{"report_id":"1e8b0123-a649-4de9-8fb3-06450a4cd8d9","version":6,"status":"done","tags":[],"date":"2025-08-10T07:58:22Z","url":{"schema":"http","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.193","port":0,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"title":"Page Verification"},"submit":{"url":{"schema":"http","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.193","port":0,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-14T07:58:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":10,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:02Z","timestamp":1754812682,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39758,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:02.017592+0000\",\"flow_id\":1780164372009174,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39758,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":893,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:01.921814+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:02Z","timestamp":1754812682,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39768,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:02.739609+0000\",\"flow_id\":542895963274095,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39768,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:02.621423+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:02Z","timestamp":1754812682,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39770,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:02.981469+0000\",\"flow_id\":1470982561337254,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39770,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:02.855974+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39782,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.231094+0000\",\"flow_id\":376919099680009,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39782,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.107785+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39798,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.481697+0000\",\"flow_id\":56669158211731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39798,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.360595+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39802,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.695698+0000\",\"flow_id\":2033765011108132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39802,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:03.602404+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39814,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.886440+0000\",\"flow_id\":2007393911901497,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39814,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.789817+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:04Z","timestamp":1754812684,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39816,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:04.101868+0000\",\"flow_id\":104897346011007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39816,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.982911+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:04Z","timestamp":1754812684,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39822,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:04.319942+0000\",\"flow_id\":1961461384240246,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39822,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:04.220278+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:04Z","timestamp":1754812684,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39826,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:04.504703+0000\",\"flow_id\":1280487877007239,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39826,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:04.415623+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"at.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":11137,"first_seen":"2013-11-28T05:03:29Z","last_seen":"2025-08-09T15:59:27.001467Z","alert_count":0,"request_count":1,"received_data":6101,"sent_data":526,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"fourier.alibaba.com","ip":{"addr":"47.246.165.245","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"1999-04-15","domain_rank":245815,"first_seen":"2017-12-29T06:57:08Z","last_seen":"2025-08-07T00:01:52.687524Z","alert_count":0,"request_count":1,"received_data":262,"sent_data":850,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"7x8ax1.tdum.alibaba.com","ip":{"addr":"47.246.146.190","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"1999-04-15","domain_rank":0,"first_seen":"2025-08-10T07:58:22.766398Z","last_seen":"2025-08-10T07:58:22.766398Z","alert_count":0,"request_count":1,"received_data":407,"sent_data":424,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"ynuf.aliapp.org","ip":{"addr":"124.239.14.253","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2008-01-04","domain_rank":8486,"first_seen":"2017-01-30T07:25:30Z","last_seen":"2025-08-08T12:17:57.529467Z","alert_count":0,"request_count":1,"received_data":969,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"cf-app-waf.cfc.aliyuncs.