{"report_id":"1a09fb8d-00fd-4db4-a34b-878882db4089","version":6,"status":"done","tags":[],"date":"2025-12-24T03:41:36Z","url":{"schema":"http","addr":"999u.lol/","fqdn":"999u.lol","domain":"999u.lol","tld":"lol"},"ip":{"addr":"54.215.31.113","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"xn--ykq904j.com/","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"title":"富豪","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"999u.lol/","fqdn":"999u.lol","domain":"999u.lol","tld":"lol"},"ip":{"addr":"54.215.31.113","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-28T03:41:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"999u.lol","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"xn--ykq904j.com","ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-05-18","domain_rank":0,"first_seen":"2025-12-24T03:41:36.943047Z","last_seen":"2025-12-24T03:41:36.943047Z","alert_count":0,"request_count":20,"received_data":3398126,"sent_data":9298,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"999u.lol","ip":{"addr":"54.215.31.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":14598,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xn--ykq904j.com/static/js/rem.js","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e74e945fcc19cbd1d5276e5d4548d525","sha1":"8236e3f3fc64916f9f7f65e8aa2680c9302f0858","sha256":"33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5","sha512":"a31082fa7c4afd5138b6f5048ea64b3fced8635505c69b56b2de5168b699069401b415f26eb42ed6ccdbc8e8c8db6f50618fea5890565ed5404f360176907245","ssdeep":"","tlshash":"8a01f166644125384b2b0009a925726cfeb7811303235283f45cae766fb0e430ab1fdc","size":840,"data":"","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-06-12T20:49:55.441666Z","times_seen":15130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20240329/943ba664cd7c3b6f513b6b9062e0d132.jpg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20240329/943ba664cd7c3b6f513b6b9062e0d132.jpg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 11:10:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606a198-1e7aab\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1997483,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 3002 x 711, 8-bit/color RGBA, non-interlaced","md5":"5a2f4812fcd8e15cc4e36b510ace77d3","sha1":"1ce1c4d28d2cb51eae7d9d9fd7ad574adff59f8c","sha256":"ff6506651787a2140003914321e4a961972d967bd75786f543ba6e67ab689b08","sha512":"f548289f75fc6b099c6749c631e2145375a430180a11a9ef18a840a4af32753ad7faef66a0b163669f869a1c17a165d3476074d8458ae45da6a61f670c102967","ssdeep":"24576:gCIknjnZRiV3N1YT5/bYAGaltvLvFretf8ZGMmhYpwzXD9:DIknjfM4T5/bYT8tv467mh8wrJ","tlshash":"902533cc729fd10af53ff531a73c368971edb1d56d220b878c636ac4994e8a81816b27","first_seen":"2025-12-24T03:41:42.756787Z","last_seen":"2025-12-24T03:41:42.756787Z","times_seen":1,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20240229/8f2d6be95fd0e7d86f37bc979013c0bc.png","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20240229/8f2d6be95fd0e7d86f37bc979013c0bc.png HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 29 Feb 2024 15:37:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e0a4c6-37d5\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 456 x 52, 8-bit/color RGBA, non-interlaced","md5":"8f2d6be95fd0e7d86f37bc979013c0bc","sha1":"f2ce41217d89cd8d68dfa14408159df33949def2","sha256":"2381fae997a2659825d3b92f1de483f7a8bb2b27f2bb7e8599df001a2b4b96fc","sha512":"a89e8308767ca7f66bf1f37d80ae3694f10b1ba3385ff709b9ac32825b42e09d8018d586142411a00bb33bd448b0747563503a40ec4f7f3881c2badf72cff62d","ssdeep":"192:AOGKj9amMdxiBCoXj3vBGac5kJgw6++XZTQ274cP4cEm0TPIdiANurnh9kwBvpDv:AOokCQraqSv5XBQ27ZKtTPI7I/kKZec","tlshash":"b852e1c792ade6885b7721cd2b4f443c6da622acc5191487e131da7eb0b4a376211edc","first_seen":"2024-08-19T12:54:22.070194Z","last_seen":"2026-05-22T23:10:19.551316Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1044,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1044,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/faaa5c79718102c218dc3fa8f50b272c.