ad704a667d3d1e498a03b0883257a289e3d1d7412a9b4772ec6cc69066cfd54bb0dc4bd9a405607ac85ab1de8e3","ssdeep":"","tlshash":"48512b455b642edcdbcb876f2ae6ea32701c810effca65507ac424421ade7c10911b9b","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.905047Z","times_seen":1103,"resource_available":false,"data":null}},"time_used":2387,"timings":{"blocked":2076,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/FW_server.4722b8ec.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/FW_server.4722b8ec.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 5140\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-1414\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5140,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"4722b8ec1a582501d52dbaf8f3c7dda5","sha1":"64a148c179bf63c4e73b0b37e7baccc297423c8f","sha256":"f7aef7b227ad9f867525868c8d355650fc348f092262e153b10a6489af4023fd","sha512":"17772dc55ff262ff3e9891f58dd09d7f26bf9d60530d99fe13363abd46120c5157b5746b24b2ca66e72a8e775ec0f23dfbc71509ad0a748554baa5de7efb9a86","ssdeep":"96:EIslEECGVLeTT+VrE3ezhpwARIcT8x2WM+jw13KaGyjSxfM2KfzK:EZja33O8wIcTtWvjwUB8S1M2KfW","tlshash":"fdb18e73bca38c8d2c6f509fdaa095b2ac55c68d3b53fbd418a6c9b1541ee2c6e58102","first_seen":"2023-07-03T04:38:14Z","last_seen":"2026-04-14T19:44:49.921759Z","times_seen":100,"resource_available":false,"data":null}},"time_used":2463,"timings":{"blocked":2134,"dns":0,"connect":0,"send":0,"wait":328,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/index.html","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-14T18:34:28.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:30 GMT\r\nContent-Type: text/html; charset=utf-8\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-4b3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tencent Waterproof Wall","description":"","website":"https://007.qq.com/","common_platform_enumeration":"","icon":"TencentWaterproofWall.png","categories":["Hosting panels","Security"]}],"data":{"size":1203,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1203), with no line terminators","md5":"755e2e4b21696ff5006456c93326c66b","sha1":"68c3fc0f15548da728d185c2b065cb6825b0e01e","sha256":"ea4829035e5f2fda08b02d34ad89781d1430e5dddb3dc8091fd678263f618c98","sha512":"67341464c14ca55628572288c79ff8007445ce0447a2d1235b3eaf3dd48583f9d0cc9be47bd95012cc2882492b06f5472af0f3cc030071f7e9a8ae59fedec1b9","ssdeep":"","tlshash":"f721c1524d05c48957200297f9b2f52ec00ad05ddfa1dc70e9e706ea6fd4b9e0c14d64","first_seen":"2026-04-11T19:27:24.46733Z","last_seen":"2026-04-14T19:44:49.937299Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2499,"timings":{"blocked":1094,"dns":15,"connect":311,"send":0,"wait":311,"receive":0,"ssl":764},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/733063748/O1CN014lSACE1dYdaXs9BP1_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/733063748/O1CN014lSACE1dYdaXs9BP1_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 30794\r\ndate: Mon, 13 Apr 2026 14:08:19 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: 9b66d7a317760892995318485e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache16.l2de4[163,163,200-0,M], ens-cache4.l2de4[164,0], ens-cache19.se3[0,0,200-0,H], ens-cache1.se3[15,0]\r\naccess-control-allow-origin: *\r\nage: 102376\r\nali-swift-global-savetime: 1776089299\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 13 Apr 2026 14:08:19 GMT\r\nx-swift-cachetime: 31536000\r\nback_uri: /imgextra/i4/733063748/O1CN014lSACE1dYdaXs9BP1_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 15\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365074e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":30794,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"d5d9f6e857b497e890dcdde5215b4507","sha1":"f79ebe566a19c189ce405a5f26d42dd91332a18a","sha256":"fec6b03c9f01068604817447e7a29871a70fbe1eefed5a0fbccde1d85a407d8f","sha512":"1b4604d08b83122698ad4a1b3c234819d631cb8d145a885eb9b2990c392384190d5e32012577138d08778dedc5d0684e73a17e8870b0ee74f3b66adb58c5d01a","ssdeep":"768:MG//APRK19Bg1Z2zOjIsei/M0LXz/ySFT5L06d/Ae/A:p/K2Eqb2UeXT/55A6dj/A","tlshash":"51d2e154fa272c5adeb09af32811d59cfbcda4172f6baa790a69183724b0f114f4b610","first_seen":"2026-04-14T18:35:05.676906Z","last_seen":"2026-04-14T19:44:49.949314Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2330,"timings":{"blocked":1130,"dns":1054,"connect":8,"send":0,"wait":60,"receive":1,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN01dlKfSY1dYdaW3YN9Y_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN01dlKfSY1dYdaW3YN9Y_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 62052\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:40:24 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.026\r\ntraceid: a3b5f39717759006436064196e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache39.l2de4[0,0,200-0,H], ens-cache32.l2de4[1,0], ens-cache23.se3[0,0,200-0,H], ens-cache1.se3[18,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i1/733063748/O1CN01dlKfSY1dYdaW3YN9Y_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 18\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365078e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":62052,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"c770ab4b524fc26518d1ac17a79394a1","sha1":"b6c51f97be027ca2777d02a3c3a30038d5aa89e3","sha256":"866ce8bf951f9618d47caed17cbcd187e19475dd37b9da790405ad2bccf13dc2","sha512":"617c2bd56c0db76d023703da70e52baa17fb59ce0d342b85fcb4f2f36b24f381c729f59caf66f5a3dd952da897b325feb1199904f4229924285f7d80f0a10fe3","ssdeep":"768:fBovCTbKW/x1Y7qczEJtEJ9dG6G8pLSd0crrMe2a1yvzyJuhYNQ0fXke8+IWakJg:phbKAbY3Stubtb1cRJ1Y+JYlpsrlQv","tlshash":"5653019931cdcb0388a7a9247f22c73d1392e25f8a152556eed0c15238d7cc1adbeb83","first_seen":"2026-04-11T19:27:24.455331Z","last_seen":"2026-04-14T19:44:49.936738Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2320,"timings":{"blocked":1110,"dns":1039,"connect":11,"send":0,"wait":84,"receive":1,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN01Sh8wFS1dYdaWRrT4T_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN01Sh8wFS1dYdaWRrT4T_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 51214\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 08:36:04 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.039\r\ntraceid: a3b5f39717759006436694313e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache21.l2de4[0,0,200-0,H], ens-cache8.l2de4[1,0], ens-cache2.se3[0,0,200-0,H], ens-cache1.se3[22,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i1/733063748/O1CN01Sh8wFS1dYdaWRrT4T_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 22\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145056e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":51214,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"218f5798ca485fab1fa912980ebc865f","sha1":"079c2a1b4a8c5ebfdc3d13641603f734e77bfa1b","sha256":"2364583c914362ae53c79194daac041fc72017ef83e4e1e30641698d413a4ffd","sha512":"77e01f32d4706cd409d2243ff25457cfc73a54b00b5aeddc0ae270a49b6a294a7d7c65e22f84e2aff74bced15596c612113b919565280547ce3df6c7de7b06e6","ssdeep":"1536:sxbh/p6GjNPiWXnucRPrZKCzPv3YctBcfheDX6ZdCAi:sxhp6gPiKxbX3Pahc6af","tlshash":"1a3302059198f901f47623f6d9a90f32a8c06b5277016d873cdafb56f2aa47448c235d","first_seen":"2026-04-11T19:27:24.450906Z","last_seen":"2026-04-14T19:44:49.917007Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1143,"timings":{"blocked":1088,"dns":0,"connect":0,"send":0,"wait":53,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/popsys_title.2d5d480c.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/popsys_title.2d5d480c.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 3260\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-cbc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3260,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 119 x 31, 8-bit colormap, non-interlaced","md5":"2d5d480cc554ae9979b616cb38e9f4f8","sha1":"ad466dd11156f3d78c9106fcca06970220f64ad1","sha256":"4734a186ac038a4f31b5140398fc77907475b46f9830f9396fd20ed24d416a6f","sha512":"ca119e7c6a64667fa8e2c2e53a8d7abf77ae9160c5299bd4a98796ac59b8dfb8bae4a15bcf42abd0e14758c818c66c2697bfee7272d1e58650ab7101430d3d0a","ssdeep":"","tlshash":"e5612ad0416aad98e3ac66353143648e7e6cc44d91d7da8e26af33821b8b782d428696","first_seen":"2023-07-03T04:38:14Z","last_seen":"2026-04-14T19:44:49.917573Z","times_seen":101,"resource_available":false,"data":null}},"time_used":3880,"timings":{"blocked":3555,"dns":0,"connect":0,"send":0,"wait":324,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/733063748/O1CN01uTQBYJ1dYdaRTCeho_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/733063748/O1CN01uTQBYJ1dYdaRTCeho_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 48521\r\ndate: Sat, 11 Apr 2026 09:30:18 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5329e17758998181931501e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache28.l2de4[0,0,200-0,H], ens-cache10.l2de4[1,0], ens-cache6.se3[0,0,200-0,H], ens-cache1.se3[15,0]\r\naccess-control-allow-origin: *\r\nage: 291857\r\nali-swift-global-savetime: 1775899818\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31534735\r\nback_uri: /imgextra/i4/733063748/O1CN01uTQBYJ1dYdaRTCeho_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 15\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365070e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":48521,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"3911f37aea1ec8aaffb4ffc292e945fe","sha1":"d01747b65e7119388ba1e2d022fa921c8ba6d796","sha256":"23498dcdca60c53a174aa90def12d82b879c1dff5730cbf4e8345368a6782b97","sha512":"7c1392ec080b7c87025096bb214bae242588060ad73553113dfe49e02e7d2d580a978ca6427982587176a39ea86e83cd78fd119e27a2fc28960df6fbe71ed31d","ssdeep":"768:5pNaPLwR1RWCG6bTZ70/yZ4JK74WkosQNecnnF2Oj312M0t5Ttkl9oxjaVQFj:5bvhTbTx0auyFedtkMx+U","tlshash":"3e2302005c2e760dc2c45d928a94fd8639192ad731f2dcd7be87cf9598a7db01fc26a8","first_seen":"2026-04-11T19:27:24.291931Z","last_seen":"2026-04-14T19:44:49.907132Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1102,"timings":{"blocked":1040,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/bty15/20241019/GAMEIMAGE/4/PGDZ/1729346009977.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /bty15/20241019/GAMEIMAGE/4/PGDZ/1729346009977.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 201168\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BCE9382734373A1437\r\nAccept-Ranges: bytes\r\nETag: \"250DB9C74E2D34AA897B3F4834810E35\"\r\nLast-Modified: Sat, 19 Oct 2024 13:53:30 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14598016933134191990\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: JQ25x04tNKqJez9INIEONQ==\r\nx-oss-server-time: 6\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":201168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"250db9c74e2d34aa897b3f4834810e35","sha1":"5efd66a5333f9701e5695e66d2323667246bf501","sha256":"2efb5b37751a548305eee6f81e637baf7a46698727e6ed0d943f206ca25dc44a","sha512":"668e0bc04ebb67261595d037ebc300d918adb7b059e7f6e98961cb0d7c08d652718c4fdf791b04c754e206820142ccf6e2ff06df572da257b167e62440c5b35c","ssdeep":"6144:RaVlf9i2p3TDNWR2tH4FNctow82pm+41+:RA9Bp3PbYr6x8yig","tlshash":"c0141204a746acf6d5b7c173ec27c260c772145e9b47b6825397d9b0e883b1a7ce7202","first_seen":"2025-01-05T17:32:57.314037Z","last_seen":"2026-04-14T19:44:49.922874Z","times_seen":34,"resource_available":false,"data":null}},"time_used":3207,"timings":{"blocked":-1,"dns":61,"connect":274,"send":0,"wait":547,"receive":827,"ssl":1491},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/memberManager/checkMobileLogin","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/memberManager/checkMobileLogin HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916743188281e0039182588175a3597d1682e83c18c2f9484;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":37,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"04a15be29d9e664a9211d14f730a5263","sha1":"a41f7d4f5f1d44bcd52e2cba46e1687e69b016a6","sha256":"9d708a8c6fba84dee214f2573029eb53a2464719941b95f2eaf13afe9a37c3ca","sha512":"e568ce71ca8858b6507c0f263e0920bc82789bdcf7f093ef0f1138b1f264787d2098733b5c6c1f69f054fd465efa0a3e430c6850ea7fd2d61f879615b77f0c84","ssdeep":"","tlshash":"07800450341540130c44444c040457115d3155540d0513f4c1cdd1117044dd0d007410","first_seen":"2023-04-26T20:57:49Z","last_seen":"2026-04-14T19:44:49.923792Z","times_seen":798,"resource_available":false,"data":null}},"time_used":1007,"timings":{"blocked":643,"dns":0,"connect":0,"send":0,"wait":363,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/app_text.5c47b6b4.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/app_text.5c47b6b4.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 801\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-321\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 84, 8-bit/color RGBA, non-interlaced","md5":"5c47b6b4d2f3f7a1488a000e4e59e0d8","sha1":"9c0ee73429d47087c235c389c6089d43cf03faff","sha256":"c5ef3f437bb30990c937a715aa2e11da55025d46bccb03eaa38e852a451c5d0e","sha512":"bc992a4e8aabeaefc13631c45da39a8b3bc64c7514b1ecfa2430e32672e4b00cd75be82111af4863fc67ba5922228ca5045764069cbf424e1e91953339f18875","ssdeep":"","tlshash":"440186a962508bcec5cb567dd83610d3671a90e0829941ddeab1a9f46c4062bd00d202","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.915509Z","times_seen":1359,"resource_available":false,"data":null}},"time_used":2013,"timings":{"blocked":1687,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_MTDZ.a19b7e2f.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_MTDZ.a19b7e2f.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1586\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-632\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"a19b7e2f37d6cbc9195c622e1fa7babc","sha1":"58b92b0ac53dd255b6d102cc16b6bcc628305c0f","sha256":"012d020855cf0b6f731ae1d9b41c2a250dfa87454b362044afcb1e216683f1ec","sha512":"99dc08bb010e3aefd41ab2147bb07f02e530c9d02daf6b82a57c1213c6e200b43240b39a6ad50c011527186c56269c8016feeff894fb84397904e1be72bf589b","ssdeep":"","tlshash":"c231e7f5504158ce646b5d350cd04358f1a74a7e272a34415ab763a5426613d1bc6b36","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.941585Z","times_seen":1258,"resource_available":false,"data":null}},"time_used":1723,"timings":{"blocked":1412,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/manifest.980d8531.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:30.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/js/manifest.980d8531.js?1775895824120 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:30 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-7cf\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1999,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1999), with no line terminators","md5":"fdd0500956408e0c554a63d74b4a5e1d","sha1":"4ba7dede6db71a4cb28c6dd11d26acec6af96d7a","sha256":"1abf41a7c5810b899afca4cfaf2b4cad6efb5792ba43be0b7c245f1f21923d2a","sha512":"efdba62b95fe00f3d2913d3bf0d613c776b0baeb94a59e3b39099c46ae34752ed74075842acbc8db22d3abe40750499e6e1f4d9bffaa364126a07485cc39d7c1","ssdeep":"","tlshash":"a04181dd35d2b9d69bf75ca4022f9124e13d2d02ad6ded84d3c890617c30ca88226ea2","first_seen":"2026-04-11T19:27:24.359332Z","last_seen":"2026-04-14T19:44:49.943325Z","times_seen":3,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/index_118.c137e92b.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/index_118.c137e92b.