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2023-03-28T09:58:05Z","last_seen":"2025-08-02T15:26:16.361062Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":701,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vda-global.lilisi.com","ip":{"addr":"47.246.44.197","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2013-02-24","domain_rank":0,"first_seen":"2022-02-03T21:49:22Z","last_seen":"2025-08-05T07:20:36.845085Z","alert_count":0,"request_count":2,"received_data":11601,"sent_data":1249,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"img.alicdn.com","ip":{"addr":"47.246.44.178","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":8663,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2025-08-04T21:05:59.026448Z","alert_count":0,"request_count":1,"received_data":10580,"sent_data":499,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"g.alicdn.com","ip":{"addr":"95.101.11.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2008-06-25","domain_rank":6787,"first_seen":"2014-10-06T08:39:58Z","last_seen":"2025-08-09T07:04:31.050609Z","alert_count":0,"request_count":4,"received_data":842454,"sent_data":1729,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:02Z","timestamp":1754812682,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39758,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:02.017592+0000\",\"flow_id\":1780164372009174,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39758,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":893,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:01.921814+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:02Z","timestamp":1754812682,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39768,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:02.739609+0000\",\"flow_id\":542895963274095,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39768,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:02.621423+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:02Z","timestamp":1754812682,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39770,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:02.981469+0000\",\"flow_id\":1470982561337254,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39770,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:02.855974+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39782,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.231094+0000\",\"flow_id\":376919099680009,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39782,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.107785+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39798,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.481697+0000\",\"flow_id\":56669158211731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39798,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.360595+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39802,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.695698+0000\",\"flow_id\":2033765011108132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39802,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:03.602404+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:03Z","timestamp":1754812683,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39814,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:03.886440+0000\",\"flow_id\":2007393911901497,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39814,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.789817+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:04Z","timestamp":1754812684,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39816,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:04.101868+0000\",\"flow_id\":104897346011007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39816,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-08-10T07:58:03.982911+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:04Z","timestamp":1754812684,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39822,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:04.319942+0000\",\"flow_id\":1961461384240246,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39822,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:04.220278+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-10T07:58:04Z","timestamp":1754812684,"ip_dst":{"addr":"47.246.133.236","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Russia","country_code":"RU"},"ip_src":{"addr":"172.18.0.19","port":39826,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-10T07:58:04.504703+0000\",\"flow_id\":1280487877007239,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":39826,\"dest_ip\":\"47.246.133.236\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"cf-app-waf.cfc.