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/faaa5c79718102c218dc3fa8f50b272c.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 13:14:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693820a9-4440\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17472,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 173x167, components 3","md5":"faaa5c79718102c218dc3fa8f50b272c","sha1":"b03a877b02cc831c99da0fab68458bbe13b5e7cd","sha256":"c4788e133d0107a6fe05686f1e9a0de9077a81463acdc13a4698973d5142638f","sha512":"51807436923d9f7b3c9bcc0873703cd76017652857b91557670239604d4a589bbeab076d335f8095af3da618034b193d50247b0447e4f663bcd87e0dafe20fb4","ssdeep":"384:8vq0ifEu075QmbUNq0yBAIJ2farTlhvNa3iOg+4cz9i5Iq0vTDtZh2jgK:J0ic35QmbUNq0jIIyrTlhR/QQ5Iq0vTg","tlshash":"0072d12b361005a0d642b1f6e5b72ae5117cb83ad7a055cafaf8410c57fa8d6274235f","first_seen":"2025-12-24T03:41:42.763568Z","last_seen":"2025-12-24T03:41:42.763568Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/ab0c25d1c5117ce2363f2fbaa7fc9cd4.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/ab0c25d1c5117ce2363f2fbaa7fc9cd4.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 13:11:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69381ff2-2fe68\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":196200,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x1051, components 3","md5":"ab0c25d1c5117ce2363f2fbaa7fc9cd4","sha1":"69a24dd582175ec7391b788a498354b18eb1f62d","sha256":"dcbcfd1ead5d605d5061618f24b0c259aa845dbca7afe7c3fb2f0d58703bb17b","sha512":"3bd3de2d06bd7613e48d2b77f9a60e642735110469a5a056fd448b44f4190f12ee334d29916814267203b8596110645c7b2175a6b04ebe7bee921b9c91ef36cf","ssdeep":"3072:PAay0feAO1hOY83e+buCORH0J0ZbK4nGmqp/1FUBkz5TkHLdkQlO3UzyC74XARfK:PW8QA3bupH0J0TGDRzOd5lMCv4XARS","tlshash":"e914f142e9440754a94ca7b5ae07390e2f1b462ee2e44b9c7257ed5f77acbb01a3c34c","first_seen":"2025-12-24T03:41:42.765434Z","last_seen":"2025-12-24T03:41:42.765434Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1042,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1042,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T03:41:12.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14262,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"14b2033a36710a83c7cb8ced1ee1b9cf","sha1":"9ab6e9b0d4febfe3b83374c125d8f6d681bf7af7","sha256":"3f5aecb8ce8e67375cff537a6d5bcbea456a5cd39d70b7978bff78ac151d01f2","sha512":"48bbd2eecf3c2f6c365fe7fc4cef53fc225017b38c3014d92ecfa76052260a01032fae9253ae9586dbe3c0ab7671df740a6dba11d2076b80daba792a839d1811","ssdeep":"48:0fSId60fF7aY//cFGdZLArABcpW64zmMBcpW64j/VBcpW66x+ktBcpW6kSwABcwr:aWY/depp465p4op6gpkvlWDpPEjpp89","tlshash":"c552567044f561a302a2c4806ab25e2faf82d90bd89f0a50b6ed0fd59fd7d87ce0750d","first_seen":"2025-12-24T03:41:42.767858Z","last_seen":"2025-12-24T03:41:42.767858Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1631,"timings":{"blocked":664,"dns":147,"connect":254,"send":0,"wait":303,"receive":0,"ssl":260},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/css/swiper.css","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/css/swiper.css HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 29 Feb 2024 12:03:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e0729a-2cee\"\r\nexpires: Wed, 24 Dec 2025 15:41:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11502,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11234), with CRLF line terminators","md5":"e13604c256ca0d3b25ce5212a9c839d3","sha1":"e230d0800770b61746a0ffc0faa2adb3cabef6df","sha256":"93de50057da34d51685031eb99326d4d3da03ff71a64525a1f194960dd208691","sha512":"4d0f28cba98abacbf853d7df5cc7f98ec7814153465f1e6391a525764f931a35233ea98ce5bc5d95c4aee6ff75da8e4194021f4f402915224d954a810fde42d7","ssdeep":"192:rSb7GOgx9BUSdPhX/M/XCj8Fif65W/1mXA8wBLJHpx:rm7Rgx9BU0W/XCcif65W/1mXA82FHpx","tlshash":"e332e15417403837f3b74f2e46a1e7b59b60cc838a934dae72c0dd44d6fa8b9121eb95","first_seen":"2025-07-08T19:41:21.479709Z","last_seen":"2026-06-08T02:45:31.543394Z","times_seen":19,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/js/rem.js","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/js/rem.js HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 840\r\nlast-modified: Thu, 29 Feb 2024 12:03:40 GMT\r\netag: \"65e0729c-348\"\r\nexpires: Wed, 24 Dec 2025 15:41:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":840,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"e74e945fcc19cbd1d5276e5d4548d525","sha1":"8236e3f3fc64916f9f7f65e8aa2680c9302f0858","sha256":"33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5","sha512":"a31082fa7c4afd5138b6f5048ea64b3fced8635505c69b56b2de5168b699069401b415f26eb42ed6ccdbc8e8c8db6f50618fea5890565ed5404f360176907245","ssdeep":"","tlshash":"8a01f166644125384b2b0009a925726cfeb7811303235283f45cae766fb0e430ab1fdc","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-06-12T20:49:55.441666Z","times_seen":15130,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20240329/68223a5203e847420939ae962e378ed9.png","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20240329/68223a5203e847420939ae962e378ed9.png HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 29 Mar 2024 11:10:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606a1a0-42ec\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 268 x 68, 8-bit/color RGBA, non-interlaced","md5":"68223a5203e847420939ae962e378ed9","sha1":"c9898ea7ed9800dc482ebb8f7f6e870abadeb691","sha256":"59b39ea6822c8324c207e2356b32970a33fec9855b240897b690660c466fdc66","sha512":"056952f3aaf95b3a1c4f7f18bb07d1505ac34c0f16a003bdb36bac37cd04e3a6c078b41d661d79e4d7b77146e5febac3c879554bbb2aa5952bf8017da2a4c819","ssdeep":"384:pEe9YoK8S9+S1ub5oW9ytWg/Jr1QoZ6jlB80iF92U:pE+szpWOsoZOB9iF9/","tlshash":"7572d0e002920b8e8aba07b714f5135a39c17ff09e97d81353284192e261f637f3abc5","first_seen":"2025-12-24T03:41:42.769913Z","last_seen":"2025-12-24T03:41:42.769913Z","times_seen":1,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":514,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/img/009848_30x26.png","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/img/009848_30x26.png HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 29 Feb 2024 12:03:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e072a0-583\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1411,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 26, 8-bit/color RGBA, non-interlaced","md5":"fd297a2156066939078e88324887bd06","sha1":"e59497eb31d9224fcf7f96567701a913bbf23325","sha256":"b26dc6f152d43f8b71aede3c9179e672cabc73ef53f0e73c3f446dd54d009848","sha512":"c55316e965e7def66fc37b2e43a5c094856f3c75935c26dc0caf57f498702d397e2583ba2002a7269946497c97900a8975b3a40f12270db807db74a4ae36ff6b","ssdeep":"","tlshash":"47218958ce406642536aeb551df2593aad95458057f0d4217cefdc675c320f949490c7","first_seen":"2023-08-04T05:03:09Z","last_seen":"2026-05-22T23:10:19.50565Z","times_seen":63,"resource_available":false,"data":null}},"time_used":1044,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1044,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/img/18cdb2_114x18.png","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/img/18cdb2_114x18.png HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 29 Feb 2024 12:03:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e072a2-887\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2183,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 114 x 18, 8-bit/color RGBA, non-interlaced","md5":"cfe098ac50be53d90f9da476a7ea437a","sha1":"a2b5ef1bd9932da68932dde8c28fb8a2277eb10f","sha256":"a7d04bb1c448708d44beaca0d26c15f2a67193741329723455ebffc82318cdb2","sha512":"c90d7d32334abf6b0e849c176aff07d73793f29854c3055ed3ddea6752ef4b19342d1aed786ab156219d788b367768da3ba14815b4dd91e8f569306159aa10ac","ssdeep":"","tlshash":"bd413c6ebd01e291d20cf8831cf2a1a26b160f8089e440f0bd7ed81dac142f2063b6e7","first_seen":"2023-08-04T05:03:09Z","last_seen":"2026-05-22T23:10:19.556613Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/1fefd556ce3ca2d0e70db62ea1b3c351.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/1fefd556ce3ca2d0e70db62ea1b3c351.