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735914823e00359bebc7cdeeb6967f926788ce6c13aa3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 37498\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-927a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 100, 8-bit/color RGBA, non-interlaced","md5":"c137e92b0bb1f532ef1988b06d4dcb88","sha1":"8ebfc9e94d9ba9bf90a9e44b8b5e1739cace8fe8","sha256":"47ce991e682ed9fa859ef76cd066d26b1b1f6b023356131b7197029ef49b9c64","sha512":"0ba4e8486b381f1673c7018dbb31bcf84f872879598b749630be77775fa3695456deec3c82ad61c2e2266091c594b969013b96dcd1815c8eb772dd85ce9593a3","ssdeep":"768:M/LhSQO29l4O9ALz3PzYWdQPDwoC2FGHRvKOLPBcWfKOU:M/NSU5yz37ndirCoSCMPB/fvU","tlshash":"44f2f257e83f93d309da5ac4a6f3d0bea62fd08e27b7091421e46522d2d42771f541a3","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.915021Z","times_seen":1831,"resource_available":false,"data":null}},"time_used":1760,"timings":{"blocked":1092,"dns":0,"connect":0,"send":0,"wait":667,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN01f11zlW1dYdaWRx2cv_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN01f11zlW1dYdaWRx2cv_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 167733\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:40:24 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.021\r\ntraceid: a3b5f39717759006436064190e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache21.l2de4[0,0,200-0,H], ens-cache40.l2de4[1,0], ens-cache1.se3[0,0,200-0,H], ens-cache1.se3[18,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i1/733063748/O1CN01f11zlW1dYdaWRx2cv_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 18\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365072e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":167733,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"ed9d8bacc43be48cf955baabbea39d6c","sha1":"c96d5f21797b5aa760308ecdac13c6a893309b9a","sha256":"8c1ca00b7821897e27f26af358479b2e8a1c629f81ad987f620dcc209881c2cc","sha512":"f0e5bedc7330bab6e54c77b18f73f5d370aeb94edbd2b5b1396768d417103f29a6a88c5df9c69211a3bcb802f5608bcbc4a6250de87430d48f1cdf1ec98e1e7e","ssdeep":"3072:2H3YpX423s/E0JZ2FHEwz3rNd2/IAY4BgENMDlN21xAdsqYui0yltaB:2XYt4W0D2FkwXIIZ1uwl8C","tlshash":"bcf3129eb139256e9ad36482f95fb28e159cc703f0e6446e1e081d74e4fe25c27b3878","first_seen":"2026-04-11T19:27:24.317857Z","last_seen":"2026-04-14T19:44:49.949817Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2334,"timings":{"blocked":1120,"dns":1047,"connect":10,"send":0,"wait":80,"receive":4,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN017sfuPq1dYdaWM2UmL_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN017sfuPq1dYdaWM2UmL_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 148224\r\ndate: Sat, 11 Apr 2026 09:30:18 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:30:18 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.030\r\ntraceid: a3b5329e17758998181931490e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache5.l2de4[0,0,200-0,H], ens-cache1.l2de4[1,0], ens-cache20.se3[0,0,200-0,H], ens-cache1.se3[40,0]\r\naccess-control-allow-origin: *\r\nage: 291857\r\nali-swift-global-savetime: 1775899818\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31534735\r\nback_uri: /imgextra/i1/733063748/O1CN017sfuPq1dYdaWM2UmL_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 40\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145060e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":148224,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"73fbf5d7c3dc9cf763239a21892ede74","sha1":"9ba89c1b783bdf28c22b711fcc06ea04eb952b51","sha256":"c371551240c80aba67bfa72dcd7742ab8e0e4c71365f6ddafa87c7a1d4060fa9","sha512":"abf16245a287dd16e63ddf3f7de4b450bd2a4da1dc63f12012256c90ab6357fab1a56ff222295df16d190091f14fb726ac34a66dfc115eb6b73efc7d59812b45","ssdeep":"3072:iJg0G7nl9DMaT6+gvx7xCLZv4ASa7NrOOTrdDy8Ku6yPAH:iJM7nXzDQVCt4/GN7d6yIH","tlshash":"52e312ac0809ac66a2e971e67ddc3f47f045899a2f244b9097dc2efb4c3464c7c847d6","first_seen":"2026-04-11T19:27:24.436793Z","last_seen":"2026-04-14T19:44:49.919678Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1130,"timings":{"blocked":1052,"dns":0,"connect":0,"send":0,"wait":74,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/favicon.ico","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:38.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:38 GMT\r\nContent-Type: image/x-icon\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-2ea6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11942,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"c6278f882408423fdebc5bfccce20a71","sha1":"6481240a9be4180b62f52a234ff5332d233a6445","sha256":"3a3215da4d96b2ba01d25034487306d5469de061a44515ef939d3b5e83990ba7","sha512":"99ec2e2156dabaf04163ce198539fd634bb2b2e0724ce3b66fbfe2b28bf5bddfa0696945a11da0ac6d7172912b50ddb5128f1796a6e99fecb4ed166b33b73a6c","ssdeep":"192:OnM8SMmHHpY0t2gzQLJ4om1Mok0YuDCRP8zJla2GAi5Ajz9/o3diBHpcv:OnM8SMmHKY7Qd3tokmDC+dla2EAF/1B4","tlshash":"7932aed4eaf59d7094fe6a6fa291021a880299412df2b8f6b8d754531dba2b00cb20c3","first_seen":"2023-09-02T03:46:08Z","last_seen":"2026-04-14T19:44:49.902982Z","times_seen":57,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/main.4536b28d.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:30.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/js/main.4536b28d.js?1775895824120 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:31 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-71c08\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":465928,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"92b6393179be80ded0e05c0ac32a5ad2","sha1":"53bfcc801a0739aa0d38d1792b0aa8a075831104","sha256":"7f532978edd466089064b9e294b2c576bab1b84fd461a60bb3138636d496974a","sha512":"0f5b33eb6824c33d2225b833842300a3edad755685c250a1126e3cf667edaf2edafef515f275d6c658d00894d0768ed290f91aba828080d1936f714cac798fd8","ssdeep":"3072:63F+4srju8fALtcdi70YF4YRqHmFfDwCEnGah1l0f/uDoDU:UFhqaLenilU","tlshash":"eca4e849b141b8ab03f3a17a802f1559f2b52895a54c8c50f368cde7f9f6558a32ff38","first_seen":"2026-04-11T19:27:24.472855Z","last_seen":"2026-04-14T19:44:49.900534Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2930,"timings":{"blocked":969,"dns":1,"connect":323,"send":0,"wait":332,"receive":651,"ssl":652},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/vendor.810e3659.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:30.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/js/vendor.810e3659.js?1775895824120 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:31 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-ae669\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":714345,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bedee06bf1ecb74b16963accf47f1ee6","sha1":"102f1c066510b32156187a6a5ff2c151b77a2dfb","sha256":"199457c90e0803a10a5c4174a483f38d5ba0b06027c04b9db34f3272776a322b","sha512":"d04929f148f711c5add137877a2166212c3dc43b3bec7e2967b270485b251642c1cc78541bc1ed401126058cff5157b61ab12c044550a6cb59108bdc2a495e58","ssdeep":"6144:RP172NnKnxIA3MYCGC2RcfyfSkiARCONEgHfPcdFvBX+M+BdmvUW6Vd1SUGaaNA5:FYnKnxIkzcfWiwxcxRb8W6PAaaknP5","tlshash":"1de4e7cd7692f0a243f321b6402f640bb37a6959680d8550f251e8e5bcbd95e923bf3c","first_seen":"2026-04-11T19:27:24.407746Z","last_seen":"2026-04-14T19:44:49.905541Z","times_seen":3,"resource_available":true,"data":null}},"time_used":3496,"timings":{"blocked":946,"dns":1,"connect":315,"send":0,"wait":332,"receive":1265,"ssl":634},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/js/5.0515d292.chunk.js?1775895824120","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/js/5.0515d292.chunk.js?1775895824120 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-1a3ce\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107470,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"722920a55682db2e23b7e787b7eb950c","sha1":"db7693664f979024e1f2a12713fe1067c7aa4abb","sha256":"860d9ce25f30fe7fffbbfdf61539fb90807bf42c341c2e030978b213a32b19d1","sha512":"bf5dec3c8d57c1a5e4e5c08a058bd3e5f956a136bc395e69b8ddd7e26ff88ecbf0e658ea6ad48e19df4007287270148136c665346974204364647f5b0d917e61","ssdeep":"1536:NArEPoOkMAwX/NwU1BAUkIDL39yK5hrFem0LTX:NAoFJVwU1BAUkIDL39yK5hrFem0LTX","tlshash":"bfb3749658a0214990330956cbdc4f68973cc75768724cee3366ac8fcb55bed23ae723","first_seen":"2026-04-11T19:27:24.315922Z","last_seen":"2026-04-14T19:44:49.931264Z","times_seen":3,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/webconfig/findByRecWebConfig","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/webconfig/findByRecWebConfig HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916746088303e003d77224d6df88d73f071795ee14a82315d;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1966,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"159d67574adfbb0d06d0f005e66917b2","sha1":"fbe4cc105baf457eb5963212b292d0ea83c08afa","sha256":"ba867a1d5fa438be2f777e5560be37ff5fe739e1a2d33972fb0cbc9bd0769fd8","sha512":"a174acfa2207c260cdcf0c435217b116e018bf800f207c4d1e37fa41112730dec2013c3171f9d618c388b2ac0cf78e3bb8b516e7574f0be6abbb2ad95e9009a1","ssdeep":"","tlshash":"af410eef4788852f87af87ee289fb938c87d469740829c8fd0561e6a80bc5e1124cb01","first_seen":"2026-04-11T19:27:24.294638Z","last_seen":"2026-04-14T19:44:49.934021Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1293,"timings":{"blocked":930,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/indPhone.37ee48bb.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/indPhone.37ee48bb.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 467617\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-722a1\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":467617,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 670 x 697, 8-bit/color RGBA, non-interlaced","md5":"37ee48bbc6a8f5f879e4dd59df635d15","sha1":"28b9d3f1a94e1f436a8c9ccf15f2e67a88c0456e","sha256":"0590c21305926d14f26d2b08a22089671cd56649ed96cc84599eaafa83cd9b4d","sha512":"148a313a11c2e5c18b82f486cbf420add7c8c6f1378b53be686d4d3d499af97388f9c0faebc587455b9b80364de7f7d446fb703a9ec977827caef2725f14ca18","ssdeep":"12288:hlY7w7hVjk8K/2tZkzVyNSSKh1Mx8ooKnUTZ:hAw96vKW1/qy","tlshash":"fda4234f7edf728a3473bb4f6b6696086d5abb844f690d3c33c82364261216938d5f84","first_seen":"2023-09-02T03:46:08Z","last_seen":"2026-04-14T19:44:49.910308Z","times_seen":55,"resource_available":false,"data":null}},"time_used":6324,"timings":{"blocked":3825,"dns":0,"connect":0,"send":0,"wait":312,"receive":2187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_BBINDZ.8791659c.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_BBINDZ.8791659c.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 677\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-2a5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":677,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 4-bit colormap, non-interlaced","md5":"8791659c475786baaf8b23c142b46aef","sha1":"31d1668fe9f0e5a7fa332ed2b1e18927fabc45ea","sha256":"f43b609419d28f4565d77f1346e04c208def6cedd8c6bde548ef49d5f47370cf","sha512":"9da751519dbd6ff0a7b8310321287c6128a1044b8ede4ac1511e45cece3de7b48bb662759a6d1c82f8cd7762ea574d04360fc393dbc4e6b9b64123a36cc43094","ssdeep":"","tlshash":"5a014ee232f30838f31163f7418b5642cf729401167b08a582d004a4084a72edca1cd9","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.907691Z","times_seen":2391,"resource_available":false,"data":null}},"time_used":1593,"timings":{"blocked":1265,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/api/resources/icon","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/api/resources/icon HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916738733596e00355126143803dd331afcff9a75e121df95;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]}],"data":{"size":1550,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"3699f15f295d0119e727ff022a51ea92","sha1":"57b44e84491836bcfbf35715558ea91c8659d421","sha256":"687d235cdce7e9f6f142f7639f42f622c1c12f5b979c49ca801772d77b6d06f2","sha512":"535b300f03b81997d1d85d2d32e091a239c9d0df99be347fd085d29b30fcf3b15120b526fecaaf2bc914973f60dc7cc561995ae0bda8a6d4885e6386922e162a","ssdeep":"","tlshash":"043186732b03f95eaf534d90725467ef4e10644332fb4979fad8592ad0c6194cb51861","first_seen":"2026-04-14T18:35:05.690625Z","last_seen":"2026-04-14T19:44:49.918979Z","times_seen":2,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":280,"dns":0,"connect":0,"send":0,"wait":343,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/733063748/O1CN01oIffX61dYdaW8QJje_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/733063748/O1CN01oIffX61dYdaW8QJje_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 91876\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5f39717759006436694307e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache13.l2de4[0,0,200-0,H], ens-cache39.l2de4[1,0], ens-cache5.se3[0,0,200-0,H], ens-cache1.se3[37,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i3/733063748/O1CN01oIffX61dYdaW8QJje_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 37\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145052e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":91876,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"0115cb482539c93fe8524ac6f6e4a3a7","sha1":"0d672031f79bebe98ff4b9f25f6c57e436d22bcf","sha256":"c94ce8138d95c7f68c35bd4de9246f918ba78673940c712da88e5f92f993f93f","sha512":"ad43b00117d24990ed0ecc23cc824cbac42d818221ad0260b73548fd6cfa0e09d50ed7ed3808e6e29454d2cc8b91c230160ead79cd7c30d2d67de49f1685e4a1","ssdeep":"1536:Lviut/01xaV63WoT3mGaoJPYbn1Dk8ZIgAOxQd0jyTwi4lEg5EKI0MkRkU:LvhtYxVmGXJgb1Y8Zled0jyTwi4uEEAj","tlshash":"1493122a6ef5154ac2d03fb4b8efcfd72ae84eac2b514060e1e0a64142e4795933d01f","first_seen":"2026-04-11T19:27:24.4335Z","last_seen":"2026-04-14T19:44:49.932382Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1160,"timings":{"blocked":1089,"dns":0,"connect":0,"send":0,"wait":68,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/css/main.e92456e7.css","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:30.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/css/main.e92456e7.css HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-3706f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":225391,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e92456e791558a24f6ad8f6297a47a7e","sha1":"aa4dd048f29bc1bd2406e8c2a9cd730be71cbcbb","sha256":"6bab9693dfb27f4d2c44a4864ed89c574a0e7626eac2725e46b914f6f9e56aca","sha512":"a9a0fa2771c827ce4998b1ace00a966d5817bbd511d18c4d6fd643602bbf2bbfaa55f71164069e9306fcd3dc044838a67884c9d956fc6bb11488b9c12d4c8eb9","ssdeep":"1536:gpsji0pUJyV2X9cTiAyyOaGjg4anUn/JJxgsjrrjrp:TiaV2X9cTiAyHg4aUnBpx","tlshash":"e824b532c485241eb137c9ad52e4faca615cd08bd5161fbcba3679a9ebc20d917b7303","first_seen":"2026-04-11T19:27:24.461965Z","last_seen":"2026-04-14T19:44:49.937948Z","times_seen":3,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":309,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/common/loginCheck","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/common/loginCheck HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916742728239e003dcb111a543bde6c71e0753e4b71ba8dde;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b6c178a501ceb685e2757fa9db54fb69","sha1":"0a33ea88a3874ac81ec3c73b3f51fffbbde1d772","sha256":"b070f7000dd0a05307b583aa31eec95e21922c2fe317aceae7ff0a348038d4fe","sha512":"b3a42bd2626e5aa7b0738261d7f4044f89c5c79ae5199ee705de7b7b50020d44a1a964e17eceb7b5ea63cab79c3eb355fba6fa211c8cd0c756b44293bb16f67b","ssdeep":"","tlshash":"829004015c4d40c31c404d5c01c30134175537470415075000dcd73153550f1d055c1d","first_seen":"2023-04-08T20:40:15Z","last_seen":"2026-04-14T19:44:49.901367Z","times_seen":1426,"resource_available":false,"data":null}},"time_used":973,"timings":{"blocked":614,"dns":0,"connect":0,"send":0,"wait":359,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_PGDZ.a8318358.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_PGDZ.a8318358.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 745\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-2e9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"a8318358857a0835754e6d59f0fdec6a","sha1":"9013de0c6562cdae0dafbfef0cf083683e4d425a","sha256":"c20d43a1817b94c7e311ead898ab68663629251369c4f5d5809c12204fbe88af","sha512":"12709df6b2ade893a4518a822ff831b7b15d62fcb319f8799979b449b82016f46b14a7053ec9ed5192ac88a31497e65fcf95e070b971c8825c2af2ff85eeb852","ssdeep":"","tlshash":"0c01b5ae4310963892207a45cdee9699c6a1456a8ae40873be6f8918ac0101c3c81b82","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.918028Z","times_seen":1357,"resource_available":false,"data":null}},"time_used":1489,"timings":{"blocked":1166,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic10.10094928.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic10.10094928.