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":3657,\"start\":\"2025-08-10T07:58:04.415623+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/fireyejs/1.231.61/fireyejs.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6438fd1e1cf271117330232c0e1c1cb","sha1":"a2bf22f081d21b6759d10eba03e68aab4f6e0ec5","sha256":"f2b20a5c5ccc3a18f8045ba80ab1f8ae174cd6a282a5d6b19a1079b51f714175","sha512":"861b6910105f544ec1c05053d86930735345a8abeb089e116676b53b487fd24cbc138890d4000f841350f8a91b29c119205f6646422632d566c8d8d0959d71ab","ssdeep":"12288:CZLigs7zY7+Xcv4RBwvg8WE3LdTQWyYEFsPVfzt5R3:UL9QzY8gwBwvoE3ZcWyYQ4V5D","tlshash":"11a407ead117065c80e4dfe0447bb2be59ac9f010d683895db62d72905d0feb38c9ea7","size":460609,"data":"","first_seen":"2025-07-09T10:22:56.398722Z","last_seen":"2026-03-19T07:34:09.4607Z","times_seen":8467,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/nc/1.97.0/nc.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.32","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"8931746f3905f0c8639e227d1307bd07","sha1":"2f72ce290e71b74db07b016648ea060cda1032c2","sha256":"94b2b99ad074012c1ce6d21a3827fecf7e4d7614babb94768282e0a17b071895","sha512":"64779fa25b05fb69dba5be09341f3d7ab2ed2c57a19e693bac5035a4d3028c69d1590fc08624ff2fb0842c1670fb53608f2cbe92709858dfd56b6e8790728c3b","ssdeep":"1536:LxKlgiTV1rcQXsD56EoZg9ORg6mvAR9B0GqIqZrSSnUDSi:68IRf0GqIqZrSSnUDSi","tlshash":"576317cb3291251d4693e6bacc7aa88d30358942c01ed63abffde1c2fb148553267f65","size":72240,"data":"","first_seen":"2024-03-02T06:13:52Z","last_seen":"2026-05-02T10:51:48.410773Z","times_seen":1402,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ynuf.aliapp.org/w/wu.json","fqdn":"ynuf.aliapp.org","domain":"aliapp.org","tld":"org"},"ip":{"addr":"124.239.14.253","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea2c5fff92beae913c0ef1fee56f0e4a","sha1":"6bc48df2353d9c2ecc5dac45664ac95a21efc4ee","sha256":"1a8175163fd6a9bce2f7e1b481581bb214e47d50fffc62afc92cbd0885a5a0ff","sha512":"78715db3222a6a7021ce918f60314cb5813fcadd0ccaf8763e75d68ce2881f8ffae7d76c261286aaa9f1a6d88f20e85547c0e0e5e5cedd6a52c5f6f1c622eebd","ssdeep":"","tlshash":"41c012b011f805000684bd21b00a034881750636c8d3a326cc117f4813cccc11c7445c","size":190,"data":"","first_seen":"2025-08-10T07:58:25.551244Z","last_seen":"2025-08-10T07:58:25.551244Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.197","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"6ad32e226fcac8f53188e7160ccbacf8","sha1":"7ebf5231fa4ae0e662e9b51343a48c79f3d8fc7f","sha256":"d731702116706daf55288c8765822bea0b08f81d9e34b4f6c938368cb08236c3","sha512":"7bd2885abf9196b053b69a480242e4cee6635d4d7f9be9489866a1f1260abb332f6e9bc06fe9f49c7382c5550d8bda2b3adf72f220bb65a3a111c9eac2865ec6","ssdeep":"","tlshash":"e941b5ecf698c6cd45ea709b829ab919dff10464b822c512c4cd19c61bfb8d2c5178ed","size":2128,"data":"","first_seen":"2024-06-23T12:00:12Z","last_seen":"2026-04-17T09:32:58.9998Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.197","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"15b7bf7594a0853a2201e108d6722982","sha1":"d1ed05d228b8a63eef9ab9c82587853bc02758f0","sha256":"bd107245251826231f84613fb2571a6f019f07cf3bb2eff1c042fcde180efcef","sha512":"2a2fe0baf1abf90d99f797b180132cb79d773597c2b7429d37da257c0757dc37b5d30c289592a2d8a6ccab80020003d2f80ea6a2d34374026d3cc0835ca58c63","ssdeep":"192:N7J1ohuzgVujw3lBNjRs86kvYv+2vA6nPkvZv+2vAyAf:N7J1ohrDZuzoYt1PoZtXAf","tlshash":"ece18263f6c07021d62b54a65426bb7d747ea185bb02ce30d618bfbdcb609c31623e9d","size":6944,"data":"","first_seen":"2025-08-10T07:58:25.552941Z","last_seen":"2025-08-10T07:58:25.552941Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/AWSC/awsc.js?t=2050","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"44dd975ff0dceebd9ca6b859733ce5f1","sha1":"5a2a883d3186a23b9f91a5e34faafb5a1c6c265b","sha256":"208ba114d3529813d06e9236f1f0f3e4c7f42f3cf4603e650da01c604940b765","sha512":"0465a44fbb8371ae1861b31b4fa4170a097c885786e192416d23d834373637738f3ba54cc400af4577d9894b7d76390fd055a6ac41fe7c70834f75b1dee26439","ssdeep":"","tlshash":"da11b6c92b8463bb9e7ddc27b0fd369c2e4a4642501bd765e2cc20c0939b378d0c5e24","size":1000,"data":"","first_seen":"2025-07-28T07:22:48.084712Z","last_seen":"2025-08-24T08:31:49.518711Z","times_seen":1405,