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 12:59:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69381d1e-2558\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9560,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, datetime=2025:12:09 20:58:07], baseline, precision 8, 130x125, components 3","md5":"1fefd556ce3ca2d0e70db62ea1b3c351","sha1":"f129a5a262d22a67216824398b18909c17a2ae8a","sha256":"ce804ffe0da815a6bd8460ec2425a2c166c60bd2a92926482680a650645d1ca9","sha512":"c360d4edd168b1a1b0238b775f171e959ac9d10d049e4c5829c9b943726e8d539bf557c0a624eb07743e6d74ecd8d08873decfcccd41d8bed146b882d38ce7b3","ssdeep":"192:Qvgs1hMHvWRKjwwtNgfZ1N78yQRbQaRpomo7Za/BXYLpERb:QjvArwEkJQyQxRKZe0pEl","tlshash":"4412b0a977141f04f5f301be48477f14e2f46da29ce777091448bae6eeb48933856a0d","first_seen":"2025-12-24T03:41:42.771723Z","last_seen":"2025-12-24T03:41:42.771723Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1040,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1040,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/c3dd17c90e927be85575bd507c22ba16.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/c3dd17c90e927be85575bd507c22ba16.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 12:52:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69381b7d-6be0d\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":441869,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1920x1920, components 3","md5":"c3dd17c90e927be85575bd507c22ba16","sha1":"149127529d347418fe3b44da6e4af280889b445c","sha256":"7f9208530cbd1325e4f68565de6baa361374fba3da15ee74142d3cdb5a077dd7","sha512":"af1d6078a6a53081271d3541a3853c2ecc66e9e2cad90014feb8d567add81c049a1d4e43a22a7ad68681d3fa76576ce9f1f613a5a6196f6d88abd88a73052f32","ssdeep":"12288:t8gzEqoYc6O2TaGyA0sd71Nj8kE/MShUbn0pef6XV/8vK5ihQihGYsrTTIF:fTaGv15Qh8nxfEivH","tlshash":"6794efb4fbe3d3448b8f675c88bcbc37632814d941e4260358576c92aad8f74966b63c","first_seen":"2025-12-24T03:41:42.772711Z","last_seen":"2025-12-24T03:41:42.772711Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1038,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/css/style.min.css","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/css/style.min.css HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 29 Feb 2024 12:03:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e0729a-1ecb\"\r\nexpires: Wed, 24 Dec 2025 15:41:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7883,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7883), with no line terminators","md5":"f6a178ff397ee294d4cb2c1142779088","sha1":"464f32a4a6c9256021cf278a4652d3912ce2ff4d","sha256":"d67f09a3bfc66e106245a01dc3258984dc2e18bd5f3c2361f6aa6f7dc6a904f1","sha512":"1d44231705fcdb6862c279c6abf556e8d9b112a4b98deac1f3ad0d0e858a37e2cac7c8d42dbe5f0c478b7fab2d8ffd087554e7e89aa49310b2a587b85be4a93b","ssdeep":"96:3zQdbEQFb+tree4IsYI9XJUc+s7zG2xkq2P7fSSBKkRx5Ju2ZDvxb:ztreVQb2V2mvqJZjxb","tlshash":"b7f17477d676220de823c6313cd46fd92528c162d343079ce5137e3b8acb15a0ab6b8e","first_seen":"2025-07-08T19:41:21.490954Z","last_seen":"2026-05-22T23:10:19.542634Z","times_seen":6,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/d27fbf945119565c4148e9fd141d7c67.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/d27fbf945119565c4148e9fd141d7c67.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 13:04:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69381e56-30394\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":197524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 960x960, components 3","md5":"d27fbf945119565c4148e9fd141d7c67","sha1":"3ac740a8cae983a14990899244dec9ded97df2a5","sha256":"6b256cd3782c285e550b502c0947124ec182115a13741ad2a427e66d7d747ff6","sha512":"a757278da2c129bb9db5d81b8f4ad081026c384c1d97da7f5357c8725129c70672a1e98dc1edc72f8333767bf766d892d064c5fbc6b755ebc7a6981de097612b","ssdeep":"6144:+ag0525/Udw0xuI9FxBhI0ATyAK17JDcx+:+ag3L0xuI9FxLSTyAg7e+","tlshash":"0314134b88516022fd98a3faac225f1bf259eef09f4131211b42ced6f31d38537ab595","first_seen":"2025-12-24T03:41:42.774206Z","last_seen":"2025-12-24T03:41:42.774206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1040,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1040,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/js/disable-devtool.min.js","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/js/disable-devtool.min.js HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 29 Feb 2024 12:03:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e0729c-18564\"\r\nexpires: Wed, 24 Dec 2025 15:41:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99684,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators","md5":"99f566d691313d9078cb2269bfc431f5","sha1":"d2edfbf6d675fb3051b1924616ad7f62dd753573","sha256":"06e500c989e9461e670e7b8393a0849902e9b4dde47a4a563f088d10efc27863","sha512":"43441f483216b3142f4725e775cef2d76e04d69a5af5d37c82429fbb8e35d0ed6a7594e4774c0cae61add064e79131cc36a05376af0c034beca47212cd984373","ssdeep":"3072:TAHAb4fhRTJS4jA7IVSHzz+VNLozt9La02g06m1YQ1w0DRMoT7QARQuMtNNH5b3S:8LfG+/Fk1zJqk/GRT","tlshash":"fba3b680b3c5788403b727f7ba1b70d6f52a4d967888451be681fcb4b5b5236e6f2831","first_seen":"2024-07-03T04:37:50Z","last_seen":"2026-05-22T23:10:19.560663Z","times_seen":17,"resource_available":true,"data":null}},"time_used":1037,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1037,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/favicon.ico","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:16.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:16 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-13T01:49:25.224845Z","times_seen":526024,"resource_available":true,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"999u.lol/","fqdn":"999u.lol","domain":"999u.lol","tld":"lol"},"ip":{"addr":"54.215.31.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T03:41:12.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"999u.lol","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Oct 2025 11:40:38 GMT","end":"Fri, 23 Jan 2026 11:40:37 GMT"},"fingerprint":{"sha1":"A1:9B:30:06:E5:48:04:00:A5:56:65:E0:4B:E8:D3:B2:1C:F7:B0:15","sha256":"6D:0E:C1:1D:3E:0E:0A:9A:71:52:B5:CC:BC:3C:DE:C8:94:6A:90:D9:E7:01:87:89:74:AA:C8:BA:99:0D:AA:58"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 999u.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/plain\r\ncontent-length: 0\r\ndate: Wed, 24 Dec 2025 3:41:12 GMT\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=2592000\r\ncache-control: private, no-cache, no-store, max-age=0\r\nexpires: Mon, 01 Jan 1990 0:00:00 GMT\r\nlocation: https://xn--ykq904j.com/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14262,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T01:48:50.752837Z","times_seen":16373065,"resource_available":true,"data":null}},"time_used":1223,"timings":{"blocked":528,"dns":183,"connect":167,"send":0,"wait":167,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"999u.lol","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/css/animate.min.css","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/css/animate.min.css HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 29 Feb 2024 12:03:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e0729c-12a7f\"\r\nexpires: Wed, 24 Dec 2025 15:41:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76415,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (460)","md5":"f99056fa91461523e9cf3ed6e59c0542","sha1":"ef4d745937d618909e5e585e79e8afb47d77bbb6","sha256":"5c4e57209d2f929d3168e3853aec6442ddb0ae44596b8e1db98ff3da4aa17e75","sha512":"3eb3511457b874e3fb8aa9e03fb5eb566bd245f25b97a37395c5bc41dc49e29408665bc6eee77989454de2a42614b0896d7f29e3cf456f21edcf2f58e8974cae","ssdeep":"192:wIQHnGg5p1sgqg501K7JuFRH2UNURV2/o6R7M8EA+UQRjMsEu+/6QI3iiFIFibTg:wIWjy","tlshash":"4873e9a928a211445727491587df4f78663ce5a31826ecfab3de588b8f01fac23cd617","first_seen":"2023-04-06T18:33:52Z","last_seen":"2026-06-11T09:36:25.803071Z","times_seen":3523,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/cd160edc9b4bb9317731622665f069f4.