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 17427\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-4413\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 222 x 200, 8-bit colormap, non-interlaced","md5":"100949282847c89b9604688c11876685","sha1":"a74fa5405c636528575a8e61aeeee47358e4434d","sha256":"1ba829cb28aadd961c017747cb438635dd1cd96f850bf5ae1f0ac5d31c4169d9","sha512":"32f22e68e09db704992f7124e499e653f806c52a0c3482264c29e06e9e411e558536f7caea5daeec295a5626bce6cabc33c71f967e222cbbbcdd7f1868564c17","ssdeep":"384:M52iOiaR/r8Q09SW92LsM6sH/6aNEdXJRnY+FOPt0zWl4ItC:M52i4R/rYG6sfg8+gl4d","tlshash":"1872c09593afa6f34e1cdc3785fc07d0e82fe54afd2a8e0c9d13aa65968c66166011d0","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.939461Z","times_seen":2132,"resource_available":false,"data":null}},"time_used":2227,"timings":{"blocked":1899,"dns":0,"connect":0,"send":0,"wait":327,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/logo.ecffc77c.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/logo.ecffc77c.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 6509\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-196d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6509,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 166 x 66, 8-bit/color RGBA, non-interlaced","md5":"ecffc77c52f0e3c3e176eab0f508b6e4","sha1":"a02bb056f935517f23500728fbf432db536f1f52","sha256":"161ae28f438e2c739533e41ff501ac030ba454bcb673592d05b9c21386425a80","sha512":"2c03a78df761123acdc069ba1e69107d92b213afc2cc6cc98195a753032fa8b7f338f43d1eee49da3eb543ef2dcf4ece9ef57fbf37432ce872a427ea7b9e6fba","ssdeep":"96:lV4wgSbHL0fBdHA7EptjQis41CHOEG+Sj6GS4zntgWz8qgLkUnd0aK2mR:/4wDHLkTHWEphQiskOH1UFzntgm5a8","tlshash":"9cd18d4ec38035c2e699b1c225f6a2be4001cfc18ac5c5f7299ddf790d2a1a472b0edb","first_seen":"2023-09-02T03:46:07Z","last_seen":"2026-04-14T19:44:49.940019Z","times_seen":57,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/wheat.9ef498dd.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/wheat.9ef498dd.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 2949\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-b85\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 101, 8-bit/color RGBA, non-interlaced","md5":"9ef498dd8465505d9350b876a2bbfbcb","sha1":"750cf2338e9809099ab1712a7d09970e51bb9de0","sha256":"59eea0cf958c82633a36c32d5e2b2d88faa9a8549f3db375df2f2a4e77613d47","sha512":"401f8a02a0b62ab11235c0d58a7ba7275f216689b3997fcdbc4bf02aeb89ab758a41f0ad529a51ce89102a13d781f127d7fab93c2cb01a9cfd9f349d13278c35","ssdeep":"","tlshash":"53515df7c71bd8c40c62a8f495657cd95a2214dc5cc09f36cc5b8d1001f8aa51cd4cf1","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.916526Z","times_seen":479,"resource_available":false,"data":null}},"time_used":3966,"timings":{"blocked":3641,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/white_message.0f2c889a.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/white_message.0f2c889a.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 408\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-198\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":408,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"0f2c889ab60de83e088fbea886305bd7","sha1":"e5f597de0a3a4235fa1f8eb4738a14f81eb90aea","sha256":"8f9e052c030ff2f8a99fda4fed5c1d95298858c9a3645d2cc637a1d1a5fc8a91","sha512":"716a2fa6d1c8c98ef9d1e380261cded37d3455de128faa8ce0b975d6847cb6ab020ae6e69d6b9936144b1b6638b05ac3a191148ce3500984248c6d0973e93b5e","ssdeep":"","tlshash":"93e0f14b4399a87f5bd7c6b64f41e134992bfe784aa3404f0a34e67f455245dc8c2783","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.922338Z","times_seen":1375,"resource_available":false,"data":null}},"time_used":1884,"timings":{"blocked":1561,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/bty15/20241029/GAMEIMAGE/2/OBTY/1730197641079.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /bty15/20241029/GAMEIMAGE/2/OBTY/1730197641079.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 70274\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BCB1A9EC3839B0ECEB\r\nAccept-Ranges: bytes\r\nETag: \"3AE16528191D6E2EEF45C49796AB2077\"\r\nLast-Modified: Tue, 29 Oct 2024 10:27:21 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9045579490668687584\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: OuFlKBkdbi7vRcSXlqsgdw==\r\nx-oss-server-time: 6\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":70274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 211 x 265, 8-bit/color RGBA, non-interlaced","md5":"3ae16528191d6e2eef45c49796ab2077","sha1":"bd82ece2f2389c9d99ec16bd2280ae4107473b69","sha256":"5ad6ffc729e90eb340722d7295becfccfb0028c114cdf2fe6b6e17131b0d3b88","sha512":"20e409f10f361b96152b6f26c3ff2f46b9e15e59683dd5ac25bf9494c7d07b5210c0dbab59ca96028c60f8000b2e2546236c83eff4093b71f546d58c7d8f8ae0","ssdeep":"1536:RfvJIjOjWRPckISC/b0gC3rSbCThFrliABYGosPfMd:RHyKIP9ISMbnC3r7ZiAWsPfMd","tlshash":"eb630205f55edde45d67dee120079b2922abeacf1066200fe017163e7fa84147ca7dac","first_seen":"2025-11-29T10:28:39.138972Z","last_seen":"2026-04-14T19:44:49.928023Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2641,"timings":{"blocked":-1,"dns":48,"connect":274,"send":0,"wait":551,"receive":272,"ssl":1493},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j-raw.img9ra2khc1.com:9663//test4/20221226/GAMEIMAGE/4/YGRDZ/1672046213281.png","fqdn":"j-raw.img9ra2khc1.com","domain":"img9ra2khc1.com","tld":"com"},"ip":{"addr":"47.242.232.127","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"j-raw.img9ra2khc1.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:48:58 GMT","end":"Sun, 04 Apr 2027 09:48:57 GMT"},"fingerprint":{"sha1":"0C:2F:BF:96:40:4C:24:70:B0:06:13:A9:23:53:13:FF:E9:82:D9:93","sha256":"BC:D8:4E:96:68:C3:5B:2F:8E:B9:44:56:7B:CB:2E:21:73:1B:C8:10:72:D8:99:5F:58:78:17:0E:D5:DC:B7:22"}}},"request":{"raw":"GET //test4/20221226/GAMEIMAGE/4/YGRDZ/1672046213281.png HTTP/1.1\r\nHost: j-raw.img9ra2khc1.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 105774\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BC8DF6E539388EF997\r\nAccept-Ranges: bytes\r\nETag: \"5538405A26B00EC01EC3E4B94ABF48E4\"\r\nLast-Modified: Mon, 26 Dec 2022 09:16:53 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16804807199391165253\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: VThAWiawDsAew+S5Sr9I5A==\r\nx-oss-server-time: 2\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":105774,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 748 x 486, 8-bit/color RGBA, non-interlaced","md5":"5538405a26b00ec01ec3e4b94abf48e4","sha1":"52a755e9b1ecc7b65beca9b564a2f301bb4337b5","sha256":"560b1a3664175154496ccc766208a9d340670ccb24b12055bfa1abf9ffebfec1","sha512":"66023446316c3dfc0a5e41b6a43952ad41b09f79bbf6e10a8797d7f9a0c6a33e48ac135cdbfbc2a1a50d052c5e5c63ca5a3ed62f1b99ba5ea9ec31f2ba869efe","ssdeep":"1536:Bi9UsUcSOBe66rCjwG7QE2xXdGBNLIb8po+iwPEOLT3J3ig4KQZA2nb/WmJbG3Vx:MCNcJrrdkNLGbLIwvDEOf3BInbNo","tlshash":"54a302a8ae71e55d59089d32a93a9e1fd37209f040c2c4c8c713e1ee953d9daf0af5c9","first_seen":"2023-05-24T18:46:28Z","last_seen":"2026-04-14T19:44:49.920168Z","times_seen":104,"resource_available":false,"data":null}},"time_used":2915,"timings":{"blocked":-1,"dns":25,"connect":285,"send":0,"wait":561,"receive":555,"ssl":1486},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_SSOCHESS.38b855a8.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_SSOCHESS.38b855a8.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1252\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-4e4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"38b855a84ccacac73668f58942653447","sha1":"ffcf9265f20f8177e0d1aa00b3bd21ad5bbaaf89","sha256":"29a5bdc29537df4f1e2c0629c1fd0884cf81fc24021a93c02b19675cf9684b4c","sha512":"9f5f0cc5e8a209a65cadec6c3081bfddf350a7882e303d5e5bfcf7dea028ef034dcd94a14c715c49cd592d79558a5820b7ea5a03c4b54b45a1b3ca833d096d78","ssdeep":"","tlshash":"00213dd4435a4fb5f4c4dd2f10141575e5d806228e365c5fa40f491f3e5d00c28ec7c4","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.929673Z","times_seen":3097,"resource_available":false,"data":null}},"time_used":1916,"timings":{"blocked":1587,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/api/resources/banner","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/api/resources/banner HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]}],"data":{"size":1772,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"51c5dc5c5d8334aa7d6dcf485e2c1b8f","sha1":"7c00dadff73d18b4a6f6d9f3c4b33d2208d3a92e","sha256":"ae46f10a081c35170890449077c3dd2c6b5eebb3f6dcc77acd0bb67e1536dbda","sha512":"1c7cdaf6fbb633b1a2c12fde372878703d3f09366eb161cf1b53760af91ed932970234a18e844cf506e2b6a8c688ecb0be8486c4a347b141f5e9317ac13b82a8","ssdeep":"","tlshash":"6e3173332783ca490f230d807a8039471d3d660735aa89bcbeb058f292fa011da549d0","first_seen":"2026-04-13T09:36:01.215041Z","last_seen":"2026-04-14T19:44:49.925149Z","times_seen":5,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":359,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/loading.012e69d7.gif","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/loading.012e69d7.gif HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: image/gif\r\nContent-Length: 71941\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-11905\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71941,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 280 x 280","md5":"012e69d7da2e7244315ebd6266e39c2b","sha1":"a87f3bb105bedd077ba631249f1fac23da6093fd","sha256":"5af491cda6c22e95a031113b0e3e1650a079af96019b241e71fc53c79c453a5c","sha512":"40586a47155e6081c3e81333330ab7c74e958407bf1a101bbf3e65f33d65e2a9ae9b3fec27479247ea1ad74a53b512cbd4196e8890c0af207e87a04dd2145ab3","ssdeep":"1536:glizh03pwDlugLelxWpiD9HjkKMF8aNzH/6u5lZDVYajJ0Vd5BwD:glizFelAwlQF8a9HRHD1jJ45BQ","tlshash":"5663af39d335073ad62b8bba511750cb140fee2d1ea199638d24a5f71e10a6e706c8fb","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.945762Z","times_seen":1368,"resource_available":false,"data":null}},"time_used":1908,"timings":{"blocked":1285,"dns":0,"connect":0,"send":0,"wait":311,"receive":312,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/733063748/O1CN01om461A1dYdaWhkEQX_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/733063748/O1CN01om461A1dYdaWhkEQX_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 50463\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:40:25 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.006\r\ntraceid: a3b5f39717759006436694320e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache26.l2de4[0,0,200-0,H], ens-cache16.l2de4[2,0], ens-cache15.se3[0,0,200-0,H], ens-cache1.se3[22,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i4/733063748/O1CN01om461A1dYdaWhkEQX_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 22\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145059e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":50463,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"178e241231a3111ee9d1f97c86e00118","sha1":"56331727ae5726f91d4a08854952109a7af76d8e","sha256":"56c97590743b587aad526aa6a16b7c357e573aae95422da7d9bd027b58fa982e","sha512":"703f4d4c73eefb4f266ebbd09d33919ce7073e10a92007727f7be59d8370e69fbab36ce8831750547afde87f4a5cd0112bc7a4850a3e6e0e67d559c756452faf","ssdeep":"1536:6Bdv/FR8D/efT13Bn4ZU9D/KpPlHqJ4JiqgI:6Bdw/erpB4Z2IJmuiqgI","tlshash":"d733020541c1396df2891f708e15269743a768dc182eca6e97fe142f2d55b76acccf8c","first_seen":"2026-04-11T19:27:24.296206Z","last_seen":"2026-04-14T19:44:49.946265Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1144,"timings":{"blocked":1086,"dns":0,"connect":0,"send":0,"wait":56,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/733063748/O1CN01JjOifY1dYdaW8g5uk_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/733063748/O1CN01JjOifY1dYdaW8g5uk_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 103855\r\ndate: Sat, 11 Apr 2026 09:37:43 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5398617759002629768188e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache29.l2de4[0,0,200-0,H], ens-cache2.l2de4[1,0], ens-cache2.se3[0,0,200-0,H], ens-cache1.se3[40,0]\r\naccess-control-allow-origin: *\r\nage: 291412\r\nali-swift-global-savetime: 1775900263\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535180\r\nback_uri: /imgextra/i2/733063748/O1CN01JjOifY1dYdaW8g5uk_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 40\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145065e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":103855,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"7d0a4f36c85574ae1899bbcfdddc9505","sha1":"5a8027f37588540fecf93fd096ac99474ef9c8dd","sha256":"76354f4260fd647d4bd9da53d7b25efa4be7b53acfe3ab93ef8a2204e8d424a7","sha512":"1ce4e88bcd129c635be9495e9d3ae4dd702728e9e66dbc3ea1c8a1defe5007bcd82989bb650414cf196abe8682864d5c94f257446255900bb3f44f688927a73f","ssdeep":"3072:MW1SmxQLXL1zwwYHGzIfur97dEQ1lD9JCjVjWgdOXp:X1hUxwqIfQv1J2iXp","tlshash":"3aa31201f7627d6cd818363eeeb98d90c43816c61e0e616bbb902f5878fd8040ee957b","first_seen":"2026-04-11T19:27:24.332647Z","last_seen":"2026-04-14T19:44:49.946703Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":1043,"dns":0,"connect":0,"send":0,"wait":79,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_CQ.4fd2edb2.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_CQ.4fd2edb2.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1052\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-41c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1052,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"4fd2edb21d0982be51da073a20831a4c","sha1":"0474600a4682d64891df89ccfc5305f46d21f005","sha256":"0b41b7c5df2a9460671ffbdc2544d7e79a0a78d65cd10cd2a9694eccf9720489","sha512":"b7dcc38db316f53e81a451a8c35bd2f878b1e371c60b41b5b9f38236ab631e9f87e6f9190da5b93fab5be877378a18c1535c1b44d51e787509ebfe70ed5e0b55","ssdeep":"","tlshash":"9411b5eff9a1996f41352d940219430d46ee335b308a00e95384c0be1fa0d278e41b41","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.958066Z","times_seen":3075,"resource_available":false,"data":null}},"time_used":1516,"timings":{"blocked":1190,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/bg3.04727382.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/bg3.04727382.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 20646\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-50a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20646,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 385 x 198, 8-bit colormap, non-interlaced","md5":"047273827a8a6a021d164be6299cfd77","sha1":"522adb2c39f10423edf501eaee62d9beedc336f9","sha256":"448d4ec19ac86b573567fc570025719965183b9d0eeda1dfb5e4cea00eb61bec","sha512":"9d97d04fc97251cdd36b5a6f635e238c55eaafb9fcba574ba90be0a2d5e1e24e2c64c0f47d6038f4f0f88eafa6b7a0cbade152640ab7181986fb17771dd61013","ssdeep":"384:8bQX31RWSSKLez8woYyhl5r2TiPjlEIOQkN+1REhxxiEQzAbgEDdGEciT3DYTQCG:8A3j3nSzGzhT2TiPjfOMREbaA2ENTau3","tlshash":"f692d11657a3ab785de5bda1c56c862f1ffbc5058762dcc0dcf8979e09910038a07987","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.960131Z","times_seen":1798,"resource_available":false,"data":null}},"time_used":2248,"timings":{"blocked":1597,"dns":0,"connect":0,"send":0,"wait":650,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/FW_totop.769e8432.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/FW_totop.769e8432.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: image/png\r\nContent-Length: 4487\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-1187\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4487,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"769e84320eabfaece04d8b6b4ce16e56","sha1":"d9963060f76ec6dcd5a0687b2a79f5534292d595","sha256":"189fae81ee6ea5d32d31f77ae9041b10edf143ec154ace53617fbaf145af4b61","sha512":"60e5684e0fdab862091cd34eef59fac3d9d1950397cacb3cd9844bb2cc3253bb518590a702761785c45b241dbe4a43c03f474153a31a8221923c5bffe760e9b0","ssdeep":"96:jweSZ4oeXJQonSaZfCMJjG5pET/OFLH7DF+TRWQT1wvwne88bwKP:XJQZaZPAqT/Qp+52WGTP","tlshash":"19916c6937ac0f13fec91e03e01dd9709864c15c7b55ed2a768cc81c65ef1d812889cd","first_seen":"2023-07-03T04:38:13Z","last_seen":"2026-04-14T19:44:49.909777Z","times_seen":102,"resource_available":false,"data":null}},"time_used":1613,"timings":{"blocked":1290,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/bg6.391702a1.