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.197","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"introduction_type":"Function","is_inline":false,"md5":"8d46e2bc77fb0b41f87ccf9a32df5d25","sha1":"c22a372d491a29e212169e6db5a44a53369b6935","sha256":"457e7360a585f828fa0887299245267fd923f6036471a3250665b8b9d3c623af","sha512":"65d5b46c23c71d20d7c3b64a4d3f75c36e26db711db8308e8a225d23544dcb1172d0f972d08c3cd3b83a12995bc4e2aa869af527009647f81771fccf1aada5e1","ssdeep":"","tlshash":"fda022c020c000822bb300b0082baf00b0a00c30a0888808f0c8fc020c800e08008e2e","size":66,"data":"","first_seen":"2023-04-12T01:32:23Z","last_seen":"2026-05-05T15:18:57.670291Z","times_seen":44399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7x8ax1.tdum.alibaba.com/dss.js","fqdn":"7x8ax1.tdum.alibaba.com","domain":"alibaba.com","tld":"com"},"ip":{"addr":"47.246.146.190","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8aeb1dd232abeda24000ba2995f5e4ee","sha1":"371ad5b8e9a465fe5e99ac8fc697f7ff4a48ad42","sha256":"185eb08a1ddc03f08a99af12a6aed053b141bc77eaae357c03d669448794a5c6","sha512":"2b533d58e80a0b6bfe47395f072e162fc90ba0e6f16764140091c678cb74ff3ee389bd422372758773f996d6cec5ce9a850bb2b3cfb3bf7ddd49cc34ca67ea2f","ssdeep":"","tlshash":"8d90029004450ec140958128a9ed477a4310205003a02e1cb482712241f3d118434ef0","size":52,"data":"","first_seen":"2025-08-10T07:58:25.550119Z","last_seen":"2025-08-10T07:58:25.550119Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.197","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-10T07:57:59.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lilisi.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 10 Mar 2025 00:00:00 GMT","end":"Thu, 26 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:3F:CD:60:00:5D:C3:9B:EC:48:15:20:28:A8:5E:9E:C4:46:25:97","sha256":"7D:22:A2:57:1F:2B:C6:47:25:9C:94:F1:7A:9F:F8:B0:D5:27:DB:C7:EE:3B:CA:DD:06:A2:F4:FB:DC:1A:00:F4"}}},"request":{"raw":"GET /pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200 HTTP/1.1\r\nHost: vda-global.lilisi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nDate: Sun, 10 Aug 2025 07:58:00 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: acw_tc=2ff62c9917548126801475630e8938c7c279600a8ecb86cf4dd6bf79cb;path=/;HttpOnly;Max-Age=3600\ncdn_sec_tc=2ff62c9917548126801475630e8938c7c279600a8ecb86cf4dd6bf79cb;path=/;HttpOnly;Max-Age=3600\r\nX-Tengine-Error: denied by custom_acl\r\nCache-Control: no-cache, no-store\r\nPragma: no-cache\r\nVia: ens-cache5.se2[,403102]\r\nTiming-Allow-Origin: *\r\nEagleId: 2ff62c9917548126801475630e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":10402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8423)","md5":"1413ea5bc9ead157436b48fa9ac70258","sha1":"2640e419150a0b5ba29fa68f208a59da0a8cfd8b","sha256":"20088ee0d79fd1a25d7bf467df986c40795c2fccaa936413b7825bed2910b56f","sha512":"4c7c4c6532fb28817a57c914720dfd869a4c21bfb95230911d513d5f4d19406b8f162d399f1a51f60c78a3f602524e534fdd4ecaf9e9a15c5d465930b93fb7ce","ssdeep":"192:iSpKpOIqtlomlOA7J1ohuzgVujw3lBNjRs86kvYv+2vA6nPkvZv+2vAyAF:Fl7J1ohrDZuzoYt1PoZtXAF","tlshash":"b722d662f5c0a021816b649a5466b77d74fea148fb038d20d648bbb9cba1dc35623ddc","first_seen":"2025-08-10T07:58:25.542076Z","last_seen":"2025-08-10T07:58:25.542076Z","times_seen":1,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":204,"dns":107,"connect":7,"send":0,"wait":13,"receive":0,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/imgextra/i1/O1CN01L12MaQ1ZwfYKk7Yrc_!!6000000003259-2-tps-900-594.png","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.178","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:00.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /imgextra/i1/O1CN01L12MaQ1ZwfYKk7Yrc_!!6000000003259-2-tps-900-594.png HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/avif\r\ncontent-length: 9829\r\ndate: Thu, 22 May 2025 14:00:10 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: HIT\r\nrequest-time: 0.006\r\ntraceid: 2ff6319717479224101623211e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2avif\r\ncache-control: max-age=31536000\r\nvia: ens-cache11.l2de3[0,0,200-0,H], ens-cache4.l2de3[4,0], ens-cache9.se2[0,0,200-0,H], ens-cache13.se2[2,0]\r\naccess-control-allow-origin: *\r\nage: 6890271\r\nali-swift-global-savetime: 1747922410\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 22 May 2025 14:05:35 GMT\r\nx-swift-cachetime: 31535675\r\nvary: Accept\r\ns-rt: 2\r\ntiming-allow-origin: *\r\neagleid: 2ff62ca117548126812494402e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":9829,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"b0d859e8b033a8704b639093ca60e4c4","sha1":"4a447e3dc6b3325d6e7934c0a5dc8c3a9ca5a99d","sha256":"023328b236c9d8bd312c058397cbf5e1a6846b962dcc576e33e80f25eb6a9878","sha512":"d0568554a36943f802eada31afbc3e98005a5156415288934431d871533190a362a4386081cc67a8949c9699c9f28d1b618254e189e2612c53f3878fad7deb75","ssdeep":"192:rGgLHNV2xT2qgv+aXrqDL+AiWnUCMgLO1rilHVpvIvAGVgejzAj4nw:rtT20QUwXlO1ridHrGVBAUw","tlshash":"b312afb496e04405d8c753703e89ce5973a52c35876e0f67ea86f351b6f4fd085b410b","first_seen":"2025-05-24T16:01:07.986287Z","last_seen":"2026-02-17T01:03:00.071334Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1833,"timings":{"blocked":909,"dns":878,"connect":15,"send":0,"wait":10,"receive":2,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/fireyejs/1.231.61/fireyejs.