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/cd160edc9b4bb9317731622665f069f4.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 13:06:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69381edb-7c2b\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31787,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 237x237, components 3","md5":"cd160edc9b4bb9317731622665f069f4","sha1":"87716c76aa549798f564390297a5a77822d8b8af","sha256":"61d0af871b162f51f2c62eb5e0890ebc6a652a2ae77ed026745dd542edfe80b2","sha512":"4a618c55e5bdbc81c43701de940558c19cc8a4f5a81194b199351a76523bffaf7bd4f02c0a6f7641352015777de1ff124caa396d486bfd899fb1328d494b97cb","ssdeep":"768:JjfiS3soGmkBMPjnCgwmrnyS1wjlgP/WWjjbRphOf:J+Fq29WY+/5PbA","tlshash":"0be2f10ace4390e2fecd453892be47d6a531ebf2fcced28c70d505e924a44c4a548f29","first_seen":"2025-12-24T03:41:42.777196Z","last_seen":"2026-05-06T12:25:37.696208Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1041,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1041,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/uploads/20251209/c172d23599f5fa5c0ac414f51a19e250.jpeg","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /uploads/20251209/c172d23599f5fa5c0ac414f51a19e250.jpeg HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 09 Dec 2025 13:00:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69381d5d-3ce75\"\r\nexpires: Fri, 23 Jan 2026 03:41:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":249461,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 736x736, components 3","md5":"c172d23599f5fa5c0ac414f51a19e250","sha1":"aba9ccb2706f70b29a9ce08ec3c5932bc6566482","sha256":"0bb04124ef24750619ae8f2b52b50ca5b78158c3f776680e00e21d79d964c3b3","sha512":"f26c2cdb09a13a3eb03db6c8cd120e63b102cf00756227ce91c6dec6fb05cb597134aa49a11da12c0ef7254a110df4ec1d0c3c9580fa662c8b142f48a551ed54","ssdeep":"6144:u10oCpLgUdhtGJjRGc+zPNnB7n3GpGqyhs1Ptk5a:u0xhzPc+7qd1PWU","tlshash":"f43412250feda11988ca1118e17d250b14d5ab3de6c4847e3290abfcf2c55c9dbab7cd","first_seen":"2025-12-24T03:41:42.77811Z","last_seen":"2025-12-24T03:41:42.77811Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1039,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--ykq904j.com/static/css/resources/f81cc2_78x78.png","fqdn":"xn--ykq904j.com","domain":"xn--ykq904j.com","tld":"com"},"ip":{"addr":"83.229.127.196","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--ykq904j.com/","date":"2025-12-24T03:41:14.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--ykq904j.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 08:43:16 GMT","end":"Thu, 22 Jan 2026 08:43:15 GMT"},"fingerprint":{"sha1":"5D:D6:99:9E:30:86:8D:35:29:1D:37:05:6F:F5:B5:45:BD:45:FB:87","sha256":"DD:56:99:E0:C1:91:61:FB:0D:30:99:15:D6:89:66:B5:DA:45:A5:03:11:34:1D:1F:B8:CC:76:B4:62:E0:B2:5C"}}},"request":{"raw":"GET /static/css/resources/f81cc2_78x78.png HTTP/1.1\r\nHost: xn--ykq904j.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--ykq904j.com/static/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 03:41:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 29 Feb 2024 12:03:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e07298-48b\"\r\nexpires: Fri, 23 Jan 2026 03:41:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1163,"size_decoded":0,"mime_type":"image/png","magic":"HTML document, ISO-8859 text, with CRLF line terminators","md5":"8363acaeab9cbb099b59b78a44127ca6","sha1":"aef448ce5500e3734059ec285cf6ec0b547075f2","sha256":"9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a","sha512":"a431f7ee4cdc3c7c6edf43736e007e314a0f8c4d05706dbdf75b629b15bee335d173abc071568f447d78b4c43aba02017c1993d6da86a1acdde904eb287cb30c","ssdeep":"","tlshash":"2821412987d42804faa7c4e170f2b3e63e478646f59b4b9fb4127257d5c26a6c1d3388","first_seen":"2023-04-05T10:47:33Z","last_seen":"2026-06-06T04:30:24.138306Z","times_seen":14641,"resource_available":false,"data":null}},"time_used":925,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":925,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}