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/bg6.391702a1.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 1326\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-52e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 5, 8-bit/color RGB, non-interlaced","md5":"391702a1280088a40ba6a6252418633f","sha1":"4658a8b35d9b3e2604d6553fd74a4c1140199a4b","sha256":"cec0e8f58b26e0e094ffa707486dff56a59ab6a9edcf151908753e96918827ca","sha512":"59f0db4097a07c5f894a02d8a6e96877f163c8b98104c7fce46ee5fee18544d8a9feea368ffa45824af9ac4c7b822cd240afc79ddc89fe7e97d4a6d113ad5295","ssdeep":"","tlshash":"b421cb99e6025c4157cde95424f5817f5d336cc0ce90e727bd8bc8d328151f98aad4e7","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.940515Z","times_seen":619,"resource_available":false,"data":null}},"time_used":2213,"timings":{"blocked":1898,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/bty15/20241019/GAMEIMAGE/4/PGDZ/1729345994644.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /bty15/20241019/GAMEIMAGE/4/PGDZ/1729345994644.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 293631\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BC8DA22B303190C997\r\nAccept-Ranges: bytes\r\nETag: \"D6A28E591580B29FCEC3886855620E1D\"\r\nLast-Modified: Sat, 19 Oct 2024 13:53:14 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12798989572531466566\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: 1qKOWRWAsp/Ow4hoVWIOHQ==\r\nx-oss-server-time: 6\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":293631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"d6a28e591580b29fcec3886855620e1d","sha1":"ea2172a3a68c64648f16e7c7620c70d8706d8b3e","sha256":"45e9831b8fefe47da841988a1537d29a8f8b4a7d1a49112ea1fd7532b6182a0a","sha512":"ea83a7c3fd8a0d4b7732ca80af8ccef2fb274722ff1f99415c7137bbcfd71b8361d634b302f933be150bbfb9428ccbe79c9a0603b782bbeb75661ec674a555a5","ssdeep":"6144:NQp7d6K3b3YlDuZXafUtBQN1V7FbtWB88XOS4ROob:No3DFamB21V7+eSo","tlshash":"cc54236cf24afc539b342035532b86eea8dc74d456799427c7bb27b4f01e920a99f205","first_seen":"2025-01-05T17:32:57.313281Z","last_seen":"2026-04-14T19:44:49.909275Z","times_seen":34,"resource_available":false,"data":null}},"time_used":3731,"timings":{"blocked":-1,"dns":62,"connect":274,"send":0,"wait":551,"receive":1347,"ssl":1489},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/favicon.ico?v=1775895824140","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:38.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /favicon.ico?v=1775895824140 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:38 GMT\r\nContent-Type: image/x-icon\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69d994ba-2ea6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11942,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"c6278f882408423fdebc5bfccce20a71","sha1":"6481240a9be4180b62f52a234ff5332d233a6445","sha256":"3a3215da4d96b2ba01d25034487306d5469de061a44515ef939d3b5e83990ba7","sha512":"99ec2e2156dabaf04163ce198539fd634bb2b2e0724ce3b66fbfe2b28bf5bddfa0696945a11da0ac6d7172912b50ddb5128f1796a6e99fecb4ed166b33b73a6c","ssdeep":"192:OnM8SMmHHpY0t2gzQLJ4om1Mok0YuDCRP8zJla2GAi5Ajz9/o3diBHpcv:OnM8SMmHKY7Qd3tokmDC+dla2EAF/1B4","tlshash":"7932aed4eaf59d7094fe6a6fa291021a880299412df2b8f6b8d754531dba2b00cb20c3","first_seen":"2023-09-02T03:46:08Z","last_seen":"2026-04-14T19:44:49.902982Z","times_seen":57,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/webconfig/queryCustomerServiceByMemberLevel","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/webconfig/queryCustomerServiceByMemberLevel HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916746572229e003c35b5f3868c5c86fa45f41db3ee49d64d;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"468a813c1eb17b5cbca9f4a2b2792d26","sha1":"c9bfa4fcc765c15bdb797332d8ba293cb1525b7a","sha256":"7abfae2731deaf90f72544f285dc87241cf2544556afe402185490f8d2a65c94","sha512":"6e564d413f2700902150ee0274680714d9c2d8d035dba3b20f49397b42b695d47447ddfab70114e2831d0973486aba34091d2d2d03678da9804d90e11d5aa36b","ssdeep":"","tlshash":"11800450341554130c44444c4404c7511d3055540d1513f441cdd1117144dd0d407410","first_seen":"2023-04-08T20:40:15Z","last_seen":"2026-04-14T19:44:49.906142Z","times_seen":1207,"resource_available":false,"data":null}},"time_used":1335,"timings":{"blocked":977,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/black_message.648bd7bd.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/black_message.648bd7bd.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 462\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-1ce\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":462,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"648bd7bd1b57cd47f5c4f9d093e6cea6","sha1":"0db14db60a080c02fdda069e61ca35af86b187b6","sha256":"dcaa5839999300e29dcf413a5cdd74bb4d8461292fe4532936722a33761a0f8a","sha512":"d149190cfeffeb01d9b049ade3279919da8afb4a968c9bd79096ca8680fc5c5c9335b50ae88b9166940323b268b109990f15495fffae8a0790ad24ef54f30aa5","ssdeep":"","tlshash":"64f00ed395e8142fcb125b13839c2554b87c655451a2f80ec401417106bf50040eb38e","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.912192Z","times_seen":1363,"resource_available":false,"data":null}},"time_used":1926,"timings":{"blocked":1601,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j-raw.img9ra2khc1.com:9663//test4/20220912/GAMEIMAGE/5/BSQP/1662986000761.png","fqdn":"j-raw.img9ra2khc1.com","domain":"img9ra2khc1.com","tld":"com"},"ip":{"addr":"47.242.232.127","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"j-raw.img9ra2khc1.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:48:58 GMT","end":"Sun, 04 Apr 2027 09:48:57 GMT"},"fingerprint":{"sha1":"0C:2F:BF:96:40:4C:24:70:B0:06:13:A9:23:53:13:FF:E9:82:D9:93","sha256":"BC:D8:4E:96:68:C3:5B:2F:8E:B9:44:56:7B:CB:2E:21:73:1B:C8:10:72:D8:99:5F:58:78:17:0E:D5:DC:B7:22"}}},"request":{"raw":"GET //test4/20220912/GAMEIMAGE/5/BSQP/1662986000761.png HTTP/1.1\r\nHost: j-raw.img9ra2khc1.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 5240\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BC5361BE3134789869\r\nAccept-Ranges: bytes\r\nETag: \"52C102AEF11599DB4C4BF21835A97311\"\r\nLast-Modified: Mon, 12 Sep 2022 12:33:20 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17918237673495055933\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: UsECrvEVmdtMS/IYNalzEQ==\r\nx-oss-server-time: 1\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":5240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced","md5":"52c102aef11599db4c4bf21835a97311","sha1":"696df2883cdbb6404f427fcf12b1d7fe1edc8564","sha256":"80053fd7d2b099f006e45ff5e3e23e59f310bf7c47d12b4cfa7780c497816bd2","sha512":"959f9cd882e24e330e9006df0d15b6e7ba09ba1490eab5a73e56295762ff20386619764b8db17570b91b525ac1636cb9ea5f83a90d04bc0d3847f708fd1794f3","ssdeep":"96:zafGDFsnx08sg+xJ6o0tmok0kmNUMjWiojzcAWjqguCkuAWWMo7EnsLz:zTFO1sg+/0wolnoU1jqh/WWMXnO","tlshash":"78b19ff68770e5c853a07c15a29b18b4f5cfe2f936221807d420099f14fbde9c75a351","first_seen":"2023-05-27T04:34:36Z","last_seen":"2026-04-14T19:44:49.904049Z","times_seen":268,"resource_available":false,"data":null}},"time_used":2050,"timings":{"blocked":158,"dns":0,"connect":267,"send":0,"wait":275,"receive":0,"ssl":1350},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/index_120.66855c3e.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/index_120.66855c3e.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735914823e00359bebc7cdeeb6967f926788ce6c13aa3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 44094\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-ac3e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44094,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 99, 8-bit/color RGBA, non-interlaced","md5":"66855c3ef7a9ce7720ca564af110fd2a","sha1":"365c9c48e61a31bbcd5738ea7e26dffdfbc8347e","sha256":"773de2c969cbfbc768a1b147636af01c3056635689e187759ea19b4f2a24395d","sha512":"b81026cae351bc6e73ef494efd07aa6c1854232b5b0c4ef33ca5b3c9c90ff676188225bd1a86ae7258b741956f715de179f1fe153ac121cfc7de8dd188b474fc","ssdeep":"768:hoATFzU2XIF0R/2ArgJO3PX1QHy2D+iZ/pS4OdWko0WfBBfYW9l6wRsExj5vs:hfFzu0QJ0FIyi+iZ/4XWkc5h0w3xjVs","tlshash":"9413f2c124535c1bcb50ab17acdd0f51adc905f6d420ca9e599642ef8b6a0f6c80adff","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.959072Z","times_seen":1828,"resource_available":false,"data":null}},"time_used":1604,"timings":{"blocked":1288,"dns":0,"connect":0,"send":0,"wait":315,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/popBG.eac2a5d5.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/popBG.eac2a5d5.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 7850\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-1eaa\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7850,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 936 x 560, 8-bit colormap, non-interlaced","md5":"eac2a5d59d573dd55122363611a40f87","sha1":"fb38422af4280281abb82624eab81ab85ea74503","sha256":"7a8a530484231d9d492e3252f5e18131ccb5e05b03f6d8a19867fe4e5ae52a31","sha512":"8cbbd8be0f6a0f744930112c79b21fb2675bdf8394860ea923b687215740d21c3ec82028635678d6787ce830ba0da15129e3d79b6dcb997a68ca6c149a488354","ssdeep":"192:r4JWjpMhWEE/s5dvpw1kUmp3b8kryjMOPCQu:rYHrJCqp3F6MOaQu","tlshash":"91f13b7a9b935891178ca3bedc1e2434f78d79d4d2f7a1aaae30d30afd84b6d1005346","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.921124Z","times_seen":1373,"resource_available":false,"data":null}},"time_used":1827,"timings":{"blocked":1515,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/bg5.f00b3b67.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/bg5.f00b3b67.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 24373\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-5f35\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24373,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 385 x 198, 8-bit colormap, non-interlaced","md5":"f00b3b67ffffa718cee55011d1299e71","sha1":"71e23f329b55119709a2ea4eec6d4a71479789f5","sha256":"fa94d115329b5148fa2ddd8dde6516eb56863fe09b048cfd0f489882e5a5431c","sha512":"8da1f309a95404939a68618a063f59f0c7553aa1ae8719cf0918a9d2cce8b7a9ea55bf48b2b59912d7e7e66041a9ddbfa5de01071b0a30ae1763f6f6a902fa29","ssdeep":"384:Paz2mIrt9pg/TZt5hTzsEGgXIWiQlD5pZEPZWoGvBqblUaEB/Brh5b8oLKXLWj4F:QUpgU+iQlDXZpoGvBq5+rbpAWjIu7v1G","tlshash":"99b2d16d5386cf5c93156c938138be504e6aa395c5a6dfdf82c38151bca2278f2d4383","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.958551Z","times_seen":2159,"resource_available":false,"data":null}},"time_used":2081,"timings":{"blocked":1765,"dns":0,"connect":0,"send":0,"wait":315,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN01WV0T5U1dYdaWbKVrd_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN01WV0T5U1dYdaWbKVrd_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 91496\r\ndate: Sat, 11 Apr 2026 12:11:26 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5fda917759094861956096e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache20.l2de4[0,0,200-0,H], ens-cache2.l2de4[1,0], ens-cache11.se3[0,0,200-0,H], ens-cache1.se3[39,0]\r\naccess-control-allow-origin: *\r\nage: 282189\r\nali-swift-global-savetime: 1775909486\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 12:42:28 GMT\r\nx-swift-cachetime: 31534138\r\nback_uri: /imgextra/i1/733063748/O1CN01WV0T5U1dYdaWbKVrd_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 39\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752125046e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":91496,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"3e442e96d8e2d444b9e3f2b0a3120a05","sha1":"2de72399037d8f7bac2a2d869ddd28f04f4d823e","sha256":"033420de17ff29e80766e26990df4adcda6a1f79ce7163502a1c3339669b99e8","sha512":"14ae324f766df01e98640a21db09dd99606515f8ecf0082414d345e69872701426e7421ccfd6604dfd149a06521cddac7606fb96a03a0d61f0bc8f3bda2d2e6c","ssdeep":"1536:zIhczO24o3HIiGo6Qn/y3nIhYimCayYY8ZtT7g7yTbExArh9cSRpvLYvuJGFVBpw:zIh4Llb6Qn/y3QYpCRYYET33lh9hRlLZ","tlshash":"d09302a9f373a710fc6c393e4969183d40ddca244e1bde95494e9e762e23adb048354f","first_seen":"2026-04-11T19:27:24.432234Z","last_seen":"2026-04-14T19:44:49.959592Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2311,"timings":{"blocked":1119,"dns":1051,"connect":10,"send":0,"wait":59,"receive":4,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/white_arrows.f434bf84.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/white_arrows.f434bf84.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 262\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-106\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced","md5":"f434bf841addde4e6fecf6ba2b8e150c","sha1":"66bcc06c89a9ccc1345d51dcee7a832f6d801e6f","sha256":"741f7db86383915f476995623b0b0ae2718f2b4ae250a45fd3f3f2ab306bbae5","sha512":"44c35adb55236ff509b2835b97b20fbe036e55d4fba0627858519ee104888966d148579ccbff53721d037d88d8ee0521e56e0a568c51e27ccc82978806225395","ssdeep":"","tlshash":"2bd095ca0bd39db4d375c33bd14b2157963302757190910d93cd503c0421131d4347d5","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.9422Z","times_seen":1374,"resource_available":false,"data":null}},"time_used":1910,"timings":{"blocked":1583,"dns":0,"connect":0,"send":0,"wait":326,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic9.df0a779c.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic9.df0a779c.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 15889\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-3e11\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15889,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 182 x 204, 8-bit colormap, non-interlaced","md5":"df0a779cf1df9139066be3752fb67b26","sha1":"4560787883ebd57f2d980c3e9eba2bf74b96d400","sha256":"38d9b09843320cec3831174e313fb8d1bb518b24db8b20267971b3e2f0b8a450","sha512":"38ae7f663ee92c9048eb426c11d06eebc1c79cfa60c9389b5aeba2ba0bf9083109ad154a705124bd62ffd494ce638623a2aef6cbade1f523ec8c55095320e0cf","ssdeep":"384:FGW+j2X7ooWebQcBYeMQItJ4BylvqLyg0ZZi:FGXj2rooWebQ4YaIt+FNgi","tlshash":"5d62d1cbd4302c624fec9829ce9e1c1d97216a8a4771dd859d1c9cef3e738780ac652a","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.904558Z","times_seen":1789,"resource_available":false,"data":null}},"time_used":1995,"timings":{"blocked":1665,"dns":0,"connect":0,"send":0,"wait":329,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/circle_logo.3a63a435.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/circle_logo.3a63a435.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 11934\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-2e9e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11934,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"3a63a43558161705d2c49b360a89f603","sha1":"360079ccc49e86f3dfc28297b790ec143a715bff","sha256":"93a68883933581200dc0882c5defe142cb4c98c800278823d9e0db8082311328","sha512":"5f7ec9034f3d7a5680428baa13829db4e69c7d9aff01308d2e7c1f28d10e744c66f30fa454e281862bbc25b84e1d80bafb0e7b4f1342494f03fb83a897139c32","ssdeep":"192:b3FKkFFMNGaL6zM3YU7Pomio3VNpLWu8a+yhGIz4qHNlgPFCSjZdfvKWV:b3FHANGamzMZPoePp18a+EBz/n4FCcS2","tlshash":"eb32df89d414ac2c0201e4059836c262ba0662c813cfc9f7f1b9998068f72bf8dca5ef","first_seen":"2023-09-02T03:46:08Z","last_seen":"2026-04-14T19:44:49.947389Z","times_seen":57,"resource_available":false,"data":null}},"time_used":2310,"timings":{"blocked":1982,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/dervice/queryAppConfig","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/dervice/queryAppConfig HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916745774197e0037def232077cd22390e2fd26e66d782adc;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d00580658dbd58cbf21ba17a24b71757","sha1":"533e8f7b213f3faaa0fc579de0d267ca32e9a4a2","sha256":"40bf6b2a09204253ee6478c326b97a12c639630eca4c4bb705a69b3d509e46d0","sha512":"7a25e3187053591568910f3a0ead261c3bed2e85effc65761647d9121e23926cf56a124dc7b491826c34b46ce40e9fa4dad5ff51bd88cc3e5deeaeedbfac69ce","ssdeep":"","tlshash":"92017db356a99c690a09fdc5544dfa19c2ed299b088c7979c51dbf5810fc3f0631d504","first_seen":"2025-01-19T13:01:56.009816Z","last_seen":"2026-04-14T19:44:49.913664Z","times_seen":38,"resource_available":false,"data":null}},"time_used":1255,"timings":{"blocked":913,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/game4.a61ff3e0.