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:00.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /AWSC/fireyejs/1.231.61/fireyejs.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 192995\r\nServer: Tengine\r\nx-oss-request-id: 686CFC59989F1539370AED54\r\nAccept-Ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17247550246201688318\r\nx-oss-storage-class: Standard\r\nContent-Encoding: gzip\r\nContent-MD5: k6XYxMHuUbgB80RiWkg4Ww==\r\nx-oss-server-time: 9\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 210397ac17519729537478296e1c7a\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 15\r\ns-rt: 16\r\nSERVED-FROM: 23.73.1.138\r\nCache-Control: max-age=2070089, s-maxage=86400\r\nExpires: Wed, 03 Sep 2025 06:59:29 GMT\r\nDate: Sun, 10 Aug 2025 07:58:00 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nNetwork_Info: NO_OSLO_50304\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 95.101.11.50\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":460609,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b6438fd1e1cf271117330232c0e1c1cb","sha1":"a2bf22f081d21b6759d10eba03e68aab4f6e0ec5","sha256":"f2b20a5c5ccc3a18f8045ba80ab1f8ae174cd6a282a5d6b19a1079b51f714175","sha512":"861b6910105f544ec1c05053d86930735345a8abeb089e116676b53b487fd24cbc138890d4000f841350f8a91b29c119205f6646422632d566c8d8d0959d71ab","ssdeep":"12288:CZLigs7zY7+Xcv4RBwvg8WE3LdTQWyYEFsPVfzt5R3:UL9QzY8gwBwvoE3ZcWyYQ4V5D","tlshash":"11a407ead117065c80e4dfe0447bb2be59ac9f010d683895db62d72905d0feb38c9ea7","first_seen":"2025-07-09T10:22:56.398722Z","last_seen":"2026-03-19T07:34:09.4607Z","times_seen":8467,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/nc/1.97.0/nc.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.32","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:00.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /AWSC/nc/1.97.0/nc.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nServer: Tengine\r\nx-oss-request-id: 68872ADE73EA4130325D5CD2\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15901213936247592681\r\nx-oss-storage-class: Standard\r\nContent-MD5: iTF0bzkF8MhjniJ9Ewe9Bw==\r\nx-oss-server-time: 8\r\nContent-Encoding: gzip\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b41d917536887985367100e1fb4\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 15\r\ns-rt: 16\r\nContent-Length: 18548\r\nSERVED-FROM: 47.246.146.193\r\nCache-Control: max-age=1468118, s-maxage=86400\r\nExpires: Wed, 27 Aug 2025 07:46:38 GMT\r\nDate: Sun, 10 Aug 2025 07:58:00 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nNetwork_Info: NO_OSLO_50304\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 95.101.11.32\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":72240,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8931746f3905f0c8639e227d1307bd07","sha1":"2f72ce290e71b74db07b016648ea060cda1032c2","sha256":"94b2b99ad074012c1ce6d21a3827fecf7e4d7614babb94768282e0a17b071895","sha512":"64779fa25b05fb69dba5be09341f3d7ab2ed2c57a19e693bac5035a4d3028c69d1590fc08624ff2fb0842c1670fb53608f2cbe92709858dfd56b6e8790728c3b","ssdeep":"1536:LxKlgiTV1rcQXsD56EoZg9ORg6mvAR9B0GqIqZrSSnUDSi:68IRf0GqIqZrSSnUDSi","tlshash":"576317cb3291251d4693e6bacc7aa88d30358942c01ed63abffde1c2fb148553267f65","first_seen":"2024-03-02T06:13:52Z","last_seen":"2026-05-02T10:51:48.410773Z","times_seen":1402,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":15,"dns":1,"connect":1,"send":0,"wait":2,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vda-global.lilisi.com/favicon.ico","fqdn":"vda-global.lilisi.com","domain":"lilisi.com","tld":"com"},"ip":{"addr":"47.246.44.197","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:00.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lilisi.