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/game4.a61ff3e0.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 24265\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-5ec9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 279 x 204, 8-bit colormap, non-interlaced","md5":"a61ff3e07ed89e69d7ec3f7ebf95a1ca","sha1":"dd3ad19d714990595454f546254173ec55103a7a","sha256":"61ad07fac6d060b6afbe6d37acd935f75e1433ecba9cab2770df14894a44af34","sha512":"671b6be5bfdb9c1f5bbb7f8b61d17a385267a46943058f38b05979741e629bf16ec37310f19c59cedb074f9542c0f6883623b7dd9a0d5a2263866d00665b79e1","ssdeep":"384:MtTQEkR10Hjyj2tTBDEM0eN1sWNFQDek3TSyk8xyLPdDAz/GscVZs+FLeMQ4f6T:MKrmPBDDUWNyRXyLHsczFaMLQ","tlshash":"dfb2f23ed54526e9fb43a12c60d8dc5a7c530a87f7d3d81517e298da64e80cd9f10bb8","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.911825Z","times_seen":2677,"resource_available":false,"data":null}},"time_used":3172,"timings":{"blocked":2836,"dns":0,"connect":0,"send":0,"wait":334,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/play.79536124.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/play.79536124.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 544\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-220\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":544,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 27 x 27, 8-bit colormap, non-interlaced","md5":"79536124df16e20ef7fc5ecae7f5cb7c","sha1":"52a71a83d1ecc58fd7675e9d01be366470e91af6","sha256":"2658c7574095e696c185ac2a187e8e0f1b5f2a30c2a9f32c9188f01d8427bf4d","sha512":"2c32111024ef7a36870a1127776fd37f35c59db7479f2350dfc1a6798deb9852d55742ba6d38321516589be279f15a8ed30e8f99b7cb37705037a3d40b1c056b","ssdeep":"","tlshash":"51f0dccaf3baed26d92198bf82454790080ed9220dc78a858c944c10d9f1d6c1896647","first_seen":"2023-07-03T04:38:14Z","last_seen":"2026-04-14T19:44:49.94502Z","times_seen":102,"resource_available":false,"data":null}},"time_used":1164,"timings":{"blocked":853,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/bg4.c304c7e2.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/bg4.c304c7e2.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 29238\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-7236\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29238,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 384 x 198, 8-bit colormap, non-interlaced","md5":"c304c7e2c206ae6718404f97fb2d7d83","sha1":"9b7fbe7eca84e5874cde211dd94f0f7690f5dde8","sha256":"84ef4da649b1940061abe399dec13146f9933e5b6cfb78d991806bc05f96887e","sha512":"271018fee721801aa0c0a5e2f15e7e8fa2b12d1265561360cdf9eca4ed900537b1c55d801ebfc980cfd0370c0ac6e7637250a89794134aa1b5a76e431e6afd2f","ssdeep":"768:YpDhLvpx8GgU0xoe/fpLgLPglyz0ROw2s4Uy56jgTti2:YVT1gzxoe/fpsz4m62s4kE02","tlshash":"6ad2f19f4f43d1510b41d8b636390b0c99021a6ac8058b2e9cbb61f2eae8c175dec79e","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.928545Z","times_seen":2143,"resource_available":false,"data":null}},"time_used":2187,"timings":{"blocked":1863,"dns":0,"connect":0,"send":0,"wait":323,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/FW_download.bed3e8fe.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/FW_download.bed3e8fe.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 4766\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-129e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"bed3e8fe6bb033a54710b48117aba24b","sha1":"d1e13d00f7ff18b4b4f3124574cfc3905f7c8524","sha256":"dbd85fe1d9c39d79f517bc11509ddd1c7224f81eed210ccfcd878d40cca1ee10","sha512":"ce19f5c021178548e95db412e0354a7c74934699ba8a772e7443808180be28671dd968a4ec0ede874133fdb388f2078c997a95f06f6312ef951df8bfbe2f9551","ssdeep":"96:GEA87MMgYoxbs13w0C9W182cw285Nu90v7QmWdIlVVFz4:GP87MtVbswDC82cRINu90v72m3VFs","tlshash":"77a17d3e3f5428fa9f804808f9f6ed31d2da6f837491a00268068e833727551b5d25e6","first_seen":"2023-07-03T04:38:14Z","last_seen":"2026-04-14T19:44:49.912692Z","times_seen":101,"resource_available":false,"data":null}},"time_used":2502,"timings":{"blocked":2175,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN01TY1VH91dYdaWSpF0U_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN01TY1VH91dYdaWSpF0U_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 116448\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:40:24 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.028\r\ntraceid: a3b5f39717759006436064199e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache31.l2de4[0,0,200-0,H], ens-cache27.l2de4[1,0], ens-cache22.se3[0,0,200-0,H], ens-cache1.se3[18,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i1/733063748/O1CN01TY1VH91dYdaWSpF0U_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 18\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365075e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":116448,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"2b2a653f99cfe7b3e221ca05408e38a9","sha1":"3a86f16f53770d6c8713b5a1b326fa1b3d9e7419","sha256":"f32468758381cef24082ca36089202131cef8172404f822bce1138790141971c","sha512":"442711810c3c6ab44491eade30b6fef064e0dcb439d736be16a95e60f0137eebc987a7f9f3099b560381c66f092f0b684ad3f6a4d3f0e8a01155adab7c8be1d2","ssdeep":"3072:2rDxwWRIwYhF8VX7j8/c0W4fxrhc2RPBJwATzj2t5VelhV6:2nqnF8VXU0t4ftvB3TzKtPelL6","tlshash":"66b3129caeb3cf7c7f1d6e3d4953064563879e0ff822141a81128d0f72691eadc4ac96","first_seen":"2026-04-11T19:27:24.392648Z","last_seen":"2026-04-14T19:44:49.902403Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2327,"timings":{"blocked":1112,"dns":1041,"connect":10,"send":0,"wait":86,"receive":3,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/gameNotice/findgameNotice?deviceType=1","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/gameNotice/findgameNotice?deviceType=1 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]}],"data":{"size":6375,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b100f28c73a7f77b28e635a103ee8404","sha1":"39ccd89413f8b46a5bc505f0a6a4cdd4683c415d","sha256":"fa1dd1da6d1c221de6eb31eee699afb0f58cf08c65512ea8911c4d6cdb6532ad","sha512":"0e33f2257e10bbf37835695f9cbd5491dae68b2f08b12a7dd5b6f8ee8f12cc096f1952de5d904e6badbfef4e060e17df23590be238c5125abf7e0f3494018601","ssdeep":"192:IExlgbb5ab2nFb2gqc+bbpHb2bkbirQbi2kCabMC:Z/Ha","tlshash":"7fd1ef4747488f36463550da004ebc5352ad912f7d1986a8de3bdecbac7b7f13a2a270","first_seen":"2026-04-14T18:35:05.712781Z","last_seen":"2026-04-14T19:44:49.914184Z","times_seen":2,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":302,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/speaker.8f132514.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/speaker.8f132514.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: image/png\r\nContent-Length: 352\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-160\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit colormap, non-interlaced","md5":"8f1325140972d120e7ce56242c10cbd7","sha1":"fb3a6b1127190a9ec1b3d93022c0890f0b6f6cb2","sha256":"8964d52b514badc9dc1429eae81be0bfe6b773e2bdd91cdd1efd14eec7024c26","sha512":"7b50da14944d49210745c1521981e7c117d3097d2d061e2f57a8b88484edb6cf31c3de86e559b5c34bd9cb5b4abbb38e42295602c3721f147cab852776f6c8ad","ssdeep":"","tlshash":"1ee0c6ba268aac24eb84063331b3062a8b2dc7008239a12c08a1823d00e2a0a30e42d1","first_seen":"2023-07-03T04:38:13Z","last_seen":"2026-04-14T19:44:49.954472Z","times_seen":102,"resource_available":false,"data":null}},"time_used":1344,"timings":{"blocked":1017,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/live.f92deb02.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/live.f92deb02.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 2377\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-949\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2377,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 52, 8-bit/color RGBA, non-interlaced","md5":"f92deb0211e187f1924b4b2b5a66804d","sha1":"740e7ecb6e078a5d80192908708e9c22db781019","sha256":"88452fe6d29a890ec54254557d086bfc8bf8821ba504213d78240b0f6d57823f","sha512":"1d8efbcfe7b8beaa1cee8a02a076ffcfa6b8c67a6a80b1b642a2a3ca9775d0a5002b3a17a2c2d9107fe77b7025aceef43c705b73ee0367c086399d9f4199f99f","ssdeep":"","tlshash":"6a413bf3cafdae6881711f74274edb5c877332e355a5c5a6dd27407a50276105011fb8","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.929103Z","times_seen":1792,"resource_available":false,"data":null}},"time_used":2383,"timings":{"blocked":2069,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipwho.is/","fqdn":"ipwho.is","domain":"ipwho.is","tld":"is"},"ip":{"addr":"172.66.175.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipwho.is","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 07:06:13 GMT","end":"Tue, 07 Jul 2026 08:05:44 GMT"},"fingerprint":{"sha1":"45:E2:30:BB:8F:27:86:2C:51:09:65:A7:76:DA:E5:D5:51:7C:10:08","sha256":"14:7D:39:E9:1E:7F:66:AC:9B:23:87:42:E2:B2:91:CB:A0:23:B0:DD:69:EB:FE:8B:2F:B3:2E:6C:38:2C:2A:70"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ipwho.is\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://363999.cc/\r\nOrigin: https://363999.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 14 Apr 2026 18:34:33 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9ec4ce26de0c568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0c803446e75fb294408787c6c64ee800","sha1":"0962274e1fa925799e2d324dcaa1b173a2bbed98","sha256":"ae8d49b8344fca5c61af3aff17d9b1d3f272d198edf935f94b322463b15b57e2","sha512":"fcc0c8057e91b44bda5b3a4e976b202ee97a7127074e4a30026b291cbb5ebe9c0c8d1a626453b2fccccfa46eb67be4bd37dcd855671bdb064e1eeaf262a18276","ssdeep":"","tlshash":"0da0220f2300383a02022e8330080a8002e302f0e0c0230aa00c030e3200cc020e3008","first_seen":"2026-02-12T02:06:55.383473Z","last_seen":"2026-04-14T22:18:30.466047Z","times_seen":686,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":41,"dns":22,"connect":1,"send":0,"wait":5,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic2.9c254e92.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic2.9c254e92.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 6135\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-17f7\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"9c254e922d92a0a0161522840f7abbc4","sha1":"df70cb2a35c764b55d0be55fd04225d25bf42cbd","sha256":"312f53ae25564cde8e57ff458ed8dcccb34d62fd01d3cd8e838948019cd711ae","sha512":"e81a284cd687c1216035e7ebceb1a66ca88ca57ac0b100231bd84b91062b6f6922f735d52c8c4567bcb82945eaea508ac6546d6fa16856eec60cc11a0df17bb4","ssdeep":"96:WQgrJfFyKkS2TIxwA1LVD+/Qqz3CdZrbzycmP5/ee7ncB92f4YznEQqQmeZbEsF2:WfjTwdYk3CdZr0B/eknoAfBzEQqQmcl0","tlshash":"31c17e7dee4475051a9ce87a2caf89270db40595cf146042ff4c915b4e807b749afceb","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.925577Z","times_seen":1870,"resource_available":false,"data":null}},"time_used":1942,"timings":{"blocked":1627,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic3.f7040138.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic3.f7040138.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 5051\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-13bb\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5051,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"f7040138612029fd7ff4d7be645b74d7","sha1":"9b96f2e47053ab796ea7266c4e61a70f6c24b235","sha256":"d034c575c7f9c193abee96078d0d4eb5c244a91fc48ad407ab40b7ed70e5201a","sha512":"1ef222957993b9cdaa3360f671e901f0e50fb805a41c6fc95a876cf15ccecefbb2bc044f7e6a920dde867191a12dffa846b22b64184c1370917df5240f6c3fcf","ssdeep":"96:mQ7utx/U7Pnrhtmq7pdSae4pzcRvuUolAVw2a7q+XcQ693iPEapug:mGrltmWpcaQjVIXce5","tlshash":"7fa17c68a4c0647f5aa8861236f3920f0c1e8591ddb0f96bb6ce4470dd790da1a3d2db","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.956012Z","times_seen":1870,"resource_available":false,"data":null}},"time_used":1960,"timings":{"blocked":1649,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/close.5168df87.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/close.5168df87.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 5189\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-1445\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5189,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 56, 8-bit/color RGBA, non-interlaced","md5":"5168df87edaaaa99f5547e9ca5a8cad9","sha1":"124759a0da3f579418f632ad37e3adaa28d08b59","sha256":"a45a90a5c231d6cb59e96834bb23b5080c7b40dc77fcbbbf7fb3ba1bb7dd2d8b","sha512":"63525f88a16c2f854ebb93b4282cc54c8da9d29695fe73f52ba9183a68f1c0b7f2e6026dfae092610953a928682f4e21cffbeb895a07f075a25523901f9c9ec6","ssdeep":"96:eJuKQr+naJkupaLjeSVo6PtpiYu7MBO0I9hfUJUckD5lQ8xbio:eJVQYalpa2SFPtl15/JUND5pxbD","tlshash":"f6b19edcf312ac3348875951e08403f4d4edb06786e38a8e4055fe5d2f62772f2658a9","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.954986Z","times_seen":1368,"resource_available":false,"data":null}},"time_used":3911,"timings":{"blocked":3582,"dns":0,"connect":0,"send":0,"wait":328,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/733063748/O1CN01kT0afO1dYdaW3tJpK_!!733063748.jpg","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i1/733063748/O1CN01kT0afO1dYdaW3tJpK_!!733063748.jpg HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 39225\r\ndate: Sat, 11 Apr 2026 09:30:18 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5329e17758998181931506e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: jpg2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache11.l2de4[0,0,200-0,H], ens-cache35.l2de4[1,0], ens-cache24.se3[0,0,200-0,H], ens-cache1.se3[40,0]\r\naccess-control-allow-origin: *\r\nage: 291857\r\nali-swift-global-savetime: 1775899818\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31534735\r\nback_uri: /imgextra/i1/733063748/O1CN01kT0afO1dYdaW3tJpK_!!733063748.jpg_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 40\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145063e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":39225,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"71b1e4e8b6e19bd92c8e4a9e082a6c58","sha1":"6ebcedde623430229b9cb99f7a5a7e0f094c20cc","sha256":"4059ea63e96c06978dd555373d67be2366a1d1eec6a11644c291f36d2a730789","sha512":"d8c12fbd6eb982804fd014a51a429b1b5b29291c4ea47a713ada0501de37d5d6b4322d459606c043de4a2948355b86bea0f092aef3cd50ee313ea3d1006e05e9","ssdeep":"768:yMX52/PJ9x6d1Aq0tD0bTpSl1Jp72dcSMdqLK:y+ebU0tupSjShLK","tlshash":"7203f1d8a51ed45ed12ebf31762c426a0212f523628bca7d7654bf1001deb925088bfe","first_seen":"2026-04-11T19:27:24.348466Z","last_seen":"2026-04-14T19:44:49.908184Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":1044,"dns":0,"connect":0,"send":0,"wait":79,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/GAMEIMAGE/6/null/1572268881891.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /GAMEIMAGE/6/null/1572268881891.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 90471\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BC7EC25D3936A56D57\r\nAccept-Ranges: bytes\r\nETag: \"59EDE0D8C1326CBE623F37B603A6B3B1\"\r\nLast-Modified: Tue, 25 Feb 2020 08:44:16 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9739239087291637119\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: We3g2MEybL5iPze2A6azsQ==\r\nx-oss-server-time: 2\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":90471,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 245 x 245, 8-bit/color RGBA, non-interlaced","md5":"59ede0d8c1326cbe623f37b603a6b3b1","sha1":"997119c45728f63a183ba83b8b963076b55e0672","sha256":"d2cb34495365bcc66dfd8b9d8e9f36ed2c6c74ee30d612b396fa789a4c6671b7","sha512":"47016e6e134ad622273a708d7c25179f80bf21e1094b7439ec2d6579ad4ec1984e4abc96bf6016ea2689e3f641dded82b9cad05bae81a29073287e49647589f4","ssdeep":"1536:ZStVKpBrplGNile1SpFm0/SuY9BwSkuedCyanXkM/WFsExB7E8wdfqR1l9V4xQp4:0PQBrbG/ppYSkitnBWFsEXLwdfMwxQO","tlshash":"da93023addf14938c8263b6d43e33b86b1dd3698159324c999ab83408bfee560b5643d","first_seen":"2024-01-02T23:56:23Z","last_seen":"2026-04-14T19:44:49.941099Z","times_seen":57,"resource_available":false,"data":null}},"time_used":2953,"timings":{"blocked":-1,"dns":43,"connect":285,"send":0,"wait":568,"receive":561,"ssl":1489},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_KYQP.b2d25cfc.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_KYQP.b2d25cfc.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 2501\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-9c5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2501,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"b2d25cfc8bdb879fbec978c2c8d7402d","sha1":"27378ef9d3e83e26c23d391d0e5168ef01571d28","sha256":"e05ffce656d883679b2e3bb3e3ff8bf7ced866563aec496339fa3a5b66bf0af6","sha512":"aa4acc9e23f41cdb0d42eb9a99af1fc5851415db1455aca39695842f468d32bcc280f5af9331fc60de678617ce655774597a94923cfc05e483ff4a12d4f8ba61","ssdeep":"","tlshash":"3f511aabd7c0eabd906fb407c10d0749b5b99191eee0046330f2ba59e6c80c965cca03","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.936239Z","times_seen":3106,"resource_available":false,"data":null}},"time_used":1848,"timings":{"blocked":1523,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic4.bde76413.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic4.bde76413.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 5183\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-143f\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5183,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"bde7641308cc262de77c9804e7c4bcd0","sha1":"c56a012d8adb59665b5f33e2b79854276847cbda","sha256":"53e995fabb2de3bb2dcc6187c353c5c92f2d88e112ec4ea106f34427dd637fd8","sha512":"faabda45d21e46f24136008774fc7743bdeacdd3db2f13359f9e90486c828e598d8556bf8f99905dd6766ece2e7fe6becf47dea29addaaa29949e22856501f9a","ssdeep":"96:mQ7aYx/gsrVMi0Iv12ph9iMLCPUuySqS60Kg5iBdXYqE:mYgEWix23BCaSN60KzBBYqE","tlshash":"cfb16ce915d12d0232d8d46eb8f7e43dc739b980c3a0e888709a81d75b961ab18280ce","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.906646Z","times_seen":1872,"resource_available":false,"data":null}},"time_used":1998,"timings":{"blocked":1674,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/index_122.a31a8c20.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/index_122.a31a8c20.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735914823e00359bebc7cdeeb6967f926788ce6c13aa3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 41291\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-a14b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 100, 8-bit/color RGBA, non-interlaced","md5":"a31a8c201c157f356e881b396f55c447","sha1":"365fd3776a08265797ab76fcc8dccd7f6042b805","sha256":"8caed534998f41b9940f5cb1f6cadca915f215985470c383b421dd84a17e9c28","sha512":"5d912840a9c587b0f8a1210f3d92421b486966924a8f3e8358a23c889c19e3e39e3ec256e75ea10535677610c5fe005c192e47c0489ff9d8f4f368944b183077","ssdeep":"768:MA7IjRJWgZo7YV92z/d32L8jn5mbfvjOCiYPNHxqdPCWbB8VoOW0muktu96kR4QF:MA7I1JWgZNkz/kL05mHWkNH+PCWbB88k","tlshash":"b20302188e017dca13f35ddd11d1d237356237918db9e30119b989e71e2aeeb4d38a38","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.956537Z","times_seen":1825,"resource_available":false,"data":null}},"time_used":1660,"timings":{"blocked":1334,"dns":0,"connect":0,"send":0,"wait":324,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/api/resources/logo","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/api/resources/logo HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916735914823e00359bebc7cdeeb6967f926788ce6c13aa3b;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":1711,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6a5edd538c048904b590c72bbbc49966","sha1":"1654bac568db83910dd776c69c2f362a1552e246","sha256":"9de9d6b7d6dbdf40656baf70cc9f124c0ee191036cf388015095861d93b208ca","sha512":"b8b1cbdba670ec0d9ded304d7cf1e850fb908d3ac2a76da87036cda575e6d045bd8894c44356ec5f64cf89a5c157782a9a5804286696dd59fd3cf1898f172729","ssdeep":"","tlshash":"8431fa790b34b10bdbfaa7ec22cbbc3a4e90091c155602414f8608e4d5ca65dc41fc18","first_seen":"2026-04-13T20:08:19.353178Z","last_seen":"2026-04-14T19:44:49.926979Z","times_seen":5,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic5.fe3ccdcc.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic5.fe3ccdcc.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 4533\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-11b5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"fe3ccdcc8a2aeb0438c8d69c5351a469","sha1":"76e5587e5436927b049e3d12cc158a82b57b8b62","sha256":"852b064b54e16d1d869075043551f03f96356e96984413162347247998494338","sha512":"f0fdff9cb8ff3656cb1c8cc8e6a44bb88b5fb107857455f13129d6be327bf04a47bcce0cab1d5209c0854265a9463329d0f29813cd09be77ea81206c6b17232d","ssdeep":"96:7Q5r7Kt1He1wRse+575sNgs2Y7INWrlRWadxetqlb1hYd:7cKt1+iNsl07IYlRWgxkqe","tlshash":"26916c15f8a468c073ccb09e0afb46294e3a6558a1f0a17268aec50b49552fd4c58dcf","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.903563Z","times_seen":2334,"resource_available":false,"data":null}},"time_used":1363,"timings":{"blocked":1038,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/733063748/O1CN01wmloIm1dYdaXiWZA5_!!733063748.jpg","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/733063748/O1CN01wmloIm1dYdaXiWZA5_!!733063748.jpg HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 31611\r\ndate: Sat, 11 Apr 2026 09:31:43 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:31:25 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.010\r\ntraceid: a3b5f39517758999038366708e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: jpg2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache7.l2de4[0,0,200-0,H], ens-cache33.l2de4[1,0], ens-cache11.se3[0,0,200-0,H], ens-cache1.se3[18,0]\r\naccess-control-allow-origin: *\r\nage: 291772\r\nali-swift-global-savetime: 1775899903\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31534820\r\nback_uri: /imgextra/i4/733063748/O1CN01wmloIm1dYdaXiWZA5_!!733063748.jpg_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 18\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365066e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":31611,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"51c6c619309277c7ada010b41ecb0058","sha1":"da21ff678a574c87ff3d27b441a3cf591339c58c","sha256":"d60a30d2481f09d043ecf816d7e409bb54ffc90978e60d972e0f1596dba9b903","sha512":"261bbce6ad4faabf136e0468a81fff04f713f6c47a236ec8cda7cc790ac838a9907b75d263ef9aad3e18679efa607193cc27b42b4938fab03c75084b29ea6c51","ssdeep":"768:rkC44Ji8sTQ9+SeoRD9HrGFdcj03zSwWJzz3/ZagVH:xz5L+SeoRD9gi0jS5tvZa8","tlshash":"59e2e10314132f1ff0e366db8644cbe32d148d6d50c447b3aa877d72b9e5e867aa9270","first_seen":"2026-04-11T19:27:24.445448Z","last_seen":"2026-04-14T19:44:49.92746Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":1042,"dns":0,"connect":0,"send":0,"wait":81,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/733063748/O1CN01cTfuHB1dYdaWI8nc4_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/733063748/O1CN01cTfuHB1dYdaWI8nc4_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 73565\r\ndate: Sat, 11 Apr 2026 09:37:43 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:33:06 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.024\r\ntraceid: a3b5398617759002634281600e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache34.l2de4[0,0,200-0,H], ens-cache11.l2de4[1,0], ens-cache11.se3[0,0,200-0,H], ens-cache1.se3[18,0]\r\naccess-control-allow-origin: *\r\nage: 291412\r\nali-swift-global-savetime: 1775900263\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535180\r\nback_uri: /imgextra/i2/733063748/O1CN01cTfuHB1dYdaWI8nc4_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 18\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365071e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":73565,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"411ec90b137c2dddb7bc66b441f0f623","sha1":"eb190ca602c349d62d5dce81be3b958c86b6a461","sha256":"0dbe3ebda0b9953d760e616dae56efd46eb408a622e2afb39f8cdbabc19a92e7","sha512":"1d66b6fb35cb8a4e7d877f0400368ed969e43a294f4f1b2b3ef6d48fb6dc994deda648106a9acf74f38391743e9346df7a1dbd3003f9f59370e8ffd2d5bf29f1","ssdeep":"1536:kIrWcY5gsmb1NBtrsp1EnAs5y1+6rL0JMUZMufCxV2YIRB:kIK5HAbVspR14J3DaxV2T","tlshash":"1673024efad6624cc01b3574314bfc9bd17fe041ab2e4e18349b5a2e68d6383f526236","first_seen":"2026-04-11T19:27:24.41541Z","last_seen":"2026-04-14T19:44:49.943869Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1126,"timings":{"blocked":1039,"dns":0,"connect":0,"send":0,"wait":85,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.captcha.qq.com/TCaptcha.js","fqdn":"ssl.captcha.qq.com","domain":"qq.com","tld":"com"},"ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:30.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.captcha.qq.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"62:F5:EA:26:0F:C2:28:21:1C:74:6C:B2:E3:19:6D:7C:66:D5:E0:70","sha256":"35:62:9E:32:B6:A9:94:F6:C5:7C:C5:62:00:F1:5C:C3:F5:D4:69:07:BA:0B:E7:72:F9:6C:6C:CE:26:BA:6D:68"}}},"request":{"raw":"GET /TCaptcha.js HTTP/1.1\r\nHost: ssl.captcha.qq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 14 Apr 2026 18:34:31 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 100834\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nServer: Trpc httpd, tencent http server\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":100834,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"75c02f2babf85e1cccb5b29fd34a6366","sha1":"0857d7722946b19654ad88957b53395ddb038166","sha256":"621017b9793196f9f116f358191e84ead52da9d385ba7e84e43d2dbe265acdba","sha512":"9e60ede7c1bcf037d1e1f261c897a82000a9d1522a48dc24469220007f7701026b3ed2aa344204d5cb2475b65c7daac66c8ca658292aeac3061a7ede7302dffe","ssdeep":"3072:UkxTYeu24ozqA9/hISgSGO3excrmPQ0Ds3:FzqA9pIlnO3eyjys3","tlshash":"e4a318deb3f1762d05ab6194cc3b9d8e68374c508018f175cfb9c687b628589921bf3a","first_seen":"2026-04-13T09:36:01.244733Z","last_seen":"2026-04-14T19:44:49.91847Z","times_seen":16,"resource_available":true,"data":null}},"time_used":3227,"timings":{"blocked":1043,"dns":193,"connect":283,"send":0,"wait":285,"receive":851,"ssl":569},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/733063748/O1CN01Xbm7kB1dYdaWi3E9M_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/733063748/O1CN01Xbm7kB1dYdaWi3E9M_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 32126\r\ndate: Sat, 11 Apr 2026 09:30:18 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:30:18 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.010\r\ntraceid: a3b5329e17758998181931509e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache21.l2de4[0,0,200-0,H], ens-cache18.l2de4[1,0], ens-cache15.se3[0,0,200-0,H], ens-cache1.se3[18,0]\r\naccess-control-allow-origin: *\r\nage: 291857\r\nali-swift-global-savetime: 1775899818\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31534735\r\nback_uri: /imgextra/i3/733063748/O1CN01Xbm7kB1dYdaWi3E9M_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 18\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365067e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":32126,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"a6ad64ae8ee207f56bffc202399521ed","sha1":"756e579e24bb4a3852b25033efe60a172eaf7327","sha256":"fb96b5165c25e71ce8bc206ebb4f8d5f67a3db05178076755e88af88ccdf1eae","sha512":"4c53e2665de16ccf107ff0a69888c5165f8a7acee1b0a8324c2f966f2d06ef765691cbc11309a603f79a1ef4d137a182de2e7671de7f03c8af311597fef4a9b4","ssdeep":"768:65fT6AU69TRSLAzz+qD4VNoMrYOMVzG7yRbFUALP+D:65fT6Af4LSz+qD47okS4y3VLS","tlshash":"cfe2e1f8cde71704ca7fc1a210d6574c27841f2714ab7687ac877d9c6d5c908981de6a","first_seen":"2026-04-11T19:27:24.412761Z","last_seen":"2026-04-14T19:44:49.910757Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":1042,"dns":0,"connect":0,"send":0,"wait":81,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_MTQP.a19b7e2f.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_MTQP.a19b7e2f.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1586\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-632\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"a19b7e2f37d6cbc9195c622e1fa7babc","sha1":"58b92b0ac53dd255b6d102cc16b6bcc628305c0f","sha256":"012d020855cf0b6f731ae1d9b41c2a250dfa87454b362044afcb1e216683f1ec","sha512":"99dc08bb010e3aefd41ab2147bb07f02e530c9d02daf6b82a57c1213c6e200b43240b39a6ad50c011527186c56269c8016feeff894fb84397904e1be72bf589b","ssdeep":"","tlshash":"c231e7f5504158ce646b5d350cd04358f1a74a7e272a34415ab763a5426613d1bc6b36","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.941585Z","times_seen":1258,"resource_available":false,"data":null}},"time_used":2019,"timings":{"blocked":1704,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cstaticdun.126.net/load.min.js?t=202007291602","fqdn":"cstaticdun.126.net","domain":"126.net","tld":"net"},"ip":{"addr":"47.246.50.191","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:30.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.126.net","organization":"NetEase (Hangzhou) Network Co., Ltd"},"issuer":{"commonName":"GeoTrust G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 24 Nov 2025 00:00:00 GMT","end":"Wed, 23 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:DA:FF:25:CA:C1:B3:2A:07:EC:89:18:8B:11:75:86:A2:1C:76:1B","sha256":"90:30:8B:08:91:13:6D:6B:5C:CF:09:D3:67:EB:12:8E:34:F1:0D:37:08:1E:95:E3:D2:CE:B7:41:B4:A1:DA:E1"}}},"request":{"raw":"GET /load.min.js?t=202007291602 HTTP/1.1\r\nHost: cstaticdun.126.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: application/javascript\r\nContent-Length: 14470\r\nConnection: keep-alive\r\nDate: Tue, 14 Apr 2026 10:51:34 GMT\r\nTiming-Allow-Origin: *\r\nCache-Control: max-age=43200\r\nExpires: Wed, 08 Apr 2026 10:56:34 GMT\r\nVia: ens-cache22.l2nu20-20[0,0,304-0,H], ens-cache12.l2nu20-20[1,0], ens-cache6.l2hk11[0,0,304-0,H], ens-cache46.l2hk11[1,0], ens-cache24.l2de4[195,195,304-0,H], ens-cache33.l2de4[196,0], ens-cache6.fr4[0,0,200-0,H], ens-cache7.fr4[1,0]\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 08 Apr 2026 06:07:50 GMT\r\nContent-Encoding: gzip\r\nAge: 27778\r\nAli-Swift-Global-Savetime: 1776163894\r\nX-Cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nX-Swift-SaveTime: Tue, 14 Apr 2026 10:51:35 GMT\r\nX-Swift-CacheTime: 43199\r\ncdn-user-ip: 91.90.42.154\r\nAccess-Control-Expose-Headers: *\r\nAccess-Control-Allow-Methods: GET,POST,OPTIONS,HEAD\r\nAccess-Control-Allow-Origin: *\r\ncdn-source: ali\r\nAccess-Control-Allow-Headers: *\r\ncdn-ip: 47.246.50.191\r\nEagleId: 2ff6329b17761916724556453e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":36116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32007)","md5":"1b84cb0a31b495c2f8e736f1e74a4cf8","sha1":"61e467e1e97108ee6abf81004f141e4347a36e85","sha256":"740ab6d450334fbd8d02a43abd926e6861406889956d4852eb5452bf237e844e","sha512":"5eede42cca78ef3ffcd6c2eb99e6c520cd7a6250cb2067316ee3454243aaafe14adbbab9cc31a809e4ef9cc68e2986d6fa99e09ad58deaf3248859ffe216997f","ssdeep":"768:9KHK1+h00zI0RAcKsErsQsLiz0I+/QtzfS5+8hfgVCMiE:9CyrsQa6tjS5D5gEE","tlshash":"5ef2d68cb690f4bb4ba76070813f920be13b5614b499c0e4b155e4e4adbd8ce5627f3c","first_seen":"2026-04-08T12:46:49.918052Z","last_seen":"2026-04-14T19:44:49.930745Z","times_seen":190,"resource_available":true,"data":null}},"time_used":3785,"timings":{"blocked":1874,"dns":1705,"connect":26,"send":0,"wait":28,"receive":2,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i3/733063748/O1CN01TBSkjL1dYdaWLahg2_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i3/733063748/O1CN01TBSkjL1dYdaWLahg2_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 56306\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 08:35:22 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.037\r\ntraceid: a3b5f39717759006436594280e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache9.l2de4[0,0,200-0,H], ens-cache20.l2de4[1,0], ens-cache9.se3[0,0,200-0,H], ens-cache1.se3[37,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i3/733063748/O1CN01TBSkjL1dYdaWLahg2_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 37\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145049e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":56306,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"90d5d6bb4383ae5bd8fb13cbb6875641","sha1":"7b1dd69f8d4dd0a2b702aefce88ae3affb86a091","sha256":"043185da260c41390c591aceb29b7341eb629733c294ae2bd9c05f04212de611","sha512":"46462b8539e7b63f9edb7ae29511a775d2f8f8a1d91f97831d5fe09726bcb4d9c9a78f3092a53ba2ff35e3cfb5b5199f6e1d6c0631b5b40556a43bc03fd8f7a2","ssdeep":"1536:2v+D0qN5PhHGZA62pMJSHW4jjKsg1Mbbog:a+D0u5JHS2iJCWiKsg1M/og","tlshash":"db4302b82e157f8dd05d99b0ed59f3a3c425a4c5ed5a203e8608be14357d3ef42c2c68","first_seen":"2026-04-11T19:27:24.288443Z","last_seen":"2026-04-14T19:44:49.915996Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1156,"timings":{"blocked":1091,"dns":0,"connect":0,"send":0,"wait":63,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic11.c5b273d5.