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 10 Mar 2025 00:00:00 GMT","end":"Thu, 26 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:3F:CD:60:00:5D:C3:9B:EC:48:15:20:28:A8:5E:9E:C4:46:25:97","sha256":"7D:22:A2:57:1F:2B:C6:47:25:9C:94:F1:7A:9F:F8:B0:D5:27:DB:C7:EE:3B:CA:DD:06:A2:F4:FB:DC:1A:00:F4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: vda-global.lilisi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200\r\nCookie: acw_tc=2ff62c9917548126801475630e8938c7c279600a8ecb86cf4dd6bf79cb; cdn_sec_tc=2ff62c9917548126801475630e8938c7c279600a8ecb86cf4dd6bf79cb\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 NOT FOUND\r\nServer: Tengine\r\nContent-Type: text/html\r\nContent-Length: 233\r\nConnection: keep-alive\r\nDate: Sun, 10 Aug 2025 07:58:00 GMT\r\nx-alicdn-da-ups-status: endOs,0,404\r\nVia: ens-cache16.l2eo166-18[16,0], ens-cache14.l2su121-10[103,0], cache16.l2hk4[106,0], ens-cache9.l2hk11[109,0], ens-cache11.l2de3[303,0], ens-cache5.se2[326,0]\r\nTiming-Allow-Origin: *\r\nEagleId: 2ff62c9917548126806906256e\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"NOT FOUND","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":233,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"ca783981d8cff646eececb652f636a3b","sha1":"c40de9ff0eb1a8adb68dcd7266d2e5c8f3610e8c","sha256":"12b6b36be9bd52d72587f75b3718b9d5979aaab9b1d1c27620463f330679dac5","sha512":"e556ba5fb58a7d0780a942ab45ee697663c7c93e35cc78faa0660e394435d5ccf179a6f9ff4d9dd6ff0bdc9c08b5353e1cc6c9b8770593dc0111b61ae5e9a52d","ssdeep":"","tlshash":"14d0235dd30653974071035031c157e3558f13b3713602ad5e41552f554777dc1d62d9","first_seen":"2023-05-09T01:15:38Z","last_seen":"2026-05-05T14:55:16.94513Z","times_seen":954,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"at.alicdn.com/t/font_1465353706_4784257.woff","fqdn":"at.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:02.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /t/font_1465353706_4784257.woff HTTP/1.1\r\nHost: at.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://vda-global.lilisi.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/octet-stream\r\ncontent-length: 5216\r\ndate: Sun, 10 Aug 2025 07:58:03 GMT\r\nx-oss-request-id: 6898510B9F70D6383323C59F\r\nvary: Origin\r\naccept-ranges: bytes\r\netag: \"430BDEDB43991B8E9B641437A919D094\"\r\nlast-modified: Fri, 24 Dec 2021 15:26:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13947311593546193641\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=63072000\r\ncontent-md5: Qwve20OZG46bZBQ3qRnQlA==\r\nx-oss-server-time: 1\r\nvia: ens-cache10.l2de3[709,709,200-0,M], ens-cache10.l2de3[710,0], ens-cache3.se2[734,733,200-0,M], ens-cache4.se2[736,0]\r\nali-swift-global-savetime: 1754812683\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Sun, 10 Aug 2025 07:58:03 GMT\r\nx-swift-cachetime: 31104000\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9817548126826287940e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5216,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format, TrueType, length 5216, version 1.0","md5":"430bdedb43991b8e9b641437a919d094","sha1":"86f8c751da8f49028360ac08e723a620f536d467","sha256":"28b58c4518bc9007b9a1321fe8e1267597f8a66f366ef5330e400d436e8d0100","sha512":"846a1fb35128b71e5214ff7e50345109bda07484e3de6412cfbabcf8f6fdb8df68a1dc2b43516b38e2f7e86b77446865602db34357650e98d6b6ffb1e0dbe352","ssdeep":"96:oLFReJdvdhnBNVysp2ztiYiXzNZeoRrdMr0EIipwgq3gF:oJR4dvv/BrYiXzNMr0h9gqk","tlshash":"0cb19f95a390dd63d2d495b039522be83bf1130d95e045df25cc8a3373585ab6543227","first_seen":"2023-05-10T14:52:09Z","last_seen":"2026-05-02T10:51:48.403646Z","times_seen":1586,"resource_available":false,"data":null}},"time_used":887,"timings":{"blocked":71,"dns":39,"connect":7,"send":0,"wait":745,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/AWSC/awsc.js?t=2050","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:00.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /AWSC/AWSC/awsc.js?t=2050 HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nServer: Tengine\r\nx-oss-request-id: 6898437962E4833939424C12\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11764853148195581825\r\nx-oss-storage-class: Standard\r\nContent-MD5: CgSWyHj+E44N20suylKkXQ==\r\nx-oss-server-time: 3\r\nContent-Encoding: gzip\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b427e17548092091856240e2030\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 8\r\ns-rt: 9\r\nContent-Length: 3981\r\nCache-Control: max-age=3729, s-maxage=3600\r\nExpires: Sun, 10 Aug 2025 09:00:09 GMT\r\nDate: Sun, 10 Aug 2025 07:58:00 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSERVED-FROM: 95.101.11.28\r\nNetwork_Info: NO_OSLO_50304\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 95.101.11.50\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":10982,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10982), with no line terminators","md5":"0a0496c878fe138e0ddb4b2eca52a45d","sha1":"8e1c943403ca3175a8de1bf338ad90a875748376","sha256":"3d2a07b4f5b396c633e7cc488a05bca3b7fdb4d6384b5db14b349b3c7d87471e","sha512":"7d94585e0ec90028f67186fcf4dacf56bf27661542ab6a4ebf1f2effb6be7259d8464bc9c041d846c1a308caa14640e2860fa90c08b7395ec0b9f6384930f6ef","ssdeep":"192:pTpGH5q1YwY8Pw4OdjwBvoKxdkSwqTyQJvWtHJyH:vhK/djwhoKxdkGen0","tlshash":"7432e78e3a50702b4b574471a4ff104d757e3ba21c4ec499ab5de1c06af837f066bea8","first_seen":"2025-07-31T08:33:12.75921Z","last_seen":"2025-08-20T04:43:44.63273Z","times_seen":9841,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":82,"dns":59,"connect":1,"send":0,"wait":38,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/et/1.83.35/et_f.