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic11.c5b273d5.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 18531\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-4863\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18531,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 190 x 206, 8-bit colormap, non-interlaced","md5":"c5b273d55790e3c07b1b4dbd16053d32","sha1":"72a7dfc6e216b601f912940648ef4ccd196d18e0","sha256":"e27d5667c7af476e8e4c749be19d6617c843f03e556fe7ed9213adbfe2aee7a0","sha512":"969762781d04e66f0261f9323c5707a977952c962c8631b925f9006d2ad516b96ecf73723594e4e6d05083843a3185f9beb18fcb0c08c4697527ef79c9cf697a","ssdeep":"384:YsLjJNF5RrWob+Y+XLPiwLKWzaoj7He+xJn2xBY:VLjzlnaYELKwu+ao/+y2xS","tlshash":"1e82d14723c0db32eafc4f7842a795daa006cc991421dd8561dbf6b94fe1f6403f8a00","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.933496Z","times_seen":2150,"resource_available":false,"data":null}},"time_used":2085,"timings":{"blocked":1773,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/pic1.d07f9514.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/pic1.d07f9514.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 5135\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-140f\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"d07f9514294e1339263d5b61d138556f","sha1":"1838fff017f14515f016de0ca1913de3c5d5b844","sha256":"964c71605a10467fdd4d7817fa6b6fdc34a1b916034329c41a0a2950f03be86b","sha512":"7f3f7e380a7c5091aa401eb06e92e29a716743d31ab85b6f4e20008bcceb946c6dd2469149d9b5ea973ea7602f36eafbd18cbc4e45da0942407f7c2ec46148e8","ssdeep":"96:WQSr3xcIRu4e61X2Bhi2TTRFWrqJk40dsTe0OxtAKJTv:WxxrQ4b8risRF+U10dsT/sWK5","tlshash":"7bb18d92ba29d9c8b9ece0417ca5cc338e9308644cf1a4d2d5478213de093f9224fef6","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.931796Z","times_seen":1871,"resource_available":false,"data":null}},"time_used":1733,"timings":{"blocked":1408,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i4/733063748/O1CN01hWAdum1dYdaVxX5yG_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i4/733063748/O1CN01hWAdum1dYdaVxX5yG_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 119368\r\ndate: Fri, 10 Apr 2026 15:00:08 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L3-HIT\r\nrequest-time: 0.001\r\ntraceid: a3b5f3a117758332081235803e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache8.l2de4[0,0,200-0,H], ens-cache10.l2de4[1,0], ens-cache9.se3[0,0,200-0,H], ens-cache1.se3[37,0]\r\naccess-control-allow-origin: *\r\nage: 358467\r\nali-swift-global-savetime: 1775833208\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:21:14 GMT\r\nx-swift-cachetime: 31469934\r\nback_uri: /imgextra/i4/733063748/O1CN01hWAdum1dYdaVxX5yG_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 37\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145058e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":119368,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"e50e830ae071487973aef84ed14f1df2","sha1":"0a580507379fe1226bbb8ae312be4adc355f0a13","sha256":"7f092328bd412672e1c10b5b0075ad0b673c8d23b0be1ceb4290260bc84f5c1c","sha512":"247c85dc35723ed76b8d0ee784ca4a61982e4404f9dcb75dc9d72054c42d46a7976dbe3b816e6b71d47f5258b438aada9fc07764916c66994d4b96ec43985863","ssdeep":"3072:IdNGY6/2cJCE/Gjo9Fzqca/ilAl8/BnTb1d2HD:K6/2cJXGjoDz3KloTRdI","tlshash":"35c31228ff673aa1c04cd55727de7546ce2e317baf5c4e7296f83682b63d80846021c9","first_seen":"2026-04-11T19:27:24.402861Z","last_seen":"2026-04-14T19:44:49.951101Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1161,"timings":{"blocked":1087,"dns":0,"connect":0,"send":0,"wait":71,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/GAMEIMAGE/5/KYQP/1551623732822.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /GAMEIMAGE/5/KYQP/1551623732822.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 119016\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BCB3CB643532620306\r\nAccept-Ranges: bytes\r\nETag: \"E4E5982E02810943EEFEECD0EC74F936\"\r\nLast-Modified: Tue, 25 Feb 2020 08:43:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8834803588695933227\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: 5OWYLgKBCUPu/uzQ7HT5Ng==\r\nx-oss-server-time: 6\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":119016,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 260, 8-bit/color RGBA, non-interlaced","md5":"e4e5982e02810943eefeecd0ec74f936","sha1":"d2b75a31b8ddd05eac1f388d77ab048f415e4d96","sha256":"882599af8d325e1b9a9eb216ab44c774c74b1221fa4f9a4cd7cc22074a4e445c","sha512":"d3841d6b86ff200b251cc0e95d9d294a74087cfaed3ba82be135dd09203126669bc86c00d8d2b8f8071281defcece9027b0ab33a5c43e25fdb89f8d911b9e6ab","ssdeep":"3072:JvGMl0Drh3V2SWqHucG5xNhIpSEFp7idMo:JvBc13V2SWLcwxNhIpSEFZiP","tlshash":"47c3123097bdb91dd57415a76b3441c0ea33b2ba108b9fa8db86c69910ce3d0351badf","first_seen":"2023-05-24T18:46:28Z","last_seen":"2026-04-14T19:44:49.957571Z","times_seen":97,"resource_available":false,"data":null}},"time_used":2931,"timings":{"blocked":-1,"dns":38,"connect":285,"send":0,"wait":567,"receive":554,"ssl":1482},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/gameBg4.a4ad7c62.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/gameBg4.a4ad7c62.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 88994\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-15ba2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 590 x 200, 8-bit/color RGBA, non-interlaced","md5":"a4ad7c6254c3c6a5e70d8b3fd193b70b","sha1":"7ecc0a5bf1b22a92042d01ed3bcd3b48ea90854f","sha256":"fe4958989ad9625c4ea89ded31d56d9ae2f1aaf143096a2d92b6d951fb8df0ef","sha512":"c8fb871fd678f355eef6fea7077938864d83bad6e9259fac72e9aca1b842a39ef9c92ec2dde61e648951ff5129674db2ea1fd2461031d3523e4945586ae7235e","ssdeep":"1536:P1N1v3/g5QI3hBs7t1djtiE/1uVhOU846/BajqdHTxTlJXF8BRfcfD:pv3o5QIy1djsC1u2UAHtfrocL","tlshash":"909302dc9813669510df86b42ed3a4329f19c6202dc816d2a81fa981de91dfbc10fdfe","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.948375Z","times_seen":2327,"resource_available":false,"data":null}},"time_used":1720,"timings":{"blocked":1088,"dns":0,"connect":0,"send":0,"wait":315,"receive":317,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/bb/api/getBaboConfig?t=1776191673375","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/bb/api/getBaboConfig?t=1776191673375 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916742536905e0035a8f04aae31013eb6c1aa25a74c6c45f2;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":965,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ab78715203d8d1308d9e5bca7b1b3f43","sha1":"c74a346c1eb1204a5f0cd7adf9754dc5ac234a12","sha256":"6f6ae2d61ba46f43559233f29ecd741396225c187f34f037e9505b6942e737b3","sha512":"7b017967495bd39f443ea87cfe63b9fffaef5f3452b93752cb136d8bb38469c55d766c307db5e5b476ff04ed1e43d406388dbe3a1b91161e65b945182b0c0176","ssdeep":"","tlshash":"d511e19317ed89212f4d63ea3b5de55cca83566f8ec9f184e4586a0c30366e4178d168","first_seen":"2026-04-14T18:35:05.727898Z","last_seen":"2026-04-14T18:35:05.727898Z","times_seen":1,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":598,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/H5_text.709a4d7d.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/H5_text.709a4d7d.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735932173e003592a03631153dcd538118162a219eb153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 1048\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-418\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1048,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 21 x 87, 8-bit/color RGBA, non-interlaced","md5":"709a4d7ddc086cc9324fbf4664f62893","sha1":"c5e0293599d458eb5437372c044782b17d3096bd","sha256":"9e9c519cc5c4c27099601fa756e0cc4c9800505974dd15be8b7ef2d0390037a4","sha512":"b96855ba324a7e472f332b9df750be179554b0be6476a911a4a084b602319d6e659a5ac41d484cb9c50dfe5fa0a3e0d936679e47484f8e5bf6055795c72ceec3","ssdeep":"","tlshash":"2811b5f65be247ffca6632b500b987243ab88851ce639f5900566278800602a19d2a0d","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.948824Z","times_seen":1356,"resource_available":false,"data":null}},"time_used":2070,"timings":{"blocked":1742,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/733063748/O1CN01v2Z39n1dYdaWhaYzV_!!733063748.jpg","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/733063748/O1CN01v2Z39n1dYdaWhaYzV_!!733063748.jpg HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 46948\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 08:35:30 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.048\r\ntraceid: a3b5f39717759006436064201e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: jpg2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache7.l2de4[0,0,200-0,H], ens-cache10.l2de4[1,0], ens-cache17.se3[0,0,200-0,H], ens-cache1.se3[15,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i2/733063748/O1CN01v2Z39n1dYdaWhaYzV_!!733063748.jpg_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 15\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752365079e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":46948,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"c5b198191dd0a95bef17e6799908b295","sha1":"3bca9ecf820dd1b30cb4956deb2dfda6531571e3","sha256":"954d6d26d883d8bd6295f7eb3e014be9fbaacbb051bb110429920ef40e902f3f","sha512":"5c1e5cbfa1e6fabcd50fefea27ff783d4ba8cfa55ea2b82e0ea538b61c0294848a22e574a8ac4107e33456ac52b6814aa0750a3349b1d919e5fd8812f068560b","ssdeep":"768:/ErOiXu+0/a5aJrdooWiPsXX+T6lY1Y3aUukQqa+Ay6aeTbHjPe:EOiG5rDWiPsH0/1ghxAySPe","tlshash":"1823023a31c1611ac50ad07f4d065903fa23fe0d731ea6ff6a93ead2464a564fd0a9d8","first_seen":"2026-04-11T19:27:24.28612Z","last_seen":"2026-04-14T19:44:49.934599Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1252,"timings":{"blocked":1105,"dns":0,"connect":11,"send":0,"wait":59,"receive":1,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/733063748/O1CN01YGi8dj1dYdaWSksHw_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/733063748/O1CN01YGi8dj1dYdaWSksHw_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 59865\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 08:35:46 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.037\r\ntraceid: a3b5f39717759006436694300e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache31.l2de4[0,0,200-0,H], ens-cache6.l2de4[1,0], ens-cache1.se3[0,0,200-0,H], ens-cache1.se3[22,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i2/733063748/O1CN01YGi8dj1dYdaWSksHw_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 22\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145050e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":59865,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"0db759548e4df712b32b6e862f2c0471","sha1":"fcd03bf82e0443967eeee64041dabf6aece615a4","sha256":"0d3b13128251a55e3ab2cd5cd432707b6d69f6313364c65d557be2c60b6a09bf","sha512":"5e320b1b53e829404294faca72bf1a9a3aa6dd41a9d0cea9a13ef62a87b494725ba24e687601f97ccf4cbf3ba13354563f96aaef4d9df01d7d6d0eb6503e579a","ssdeep":"1536:Vi68qKAvyDqYsxgvi81KcdMOyBYKaNxeXgKcMaG1bDOA:/8xqnx2igKCMOyBYKaNxdKcMxDOA","tlshash":"9a4302682eb51108f9b34dcd8eb1f5c84d34b48ad0b559f0e86067eaf353e7acd18644","first_seen":"2026-04-11T19:27:24.345956Z","last_seen":"2026-04-14T19:44:49.935661Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1139,"timings":{"blocked":1090,"dns":0,"connect":0,"send":0,"wait":45,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/api/resources/topLogo","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/api/resources/topLogo HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916739028199e0039ed0cd85dead14a92c47db693b8ea3aa9;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1475,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d3027f41a8be0027016b450860523bda","sha1":"ea7de98a9b18bdfa451586d0b0259feaf4442fb5","sha256":"34deb041c6427964f4b3330a07d143304e75c9f370fd620e67d339468c4452b1","sha512":"db266eb61d11e2b08c45efc179362f5dca6b505efe24579e3812d6c5af28e3d300a26db2310e1900a54e11d42e9316361ff247d1aa2578174f675b9f861de560","ssdeep":"","tlshash":"d031ec390735b10acafe93d8218778378ed01919155612814e860de4e5ca15ed44f458","first_seen":"2026-04-13T20:08:19.32305Z","last_seen":"2026-04-14T19:44:49.947834Z","times_seen":4,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":289,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/gamingPlatfrom/findGamingPlatfromListSort","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/gamingPlatfrom/findGamingPlatfromListSort HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916744995011e0035baa9a6eab2aec727432d0cb8530ab7b6;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":389002,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (64092), with no line terminators","md5":"cedeab1efc7708c6afd96b253732bb1a","sha1":"26dfe2761fcd60076a667dea67c458071d08450a","sha256":"af47a5025730656d0692cd2baf4202e191ea9301ba7477c148c9ec9a58dc785b","sha512":"bec11354a72011a2d9e0002fe6618755fbbdf179665f35b2d34c60f1d2539bef37f686ecd0d00edc318f44dab643083ba9a469d6f21705822e03cf56e5cb2d1b","ssdeep":"1536:wxuNZ4jCThw3jpKImjHhVkmpauSl9G8KWKVaHtRnoeqD1lRjb9O3:mO2jCThw3jPmjHhVeOVaHvn4RFO3","tlshash":"ab84569302de8e08232f06e918dafdc9d9ef4a5f98e5bcbdd4158f60a4f47b1025435a","first_seen":"2026-04-14T18:35:05.731603Z","last_seen":"2026-04-14T19:44:49.935099Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1293,"timings":{"blocked":837,"dns":0,"connect":0,"send":0,"wait":455,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/kefuconfig/findProblemList","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/kefuconfig/findProblemList HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:34 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916746326993e003594980633f8f664d48dcac295e88543ba;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"468a813c1eb17b5cbca9f4a2b2792d26","sha1":"c9bfa4fcc765c15bdb797332d8ba293cb1525b7a","sha256":"7abfae2731deaf90f72544f285dc87241cf2544556afe402185490f8d2a65c94","sha512":"6e564d413f2700902150ee0274680714d9c2d8d035dba3b20f49397b42b695d47447ddfab70114e2831d0973486aba34091d2d2d03678da9804d90e11d5aa36b","ssdeep":"","tlshash":"11800450341554130c44444c4404c7511d3055540d1513f441cdd1117144dd0d407410","first_seen":"2023-04-08T20:40:15Z","last_seen":"2026-04-14T19:44:49.906142Z","times_seen":1207,"resource_available":false,"data":null}},"time_used":1314,"timings":{"blocked":953,"dns":0,"connect":0,"send":0,"wait":360,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i2/733063748/O1CN01TeOyMf1dYdaWPQVfF_!!733063748.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"155.102.215.179","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /imgextra/i2/733063748/O1CN01TeOyMf1dYdaWPQVfF_!!733063748.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 50824\r\ndate: Sat, 11 Apr 2026 09:44:03 GMT\r\nlast-modified: Sat, 11 Apr 2026 09:40:24 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.010\r\ntraceid: a3b5f39717759006436594275e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache36.l2de4[0,0,200-0,H], ens-cache12.l2de4[1,0], ens-cache9.se3[0,0,200-0,H], ens-cache1.se3[22,0]\r\naccess-control-allow-origin: *\r\nage: 291032\r\nali-swift-global-savetime: 1775900643\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 11 Apr 2026 09:51:23 GMT\r\nx-swift-cachetime: 31535560\r\nback_uri: /imgextra/i2/733063748/O1CN01TeOyMf1dYdaWPQVfF_!!733063748.png_q90.jpg_.avif\r\nvary: Accept\r\ns-rt: 22\r\ntiming-allow-origin: *\r\neagleid: 9b66d79517761916752145048e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":50824,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"3e89368fa81444bc5d52e6af65267267","sha1":"8edcc93985b89b29dc149169c9c4299d21f618ed","sha256":"4a4f231b2016f4973dcc17be9eac482055eafb53e9f4dd4f33840d8e3c6c4186","sha512":"6b2d062666e8a2b25854a6a047632cda8820453bd620fa1c3281688b36713849d5aadcce6b7d8a77f50f3d5945f3848d207ef7b1120e0467683b6ade0adab6db","ssdeep":"1536:bMiABtESEs04H0MPlRVVBwCJDw8LBEM5l:bv4hEs0aZPlRDiCH7","tlshash":"6c33023e80edb519c7c9463ee277444357453a191a9b2e19f4ec31aceed822d1cdd84b","first_seen":"2026-04-11T19:27:24.304471Z","last_seen":"2026-04-14T19:44:49.950489Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1134,"timings":{"blocked":1093,"dns":0,"connect":0,"send":0,"wait":36,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/bty15/20241029/GAMEIMAGE/2/KYTY/1730197682094.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /bty15/20241029/GAMEIMAGE/2/KYTY/1730197682094.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 70994\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BD0FA57939368D41F2\r\nAccept-Ranges: bytes\r\nETag: \"B3E8EF5E772576D455A648AD75985437\"\r\nLast-Modified: Tue, 29 Oct 2024 10:28:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10979026205736090418\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: s+jvXncldtRVpkitdZhUNw==\r\nx-oss-server-time: 3\r\nExpires: Tue, 21 Apr 2026 18:34:37 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":70994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 211 x 265, 8-bit/color RGBA, non-interlaced","md5":"b3e8ef5e772576d455a648ad75985437","sha1":"60a27e865edcb045e37d0d2e5da897b462d03045","sha256":"d879c6c66670048b54c718d648496e5aa687a044538a57e4daebde0380d79d8e","sha512":"d0eabe0609048781aed723c5f69d3b5a1380c6e469b56d87eb3f4159d3c033a03927ca2b65cda8b93c0897ec839ae85918444c63a5bf8cd151fb37af44369616","ssdeep":"1536:5jbEf01XGttD8fRFNjWOfzyQoxNsx0RodXTgL927u:xY8hGttofHNjWObytCx0yXTgxau","tlshash":"926302b9ca03c1e6a8a50ef598b15d28555d060771bb33b8c096a4a4f3c7ec5198ff89","first_seen":"2025-11-29T10:28:39.145262Z","last_seen":"2026-04-14T19:44:49.932944Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2969,"timings":{"blocked":2382,"dns":0,"connect":0,"send":0,"wait":298,"receive":289,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/liveBg.5cd302c2.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/liveBg.5cd302c2.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:37 GMT\r\nContent-Type: image/png\r\nContent-Length: 14800\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-39d0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 306 x 162, 8-bit colormap, non-interlaced","md5":"5cd302c2fbabd593652e0b996753cf05","sha1":"fefb9a833f04fcd4f955e3d4590f08c5e6aaa523","sha256":"7f6a833091ab61da14a6f879d99ac3a01f054ef4a21e8ad911dddbb1d405b4ea","sha512":"982634139eb091a866312e58df9b47937fcf25254603753401c5e19d807ae8335bd4e8c07da369c3c3c93d601c068bce2a96402a03f1b571e7db8bdbb4194843","ssdeep":"384:iatndd7bCz+Td/e2y9AevLwDLY6uHf5xhkbX3w6c8T:iatnf7EIU2ujwkHhxubwPg","tlshash":"5062c18e94ae496623e7d23382c8ac1515d88445e12993fd1dd2e24294b37d0c72faf9","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.926035Z","times_seen":1790,"resource_available":false,"data":null}},"time_used":2639,"timings":{"blocked":2310,"dns":0,"connect":0,"send":0,"wait":328,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/index_13.5ffa0e25.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:35.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/index_13.5ffa0e25.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 3646\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-e3e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3646,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 126 x 34, 8-bit/color RGB, non-interlaced","md5":"5ffa0e25cb239bf89ba9b6e0f38badb7","sha1":"724b7547bea92017f24ef40ec937f0ce4882e739","sha256":"452336e2269f845b7da15295580ff0dd996cff151bbcda80730f58851e4168b3","sha512":"7ec7c3f94ce70c509b4101d8ade58bba5f020d313dafae921079a008d569f9b6d680f506bbb2c2ea7cbe185ee0db6269c6d720aa3862de7ce44a0c67e1bb3c9f","ssdeep":"","tlshash":"55713c447e14b9e09cc8d53002f2feab6a752281cad46298bedcd820bb71bec54495e7","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.911337Z","times_seen":615,"resource_available":false,"data":null}},"time_used":2989,"timings":{"blocked":2674,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/black_arrows.c62eabd7.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/black_arrows.c62eabd7.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/static/css/main.e92456e7.css\r\nCookie: acw_tc=ac11000117761916739548206e00396a64289b0b3331d9c5fef2a7a76ffdcd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 341\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-155\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced","md5":"c62eabd7e31f0be5d63713bae6b18c84","sha1":"d38ff788eae867ef12ce5121457ed29595d44710","sha256":"de5f2caef8739bec0d19033ec292872dcdd4156b10cfd1172d93f7e8e0af8e0d","sha512":"20723732f688274f389e00e5b2363eba9eb7a188453688ddc3fd4393847545ecc80bd7fba7f1a2ff88cf4846febf387a5f2eadae63f524664a7ac53e3e4ed9bb","ssdeep":"","tlshash":"22e0c0dd24156a9e9128163b53da40b4cd15157d20c91a995158f233573128895d4138","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.957103Z","times_seen":1363,"resource_available":false,"data":null}},"time_used":1987,"timings":{"blocked":1659,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_JDB_DZ_LHJ.e9abc7b6.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_JDB_DZ_LHJ.e9abc7b6.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1115\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-45b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"e9abc7b67fddb2880031bf73645d192f","sha1":"34621c96f88e7f5d5b53ba22bc44333adf1774cf","sha256":"fa7a1bc8f100ae2d85a779f6b063c2d43306250d4306cf70e20c632755fc3d3e","sha512":"4b8ee5ae51d4e30517b5dd6a69d06cddd4363a602d95592c59fdc075b7e75f79398efb4b6eb1d2ae59ca6baba3a58c5155f1a58aca9dc6fb1eba4575d60e9696","ssdeep":"","tlshash":"2721f991c7fc030caeeb45d4ca6485f7a89c52d952f591c420f9e50fedb020af2a1003","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.924231Z","times_seen":2873,"resource_available":false,"data":null}},"time_used":1530,"timings":{"blocked":1205,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/index_130.e5b41a4b.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/index_130.e5b41a4b.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 85661\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-14e9d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85661,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 992 x 87, 8-bit/color RGBA, non-interlaced","md5":"e5b41a4b88c1734230b1f32d2996a119","sha1":"a4b7fcca53727c9aacc2f8c18f8ff7c9ede497ee","sha256":"f926f05fdcecfb7ad4aeaf554aa5dac3aeba45594b9553de9fe2c30ff46a1bc3","sha512":"0374b6683ac7d663862a5bc3c2e45ba75604c7d60dee055d3f04ad504166b1b99cef5151a9247743e47f6b082579ddbe460c3ed01ced8b813a218efac0210c0c","ssdeep":"1536:vN33D8NBXq1HxH+K1gZIqxaMGb4zwwdSBeRgl52dMuOBQnkjdwAXw8Rnn2Yz1zmP:1INdOReK1gxa/b4zwwdjgidMbR/Rnn2X","tlshash":"748312a5c804e9eba7c3c7a0f6733108c86c064b78674f5b197de2dcba47186b3118e4","first_seen":"2025-05-22T13:28:36.927654Z","last_seen":"2026-04-14T18:35:05.735611Z","times_seen":803,"resource_available":false,"data":null}},"time_used":936,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":313,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/member/adminnotice/findByAdminNoticeList?noticeType=1","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /member/adminnotice/findByAdminNoticeList?noticeType=1 HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=ac11000117761916739447581e0032ecf7844973d17e2a94113cf95c890e6c;path=/;HttpOnly;Max-Age=1800\r\nVary: Accept-Encoding\r\nX-Application-Context: application:redisson-cluster:8888\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]}],"data":{"size":471,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c83613a8cb34b59d5427fd5e4f2c92c2","sha1":"345d641f433e68bfbcf643acf55a216bdd7812af","sha256":"1a6aa8e89dd074f6e65ab7c73283547a21d8623d1786ad4f328c3fb87b088f23","sha512":"fa9b1c5c16aff6018cf4596bc9a08d6d644f3d5d23f45edea4c858b619a8f5a6c25d708ec8b8eeb57c7514d3a93586de7a7971a8f27bd719457867949d6fc9de","ssdeep":"","tlshash":"22f09ed0052e4bcd09000d405d65c7553faca9a14c951b9ad5cba5b163d4840918aca7","first_seen":"2026-04-02T04:01:39.331473Z","last_seen":"2026-04-14T19:44:49.955505Z","times_seen":4,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":296,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ai-bmp.segplfnmys09img.com:9663/test/20191106/GAMEIMAGE/5/SGWIN/1573019186062.png","fqdn":"ai-bmp.segplfnmys09img.com","domain":"segplfnmys09img.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ai-bmp.segplfnmys09img.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:44:24 GMT","end":"Sun, 04 Apr 2027 09:44:23 GMT"},"fingerprint":{"sha1":"24:B3:21:BD:4D:51:A1:BB:04:2C:B5:B2:45:47:5F:A8:4B:22:EE:47","sha256":"16:22:33:51:CE:42:C2:D3:96:57:B9:7A:E2:DB:53:81:B5:5A:6C:90:C2:10:36:66:9E:DB:6D:07:6E:0F:E7:25"}}},"request":{"raw":"GET /test/20191106/GAMEIMAGE/5/SGWIN/1573019186062.png HTTP/1.1\r\nHost: ai-bmp.segplfnmys09img.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 17527\r\nConnection: keep-alive\r\nx-oss-request-id: 69DE88BC10DFFD31337BBC41\r\nAccept-Ranges: bytes\r\nETag: \"E25D2501A90471424E2E24DE8945AA76\"\r\nLast-Modified: Tue, 25 Feb 2020 09:12:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10322060015677917426\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: 4l0lAakEcUJOLiTeiUWqdg==\r\nx-oss-server-time: 3\r\nExpires: Tue, 21 Apr 2026 18:34:36 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 220, 8-bit colormap, non-interlaced","md5":"e25d2501a90471424e2e24de8945aa76","sha1":"fcb245e839866e0a5a655715b5c84713862b656a","sha256":"a1c8ebb633451509435df3bd268911510a225481f120f37825be54c51bc9975d","sha512":"d3fcc8bbda145886e2ec3201e424cebf20fd1858bf84c5fba90df8fe2307d7c112eddd11b5c67bc3caf4fa5b9b0d313fc59b0bf24c7267122fe552034b12e7cb","ssdeep":"384:3/vBn8OhiUZhCH5051W6BnU/3+mawNlzspZ8Z3Gz3BSdzsRD:33B8OcUZW5B6BnU/3+lB3mGUzM","tlshash":"5972c15fbf1896e1a47830f095e5e210f93eea1c3986781620e352f238c964fe065f65","first_seen":"2025-11-29T10:28:39.121541Z","last_seen":"2026-04-14T19:44:49.924704Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2399,"timings":{"blocked":-1,"dns":37,"connect":296,"send":0,"wait":581,"receive":1,"ssl":1481},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/LG_VG.7e39f921.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/LG_VG.7e39f921.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 1514\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-5ea\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"7e39f92168d2f7863629b6120f794ceb","sha1":"de5b1286b8e9317834e927a0ddd22f39802c3f50","sha256":"fb4c59e66a2960c5d3dd9f14787cae93fd1b692da4ffb9dab472c035a131d188","sha512":"89e1ae156a55caeaf1fda26531053c30ee79f4cc78218f3c09c129ce2d79286f6f4e64b10db8b9781727bd406785ca3008617397b86419e0f413e98a1c9626f3","ssdeep":"","tlshash":"cb311cd4f12f1133ec4cb2c9bd1c9155c7b59647c8369d77bd68901005f119b648c2b3","first_seen":"2023-05-06T10:37:05Z","last_seen":"2026-04-14T19:44:49.913172Z","times_seen":2328,"resource_available":false,"data":null}},"time_used":2120,"timings":{"blocked":1797,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/foot_logo.ffaeeb3d.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/foot_logo.ffaeeb3d.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 5801\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-16a9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 204 x 43, 8-bit/color RGBA, non-interlaced","md5":"ffaeeb3d9f802614c7c5fe703af76334","sha1":"09de5b6586dca4ede7fe10d887b0768ae5f7d30f","sha256":"eef71eef1f576f0ccabb5465a729bda2770579e03646f0ec76c48a81ce67dcb9","sha512":"1655ccd74ec82b1b5ee2dad878e3323efc13aba4bab953f44dd2c4b11c610c261a5898d0662e63f45da11a66a9dc7bb40a1c87ea287f9cd42380dec1de68636d","ssdeep":"96:If7gwOg8mYcy0KiF8G8MW6A5Anp7aQ/dVvMiF5tuAHs0cyQ6TASC:C774Di6zMW6//dVvMiF5NMn6Tm","tlshash":"3ec19e6bbc179d7ab28903c96c93d226ad295945c4e0dee1e96ef88b4c110dc603d7d1","first_seen":"2023-09-02T03:46:07Z","last_seen":"2026-04-14T19:44:49.92651Z","times_seen":56,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/index_124.5df98b0d.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:33.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/index_124.5df98b0d.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916735914823e00359bebc7cdeeb6967f926788ce6c13aa3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:35 GMT\r\nContent-Type: image/png\r\nContent-Length: 37457\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-9251\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 100, 8-bit/color RGBA, non-interlaced","md5":"5df98b0d240d265dfca61441de6f8671","sha1":"ae62dcbb5a41bf3a23f9ba5bc96a55259220311b","sha256":"247dad65d1c071c7be01d9a6c7ff30305fa7a8e0c1752472f07a4327db2a35a0","sha512":"426efdd810c94f707376539bfa05c52ecc31e35d36ad8442d4414045e2b5415cc4cf35130842562f52fbd52707d00382ea04a582f60253eaf93b193637c550c8","ssdeep":"768:MtEVyxKMz+/B9FGMpKKFBozw8gQ0zXTJ3A0PdKvIvizbPg/jcU:MCVpMz+Z95K2BozxgQOTJ4zbwj/","tlshash":"fbf2e1e7aeac0d08854c31089cdb91da8186fdc4d023e66fb812c9e775e6d7763426ce","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-14T19:44:49.953997Z","times_seen":1828,"resource_available":false,"data":null}},"time_used":2012,"timings":{"blocked":1358,"dns":0,"connect":0,"send":0,"wait":653,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"363999.cc/static/media/game5.ee55a2b1.png","fqdn":"363999.cc","domain":"363999.cc","tld":"cc"},"ip":{"addr":"43.198.95.142","port":443,"asn":16509,"as":"AMAZON-02","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://363999.cc/index.html","date":"2026-04-14T18:34:34.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"993777.com","organization":""},"issuer":{"commonName":"SSL.com RSA SSL subCA","organization":"SSL Corporation"},"validity":{"start":"Wed, 21 Jan 2026 03:49:41 GMT","end":"Sun, 21 Feb 2027 03:49:41 GMT"},"fingerprint":{"sha1":"8F:DB:F7:7A:47:75:BE:2D:2A:F2:92:C3:DF:BE:CF:48:FA:96:DB:C2","sha256":"21:EA:11:DE:9E:7B:E3:12:37:80:4C:DE:B3:C5:19:DF:D5:76:D2:28:11:88:66:4E:87:77:FF:BB:EB:39:36:C8"}}},"request":{"raw":"GET /static/media/game5.ee55a2b1.png HTTP/1.1\r\nHost: 363999.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://363999.cc/index.html\r\nCookie: acw_tc=ac11000117761916746808324e003d5ded8004fad9819d7b55cf19e3c2d725; baboConfig={%22appId%22:%2260e1482c-2b92-47f8-a82a-e66658ff04dc%22%2C%22appKey%22:%22ZABIADYAXwBFACsARgBbAGYAOwAsAE0AMwAjADUAQABaAE8AIwAmAHYAbwBaAEoA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.H8WcR.com/lbjC23V/vuMM%22%2C%22dhVideoList%22:%22https://api.bmrmQP.com/1RnV/UhvUa%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://I8SPGCHHozZw.oss-sTloVhY84S.aliyuncs.com/I8SPGCHHozZw.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://JKUdaz6.jPT1oP.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 14 Apr 2026 18:34:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 31409\r\nLast-Modified: Sat, 11 Apr 2026 00:24:26 GMT\r\nConnection: keep-alive\r\nETag: \"69d994ba-7ab1\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31409,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 323 x 218, 8-bit colormap, non-interlaced","md5":"ee55a2b1f98267da2e9f3d61030690b4","sha1":"26d0ea3546621075b7d19766e8288a4aeb5eb998","sha256":"52eb0c7aac3a60a0837fbe933657ac940225b6f1ef27d9e5eb84891c225e52ea","sha512":"92ebca66567f1dfeb2e5a5b1a80b3a5b0a50df321cdb5e3ec152253a530623240eda635b31b2d98789d6a62634c7df0223422d55e0421034ab955e07025b60cd","ssdeep":"768:HBqjxyf0BdLYJp6z4+WY7P2zUCsV1LdrBRuG3u/jLn:HwgfYMf97U3DLkMu77","tlshash":"17e2e19ec2941a64efed1bae7596c09144c360863ef2b020253b5079bd7c6b0bc9c4b3","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-14T19:44:49.942743Z","times_seen":2674,"resource_available":false,"data":null}},"time_used":3238,"timings":{"blocked":2908,"dns":0,"connect":0,"send":0,"wait":329,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"363999.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"363999.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}