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"95.101.11.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:00.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /AWSC/et/1.83.35/et_f.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 103824\r\nServer: Tengine\r\nx-oss-request-id: 6887248E989F15333758EF8E\r\nAccept-Ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4389186217373846546\r\nx-oss-storage-class: Standard\r\nContent-Encoding: gzip\r\nContent-MD5: 79ySMUZeJlMufi71al+Qcg==\r\nx-oss-server-time: 22\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b41d917536871823783956e1f92\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 29\r\ns-rt: 30\r\nSERVED-FROM: 95.101.11.46\r\nCache-Control: max-age=1466502, s-maxage=86400\r\nExpires: Wed, 27 Aug 2025 07:19:42 GMT\r\nDate: Sun, 10 Aug 2025 07:58:00 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nNetwork_Info: NO_OSLO_50304\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 95.101.11.50\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":295155,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (61374)","md5":"1e3880d214afdb9cd7ea9f2eaabe63c6","sha1":"a04d91f8d3d62d99af52e3995d3e9e075d128d3e","sha256":"b2b659fcc9b076682b602188df870cab2b00b7c698f0eb9ee8a8c4b2726cba31","sha512":"89fcbda260142f9587d9ce116649c5159aa96b14e1830f05ff7bba3ff14c4bf8c60eaed9638b3a6b6b9c05ff70a948f0f630c3f94b49544a7989edd02cd94d66","ssdeep":"3072:2j+GCnqhVKZgCcS5AgNTzFNQMknjF5Cv/SisoqXP4QsJK0NLkVy93XEP:h6+LAgNfFzQWvWXP4QsJTkgNX+","tlshash":"4e544f695213048d1262d7fd143b38caaca8cd14d6540cf7ae32cb97dca9ad350e79eb","first_seen":"2025-07-29T08:26:57.213487Z","last_seen":"2026-02-10T15:18:30.151276Z","times_seen":20939,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fourier.alibaba.com/ts?url=\u0026token=gWNo0D2hx8k7aAdWEwc5F9CToFWtNbGQTkdKvXnF3moXpWB7zHb30kQS9yrdtwq8RzHFVbF3myZCVWEKaDq3DmhLyke-8eqaxYe-2ykUxuoxv7UUeJ0E0lEndaiKYDqL88el61U7PXGEYGCO6mNPt4NoYHhENjyj2UiA61U7zXGFXGCT9ehxNcnETBuPgZ0K7XuUY0k20V0sTDrUYZ4qcSQSdklForoj8XoUYX70ua6XzcVUwSShNL8hdfGTi4DobzcXTCVD6YmazmAElS0ofczrmBRLi4Dobr4RqCaxNAVrQ8sDncPuuuD0HMjylKJaOqOIuwFDdKHrlqmtfFFazYujocQcod9IUqgrXZbDdpMrlqmOoZv6dYujzcC..\u0026cna=undefined\u0026ext=1","fqdn":"fourier.alibaba.com","domain":"alibaba.com","tld":"com"},"ip":{"addr":"47.246.165.245","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:01.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.alibaba.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 11 Mar 2025 05:07:02 GMT","end":"Sun, 12 Apr 2026 05:01:06 GMT"},"fingerprint":{"sha1":"5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B","sha256":"2F:B9:FB:33:64:3A:01:53:79:F3:6B:55:05:CE:EA:42:29:C5:70:F7:0E:3C:14:63:6C:AA:6E:5D:98:D4:34:F2"}}},"request":{"raw":"GET /ts?url=\u0026token=gWNo0D2hx8k7aAdWEwc5F9CToFWtNbGQTkdKvXnF3moXpWB7zHb30kQS9yrdtwq8RzHFVbF3myZCVWEKaDq3DmhLyke-8eqaxYe-2ykUxuoxv7UUeJ0E0lEndaiKYDqL88el61U7PXGEYGCO6mNPt4NoYHhENjyj2UiA61U7zXGFXGCT9ehxNcnETBuPgZ0K7XuUY0k20V0sTDrUYZ4qcSQSdklForoj8XoUYX70ua6XzcVUwSShNL8hdfGTi4DobzcXTCVD6YmazmAElS0ofczrmBRLi4Dobr4RqCaxNAVrQ8sDncPuuuD0HMjylKJaOqOIuwFDdKHrlqmtfFFazYujocQcod9IUqgrXZbDdpMrlqmOoZv6dYujzcC..\u0026cna=undefined\u0026ext=1 HTTP/1.1\r\nHost: fourier.alibaba.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 10 Aug 2025 07:58:02 GMT\r\ncontent-type: image/gif\r\ncontent-length: 0\r\nserver: Tengine/Aserver\r\neagleeye-traceid: 2101433417548126820602873e2c1f\r\nstrict-transport-security: max-age=31536000\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":1665,"timings":{"blocked":744,"dns":38,"connect":175,"send":0,"wait":177,"receive":0,"ssl":527},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7x8ax1.tdum.alibaba.com/dss.js","fqdn":"7x8ax1.tdum.alibaba.com","domain":"alibaba.com","tld":"com"},"ip":{"addr":"47.246.146.190","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:01.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.alibaba.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 11 Mar 2025 05:07:02 GMT","end":"Sun, 12 Apr 2026 05:01:06 GMT"},"fingerprint":{"sha1":"5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B","sha256":"2F:B9:FB:33:64:3A:01:53:79:F3:6B:55:05:CE:EA:42:29:C5:70:F7:0E:3C:14:63:6C:AA:6E:5D:98:D4:34:F2"}}},"request":{"raw":"GET /dss.js HTTP/1.1\r\nHost: 7x8ax1.tdum.alibaba.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 10 Aug 2025 07:58:01 GMT\r\ncontent-type: application/javascript\r\nserver: Tengine\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nups-target-key: umid-web.vipserver.global\r\nx-protocol: HTTP/2.0\r\neagleeye-traceid: 211b800a17548126818923901e1c05\r\nstrict-transport-security: max-age=31536000\r\ns-brt: 1\r\ns-rt: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":52,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"8aeb1dd232abeda24000ba2995f5e4ee","sha1":"371ad5b8e9a465fe5e99ac8fc697f7ff4a48ad42","sha256":"185eb08a1ddc03f08a99af12a6aed053b141bc77eaae357c03d669448794a5c6","sha512":"2b533d58e80a0b6bfe47395f072e162fc90ba0e6f16764140091c678cb74ff3ee389bd422372758773f996d6cec5ce9a850bb2b3cfb3bf7ddd49cc34ca67ea2f","ssdeep":"","tlshash":"8d90029004450ec140958128a9ed477a4310205003a02e1cb482712241f3d118434ef0","first_seen":"2025-08-10T07:58:25.550119Z","last_seen":"2025-08-10T07:58:25.550119Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1045,"timings":{"blocked":511,"dns":463,"connect":20,"send":0,"wait":22,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ynuf.aliapp.org/w/wu.json","fqdn":"ynuf.aliapp.org","domain":"aliapp.org","tld":"org"},"ip":{"addr":"124.239.14.253","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:01.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.alibabachengdun.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 13 Mar 2025 06:00:01 GMT","end":"Thu, 04 Sep 2025 00:00:00 GMT"},"fingerprint":{"sha1":"FC:28:B7:B3:30:25:A2:56:64:E2:FA:2B:0A:63:06:F4:A2:61:65:C3","sha256":"50:6B:1A:94:7D:29:2C:3B:6C:5A:C5:81:8D:12:23:02:E7:47:68:AF:41:0B:46:25:B6:F4:0A:85:58:44:12:A0"}}},"request":{"raw":"GET /w/wu.json HTTP/1.1\r\nHost: ynuf.aliapp.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Sun, 10 Aug 2025 07:58:03 GMT\r\ncontent-type: text/javascript;charset=utf-8\r\ncontent-length: 190\r\nx-application-context: umid-web:cn-prod:7001\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With\r\netag: T2gAyXYMf9RZ_3PTVp-aQ2eepO2F1Fr2oDgWcadlT9f4StoKezIBWKDDkP5j6XTorDY=\r\ncache-control: no-cache\r\nset-cookie: cbc=T2gAJ2E0mkHGvmu2zKFX2JuVhAflr1645LaN4Df-cWZ75J9jl_sxpSmlhD44oTH6Zdg=; Max-Age=31536000; Expires=Mon, 10-Aug-2026 07:58:03 GMT; Domain=ynuf.aliapp.org; Path=/\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":190,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"ea2c5fff92beae913c0ef1fee56f0e4a","sha1":"6bc48df2353d9c2ecc5dac45664ac95a21efc4ee","sha256":"1a8175163fd6a9bce2f7e1b481581bb214e47d50fffc62afc92cbd0885a5a0ff","sha512":"78715db3222a6a7021ce918f60314cb5813fcadd0ccaf8763e75d68ce2881f8ffae7d76c261286aaa9f1a6d88f20e85547c0e0e5e5cedd6a52c5f6f1c622eebd","ssdeep":"","tlshash":"41c012b011f805000684bd21b00a034881750636c8d3a326cc117f4813cccc11c7445c","first_seen":"2025-08-10T07:58:25.551244Z","last_seen":"2025-08-10T07:58:25.551244Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3147,"timings":{"blocked":1445,"dns":2,"connect":307,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cf-app-waf.cfc.aliyuncs.com/nocaptcha/initialize.jsonp?a=CF_APP_WAF\u0026t=68985108-5e66-1003-3802-f2ee166b4b08\u0026scene=register\u0026lang=en\u0026v=v1.3.21\u0026href=https%3A%2F%2Fvda-global.lilisi.com%2Fpc_dl%2Fcom.lilithgames.rok.pc.int%2Fff5a7e4128320b4b392ab0f84ab433ca.exe\u0026comm={}\u0026callback=initializeJsonp_08055465537372438","fqdn":"cf-app-waf.cfc.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vda-global.lilisi.com/pc_dl/com.lilithgames.rok.pc.int/ff5a7e4128320b4b392ab0f84ab433ca.exe?t=1752811200","date":"2025-08-10T07:58:01.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cfc.aliyuncs.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 14 Apr 2025 04:06:02 GMT","end":"Sat, 16 May 2026 04:06:01 GMT"},"fingerprint":{"sha1":"E2:12:F7:4F:54:B6:67:9D:36:35:B7:95:69:6A:B4:39:49:44:EF:57","sha256":"04:76:BA:A1:E2:64:49:D5:F4:46:A8:9A:0F:4D:1D:C6:60:E7:F3:9A:99:09:12:C8:F1:68:1F:6C:5F:8F:FF:25"}}},"request":{"raw":"GET /nocaptcha/initialize.jsonp?a=CF_APP_WAF\u0026t=68985108-5e66-1003-3802-f2ee166b4b08\u0026scene=register\u0026lang=en\u0026v=v1.3.21\u0026href=https%3A%2F%2Fvda-global.lilisi.com%2Fpc_dl%2Fcom.lilithgames.rok.pc.int%2Fff5a7e4128320b4b392ab0f84ab433ca.exe\u0026comm={}\u0026callback=initializeJsonp_08055465537372438 HTTP/1.1\r\nHost: cf-app-waf.cfc.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vda-global.lilisi.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":4899,"timings":{"blocked":1114,"dns":1795,"connect":1837,"send":1990,"wait":0,"receive":0,"ssl":2584},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}